Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 3.2.0 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2015-8552
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x up to and including 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a s...
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.2.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.0.4
Xen Xen 3.4.2
Xen Xen 3.4.1
Xen Xen 3.2.1
Xen Xen 3.2.0
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.1.6.1
Xen Xen 4.1.6
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.2
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.2.5
Xen Xen 4.2.4
NA
CVE-2015-8340
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handli...
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 3.2.1
Xen Xen 3.2.0
Xen Xen 4.1.6
Xen Xen 4.1.6.1
Xen Xen 4.2.2
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.4.0
NA
CVE-2015-8339
The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.4.2
Xen Xen 4.4.3
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 3.2.1
Xen Xen 3.2.0
Xen Xen 4.1.6
Xen Xen 4.1.6.1
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.0.3
Xen Xen 4.0.4
NA
CVE-2015-7971
Xen 3.2.x up to and including 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properl...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
NA
CVE-2015-4164
The compat_iret function in Xen 3.1 up to and including 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set.
Xen Xen 3.1.3
Xen Xen 3.1.4
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.4.0
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
NA
CVE-2015-2045
The HYPERVISOR_xen_version hypercall in Xen 3.2.x up to and including 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.2.3
Xen Xen 3.3.0
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
NA
CVE-2015-2044
The emulation routines for unspecified X86 devices in Xen 3.2.x up to and including 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
Xen Xen 4.4.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
NA
CVE-2014-9030
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x up to and including 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.
Xen Xen 3.2.0
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.2.3
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.3.0
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.3
Xen Xen 4.1.4
NA
CVE-2014-7155
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and previous versions does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involvin...
Xen Xen 3.1.3
Xen Xen 3.1.4
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.4.0
Xen Xen
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 3.0.3
Xen Xen 3.0.4
Xen Xen 3.3.0
Xen Xen 3.3.1
NA
CVE-2014-1893
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a diffe...
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »