Xen

Xen

491 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.53%
  • Veröffentlicht 12.09.2013 18:37:43
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a d...

  • EPSS 0.58%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service (premature page free and hypervisor crash) or possibl...

  • EPSS 1.06%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) a...

  • EPSS 0.5%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instruct...

  • EPSS 0.53%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors.

  • EPSS 0.56%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspeci...

  • EPSS 0.62%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GF...

  • EPSS 0.39%
  • Veröffentlicht 28.08.2013 21:55:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a Syst...

  • EPSS 0.38%
  • Veröffentlicht 23.08.2013 16:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel.

  • EPSS 0.38%
  • Veröffentlicht 23.08.2013 16:55:07
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations.