CVE-2018-12893
- EPSS 0.41%
- Veröffentlicht 02.07.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:03
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a g...
CVE-2018-10982
- EPSS 0.49%
- Veröffentlicht 10.05.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:26
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to...
CVE-2018-10981
- EPSS 0.44%
- Veröffentlicht 10.05.2018 22:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:26
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.
CVE-2018-8897
- EPSS 18.26%
- Veröffentlicht 08.05.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:33
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that ...
CVE-2018-10471
- EPSS 0.43%
- Veröffentlicht 27.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:22
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
CVE-2018-10472
- EPSS 0.37%
- Veröffentlicht 27.04.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:41:22
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot...
CVE-2018-7540
- EPSS 0.44%
- Veröffentlicht 27.02.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:19
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.
CVE-2018-7541
- EPSS 0.43%
- Veröffentlicht 27.02.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:19
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
CVE-2018-7542
- EPSS 0.39%
- Veröffentlicht 27.02.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:19
An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.
CVE-2018-5244
- EPSS 0.37%
- Veröffentlicht 05.01.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:24
In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of servic...