CVE-2008-1619
- EPSS 0.63%
- Published 02.04.2008 16:44:00
- Last modified 09.04.2025 00:30:58
The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool.
CVE-2007-6207
- EPSS 0.09%
- Published 04.12.2007 00:46:00
- Last modified 09.04.2025 00:30:58
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
CVE-2007-5906
- EPSS 0.06%
- Published 09.11.2007 19:46:00
- Last modified 09.04.2025 00:30:58
Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
CVE-2007-5907
- EPSS 0.06%
- Published 09.11.2007 19:46:00
- Last modified 09.04.2025 00:30:58
Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
- EPSS 0.04%
- Published 28.10.2007 17:08:00
- Last modified 09.04.2025 00:30:58
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
CVE-2007-4993
- EPSS 0.16%
- Published 27.09.2007 17:17:00
- Last modified 09.04.2025 00:30:58
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec st...