CVE-2013-0151
- EPSS 0.6%
- Veröffentlicht 07.03.2013 05:04:42
- Zuletzt bearbeitet 29.04.2026 01:13:23
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings an...
CVE-2013-0153
- EPSS 0.41%
- Veröffentlicht 14.02.2013 22:55:02
- Zuletzt bearbeitet 29.04.2026 01:13:23
The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt...
CVE-2012-5634
- EPSS 0.72%
- Veröffentlicht 14.02.2013 22:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an...
CVE-2013-0152
- EPSS 0.37%
- Veröffentlicht 13.02.2013 01:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.
CVE-2013-0231
- EPSS 0.44%
- Veröffentlicht 13.02.2013 01:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of ker...
CVE-2013-0154
- EPSS 0.37%
- Veröffentlicht 12.01.2013 04:33:49
- Zuletzt bearbeitet 29.04.2026 01:13:23
The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall.
CVE-2012-5514
- EPSS 0.41%
- Veröffentlicht 13.12.2012 11:53:49
- Zuletzt bearbeitet 16.06.2026 23:46:55
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vect...
CVE-2012-5515
- EPSS 0.41%
- Veröffentlicht 13.12.2012 11:53:49
- Zuletzt bearbeitet 16.06.2026 23:46:55
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
CVE-2012-5525
- EPSS 1.6%
- Veröffentlicht 13.12.2012 11:53:49
- Zuletzt bearbeitet 16.06.2026 23:46:56
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
CVE-2012-6333
- EPSS 0.4%
- Veröffentlicht 13.12.2012 11:53:49
- Zuletzt bearbeitet 16.06.2026 23:48:00
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.