CVE-2014-9065
- EPSS 0.37%
- Veröffentlicht 09.12.2014 23:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a dif...
CVE-2014-8867
- EPSS 0.47%
- Veröffentlicht 01.12.2014 15:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) v...
CVE-2014-8866
- EPSS 0.43%
- Veröffentlicht 01.12.2014 15:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The compatibility mode hypercall argument translation in Xen 3.3.x through 4.4.x, when running on a 64-bit hypervisor, allows local 32-bit HVM guests to cause a denial of service (host crash) via vectors involving altering the high halves of register...
CVE-2014-9030
- EPSS 2.2%
- Veröffentlicht 24.11.2014 15:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.
CVE-2014-8595
- EPSS 0.41%
- Veröffentlicht 19.11.2014 18:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJM...
CVE-2014-8594
- EPSS 2.22%
- Veröffentlicht 19.11.2014 18:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation ser...
CVE-2014-5148
- EPSS 0.4%
- Veröffentlicht 26.10.2014 20:55:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit ...
CVE-2014-7154
- EPSS 0.74%
- Veröffentlicht 02.10.2014 14:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
CVE-2014-7155
- EPSS 0.97%
- Veröffentlicht 02.10.2014 14:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges ...
CVE-2014-7156
- EPSS 0.85%
- Veröffentlicht 02.10.2014 14:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of servi...