CVE-2014-3715
- EPSS 0.41%
- Veröffentlicht 19.05.2014 14:55:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in Xen 4.4.x allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit guest kernel, related to searching for an appended DTB.
CVE-2014-3716
- EPSS 0.39%
- Veröffentlicht 19.05.2014 14:55:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of service (crash) via an unspecified field in a DTB header in a 32-bit guest kernel.
CVE-2014-3717
- EPSS 0.41%
- Veröffentlicht 19.05.2014 14:55:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows local users to read system memory or cause a denial of service (crash) via a crafted kernel, which triggers a buffer overflow.
CVE-2014-3124
- EPSS 0.81%
- Veröffentlicht 07.05.2014 10:55:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page ta...
CVE-2014-3125
- EPSS 0.63%
- Veröffentlicht 02.05.2014 14:55:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash) via unspecified vectors.
CVE-2014-2986
- EPSS 0.64%
- Veröffentlicht 28.04.2014 14:09:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denial of service (NULL pointer dereference and host cra...
CVE-2014-2915
- EPSS 0.62%
- Veröffentlicht 24.04.2014 14:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1) cache control, (2) coprocessors,...
CVE-2014-2580
- EPSS 0.35%
- Veröffentlicht 15.04.2014 23:13:13
- Zuletzt bearbeitet 06.05.2026 22:30:45
The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service ("scheduling while atomic" error and host crash) via a malformed packet, which ...
CVE-2014-1891
- EPSS 0.55%
- Veröffentlicht 01.04.2014 06:35:53
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause ...
CVE-2014-1892
- EPSS 0.54%
- Veröffentlicht 01.04.2014 06:35:53
- Zuletzt bearbeitet 06.05.2026 22:30:45
Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894.