CVE-2012-3498
- EPSS 0.44%
- Veröffentlicht 23.11.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:20
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map-...
CVE-2012-3515
- EPSS 0.53%
- Veröffentlicht 23.11.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:23
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device mode...
CVE-2012-3516
- EPSS 0.36%
- Veröffentlicht 23.11.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:43:23
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant refer...
CVE-2012-4411
- EPSS 0.38%
- Veröffentlicht 23.11.2012 20:55:03
- Zuletzt bearbeitet 16.06.2026 23:44:57
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
CVE-2012-4535
- EPSS 0.39%
- Veröffentlicht 21.11.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:45:16
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
CVE-2012-4536
- EPSS 0.42%
- Veröffentlicht 21.11.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:45:16
The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in Xen 2.2 allows local guest OS administrators to cause a denial of service (Xen crash) via a crafted pirq value that triggers an out-of-bounds read.
CVE-2012-4537
- EPSS 0.43%
- Veröffentlicht 21.11.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:45:17
Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assert...
CVE-2012-4539
- EPSS 0.43%
- Veröffentlicht 21.11.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:45:17
Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service (infinite loop and hang or crash) via invalid arguments to GNTTABOP_get_status_frames, aka "Grant table hy...
CVE-2012-4544
- EPSS 0.42%
- Veröffentlicht 31.10.2012 16:55:05
- Zuletzt bearbeitet 16.06.2026 23:45:18
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (...
CVE-2012-2625
- EPSS 0.92%
- Veröffentlicht 31.10.2012 16:55:02
- Zuletzt bearbeitet 16.06.2026 23:41:46
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image.