Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.38%
  • Veröffentlicht 17.12.2015 19:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exc...

  • EPSS 0.38%
  • Veröffentlicht 17.12.2015 19:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain te...

  • EPSS 0.42%
  • Veröffentlicht 17.12.2015 19:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS ad...

  • EPSS 0.4%
  • Veröffentlicht 17.11.2015 15:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.

  • EPSS 2.5%
  • Veröffentlicht 16.11.2015 11:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.

  • EPSS 0.57%
  • Veröffentlicht 16.11.2015 11:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.

  • EPSS 0.43%
  • Veröffentlicht 30.10.2015 15:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which ...

  • EPSS 0.43%
  • Veröffentlicht 30.10.2015 15:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, whi...

  • EPSS 0.44%
  • Veröffentlicht 30.10.2015 15:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory con...

  • EPSS 0.44%
  • Veröffentlicht 30.10.2015 15:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated us...