Filtered by vendor Xen
Subscriptions
Total
483 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0152 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled. | ||||
| CVE-2012-4411 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998. | ||||
| CVE-2012-5510 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors. | ||||
| CVE-2013-0151 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs. | ||||
| CVE-2013-1918 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." | ||||
| CVE-2013-1920 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to inject arbitrary events and gain privileges via unspecified vectors. | ||||
| CVE-2013-2211 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors. | ||||
| CVE-2013-4369 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration. | ||||
| CVE-2013-6375 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2025-04-11 | N/A |
| Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean parameter." | ||||
| CVE-2013-6400 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors. | ||||
| CVE-2011-1780 | 2 Redhat, Xen | 2 Enterprise Linux, Xen | 2025-04-11 | N/A |
| The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. | ||||
| CVE-2014-1642 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor crash) and possibly execute arbitrary code via vectors related to an out-of-memory error that triggers a (1) use-after-free or (2) double free. | ||||
| CVE-2012-0218 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering an exception that would normally be handled within Xen. | ||||
| CVE-2012-3515 | 7 Canonical, Debian, Opensuse and 4 more | 15 Ubuntu Linux, Debian Linux, Opensuse and 12 more | 2025-04-11 | N/A |
| Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||||
| CVE-2012-6030 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | ||||
| CVE-2012-6036 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | ||||
| CVE-2013-0153 | 2 Redhat, Xen | 2 Enterprise Linux, Xen | 2025-04-11 | N/A |
| The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. | ||||
| CVE-2013-1432 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service (premature page free and hypervisor crash) or possibly gain privileges via unspecified vectors. | ||||
| CVE-2013-1917 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction. | ||||
| CVE-2013-1922 | 1 Xen | 1 Xen | 2025-04-11 | N/A |
| qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different vulnerability than CVE-2008-2004. | ||||