Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.86%
  • Veröffentlicht 02.10.2014 14:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other gues...

  • EPSS 0.43%
  • Veröffentlicht 29.08.2014 16:55:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a crafted 32-bit process.

  • EPSS 0.43%
  • Veröffentlicht 22.08.2014 14:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking thes...

  • EPSS 0.43%
  • Veröffentlicht 22.08.2014 14:55:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page a...

  • EPSS 0.54%
  • Veröffentlicht 09.07.2014 14:55:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive...

  • EPSS 0.68%
  • Veröffentlicht 18.06.2014 19:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

  • EPSS 0.71%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecif...

  • EPSS 0.72%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.

  • EPSS 0.65%
  • Veröffentlicht 05.06.2014 20:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.

  • EPSS 0.41%
  • Veröffentlicht 19.05.2014 14:55:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer ...