Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.3.0 vulnerabilities and exploits
(subscribe to this query)
169
VMScore
CVE-2013-4369
The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration.
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.0
409
VMScore
CVE-2013-4370
The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors tha...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
392
VMScore
CVE-2013-4371
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of servi...
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
516
VMScore
CVE-2014-1895
Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory ...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
605
VMScore
CVE-2013-6400
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of servic...
Xen Xen 4.2.3
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.3.0
392
VMScore
CVE-2014-1642
The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor cr...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.2.2
739
VMScore
CVE-2014-1666
The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 up to and including 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest mal...
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.2
Xen Xen 4.1.5
Xen Xen 4.2.3
Xen Xen 4.1.6.1
507
VMScore
CVE-2013-4551
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction ...
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.1
Xen Xen 4.2.2
436
VMScore
CVE-2014-1896
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.2.3
Xen Xen 4.3.1
481
VMScore
CVE-2013-4356
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).
Xen Xen 4.3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »