Xen

Xen

476 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-12136

  • EPSS 0.05%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling...

8.8

CVE-2017-12137

  • EPSS 0.1%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.

6.5

CVE-2017-12855

  • EPSS 0.09%
  • Veröffentlicht 15.08.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in...

10

CVE-2017-10912

  • EPSS 1.67%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217.

9.8

CVE-2017-10913

  • EPSS 1.2%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.

8.1

CVE-2017-10914

  • EPSS 0.6%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.

9

CVE-2017-10915

  • EPSS 0.49%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.

7.5

CVE-2017-10916

  • EPSS 0.39%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, a...

9.4

CVE-2017-10917

  • EPSS 0.84%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.

10

CVE-2017-10918

  • EPSS 1.67%
  • Veröffentlicht 05.07.2017 01:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.