Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 3.2.0 vulnerabilities and exploits
(subscribe to this query)
5.2
CVSSv2
CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.1
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.1.0
5.2
CVSSv2
CVE-2014-1893
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a diffe...
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
5.5
CVSSv2
CVE-2011-1166
Xen, possibly prior to 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
Xen Xen 3.1.4
Xen Xen 3.2.1
Xen Xen 3.3.2
Xen Xen 3.4.1
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.2
Xen Xen 3.0.3
Xen Xen 3.0.4
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen
Xen Xen 3.1.3
Xen Xen 3.2.0
Xen Xen 3.4.0
Xen Xen 3.4.2
5.5
CVSSv2
CVE-2011-2901
Off-by-one error in the __addr_ok macro in Xen 3.3 and previous versions allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.0.4
Xen Xen
Xen Xen 3.2.2
Xen Xen 3.0.3
Xen Xen 3.2.3
Xen Xen 3.0.2
Xen Xen 3.1.4
Xen Xen 3.1.3
1.9
CVSSv2
CVE-2013-1917
Xen 3.1 up to and including 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handl...
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 3.3.0
Xen Xen 3.4.3
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen 3.2.1
Xen Xen 3.4.4
Xen Xen 3.4.1
Xen Xen 4.0.0
Xen Xen 4.1.4
Xen Xen 3.2.2
Xen Xen 3.2.0
4.4
CVSSv2
CVE-2013-1920
Xen 4.2.x, 4.1.x, and previous versions, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free ...
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 3.3.1
Xen Xen 3.2.3
Xen Xen 3.1.3
Xen Xen 3.0.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.2.2
Xen Xen 3.1.4
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.0.1
Xen Xen 4.0.0
Xen Xen 3.2.0
Xen Xen 3.0.4
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.4.4
Xen Xen 3.4.1
4.9
CVSSv2
CVE-2013-0231
The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some o...
Xen Xen 3.0.4
Xen Xen 3.0.2
Xen Xen 3.2.0
Xen Xen 3.1.3
Xen Xen 3.2.3
Xen Xen 3.0.3
Xen Xen 3.1.4
Linux Linux Kernel 2.6.18
Linux Linux Kernel 3.8
Xen Xen 3.2.1
Xen Xen 3.2.2
6.9
CVSSv2
CVE-2012-5513
The XENMEM_exchange handler in Xen 4.2 and previous versions does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.0.4
Xen Xen 3.4.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.2.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 3.0.3
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen
Xen Xen 3.3.1
Xen Xen 3.0.2
Xen Xen 3.4.2
Xen Xen 3.4.1
4.7
CVSSv2
CVE-2012-5514
The guest_physmap_mark_populate_on_demand function in Xen 4.2 and previous versions does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.
Xen Xen
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 3.0.4
Xen Xen 3.0.3
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 3.4.2
Xen Xen 3.4.0
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.0.0
Xen Xen 3.4.3
Xen Xen 3.3.2
Xen Xen 3.2.3
Xen Xen 3.0.2
Xen Xen 4.1.3
4.7
CVSSv2
CVE-2012-5515
The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and previous versions allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 3.2.0
Xen Xen 3.1.4
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 3.2.2
Xen Xen 3.2.1
Xen Xen 4.0.3
Xen Xen 4.0.2
Xen Xen 3.4.0
Xen Xen 3.3.0
Xen Xen 3.1.3
Xen Xen 3.0.4
Xen Xen
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »