Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.44%
  • Veröffentlicht 15.06.2015 15:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_v...

  • EPSS 0.48%
  • Veröffentlicht 03.06.2015 20:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.

  • EPSS 3.43%
  • Veröffentlicht 03.06.2015 20:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.

  • EPSS 0.45%
  • Veröffentlicht 03.06.2015 20:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and acces...

  • EPSS 15.28%
  • Veröffentlicht 13.05.2015 18:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_...

  • EPSS 0.79%
  • Veröffentlicht 28.04.2015 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.

  • EPSS 0.41%
  • Veröffentlicht 05.04.2015 21:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the Linux kernel 2.6.18), as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from...

  • EPSS 0.45%
  • Veröffentlicht 01.04.2015 14:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O ...

  • EPSS 0.45%
  • Veröffentlicht 01.04.2015 14:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the devi...

  • EPSS 2.28%
  • Veröffentlicht 01.04.2015 14:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.