Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.67%
  • Veröffentlicht 07.01.2014 19:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.

  • EPSS 0.69%
  • Veröffentlicht 07.01.2014 19:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread.

  • EPSS 0.47%
  • Veröffentlicht 07.01.2014 19:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified ...

  • EPSS 0.68%
  • Veröffentlicht 27.12.2013 01:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.

  • EPSS 0.57%
  • Veröffentlicht 24.12.2013 19:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).

  • EPSS 0.61%
  • Veröffentlicht 24.12.2013 19:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

  • EPSS 0.66%
  • Veröffentlicht 13.12.2013 18:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrato...

  • EPSS 1.39%
  • Veröffentlicht 23.11.2013 11:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified ...

  • EPSS 0.8%
  • Veröffentlicht 18.11.2013 02:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related t...

  • EPSS 0.55%
  • Veröffentlicht 02.11.2013 19:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.