Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix xen vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2023-34324
Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. tr...
Xen Xen -
Linux Linux Kernel
7.8
CVSSv3
CVE-2023-34326
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA m...
Xen Xen
5.5
CVSSv3
CVE-2023-34327
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors...
Xen Xen
5.5
CVSSv3
CVE-2023-46835
The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels. However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels bas...
Xen Xen
7.8
CVSSv3
CVE-2023-34319
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet bei...
Xen Xen
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2022-40982
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Redhat Enterprise Linux 7.0
Xen Xen -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Intel Microcode
Intel Xeon E-2314 Firmware -
Intel Xeon E-2324g Firmware -
Intel Xeon E-2334 Firmware -
Intel Xeon E-2374g Firmware -
Intel Xeon E-2336 Firmware -
Intel Xeon E-2356g Firmware -
Intel Xeon E-2386g Firmware -
Intel Xeon E-2378 Firmware -
Intel Xeon E-2378g Firmware -
Intel Xeon E-2388g Firmware -
Intel Xeon W-1350 Firmware -
Intel Xeon W-1350p Firmware -
Intel Xeon W-1370 Firmware -
Intel Xeon W-1370p Firmware -
Intel Xeon W-1390t Firmware -
Intel Xeon W-1390 Firmware -
2 Github repositories
2 Articles
5.5
CVSSv3
CVE-2023-20588
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Amd Epyc 7351p Firmware -
Amd Epyc 7401p Firmware -
Amd Epyc 7551p Firmware -
Amd Epyc 7251 Firmware -
Amd Epyc 7261 Firmware -
Amd Epyc 7281 Firmware -
Amd Epyc 7301 Firmware -
Amd Epyc 7351 Firmware -
Amd Epyc 7371 Firmware -
Amd Epyc 7401 Firmware -
Amd Epyc 7451 Firmware -
Amd Epyc 7501 Firmware -
Amd Epyc 7551 Firmware -
Amd Epyc 7571 Firmware -
Amd Epyc 7601 Firmware -
Amd Ryzen 5 Pro 3400g Firmware -
Amd Ryzen 5 3400g Firmware -
Amd Ryzen 5 Pro 3400ge Firmware -
Amd Ryzen 5 Pro 3350g Firmware -
1 Article
5.5
CVSSv3
CVE-2023-20593
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an malicious user to potentially access sensitive information.
Xen Xen 4.15.0
Xen Xen 4.17.0
Xen Xen 4.16.0
Xen Xen 4.14.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Amd Ryzen 3 3100 Firmware -
Amd Ryzen 3 3300x Firmware -
Amd Ryzen 5 3500 Firmware -
Amd Ryzen 5 3500x Firmware -
Amd Ryzen 5 3600 Firmware -
Amd Ryzen 5 3600x Firmware -
Amd Ryzen 5 3600xt Firmware -
Amd Ryzen 7 3700x Firmware -
Amd Ryzen 7 3800x Firmware -
Amd Ryzen 7 3800xt Firmware -
Amd Ryzen 9 3900 Firmware -
Amd Ryzen 9 3900x Firmware -
Amd Ryzen 9 3900xt Firmware -
Amd Ryzen 9 3950x Firmware -
Amd Ryzen 9 Pro 3900 Firmware -
2 Github repositories
1 Article
5.5
CVSSv3
CVE-2022-23034
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unma...
Xen Xen
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Debian Debian Linux 11.0
4.6
CVSSv3
CVE-2022-23035
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quie...
Xen Xen
Fedoraproject Fedora 34
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »