Xen

Xen

476 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2015-5166

  • EPSS 0.07%
  • Veröffentlicht 12.08.2015 14:59:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.

9.3

CVE-2015-5165

  • EPSS 10.86%
  • Veröffentlicht 12.08.2015 14:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

7.2

CVE-2015-5154

  • EPSS 0.2%
  • Veröffentlicht 12.08.2015 14:59:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

6.8

CVE-2015-3259

  • EPSS 0.06%
  • Veröffentlicht 16.07.2015 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument.

4.9

CVE-2015-4164

  • EPSS 0.07%
  • Veröffentlicht 15.06.2015 15:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.

4.9

CVE-2015-4163

  • EPSS 0.1%
  • Veröffentlicht 15.06.2015 15:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_v...

4.9

CVE-2015-4105

  • EPSS 0.12%
  • Veröffentlicht 03.06.2015 20:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.

7.8

CVE-2015-4104

  • EPSS 8.43%
  • Veröffentlicht 03.06.2015 20:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.

4.9

CVE-2015-4103

  • EPSS 0.12%
  • Veröffentlicht 03.06.2015 20:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and acces...

7.7

CVE-2015-3456

  • EPSS 33.91%
  • Veröffentlicht 13.05.2015 18:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_...