Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.4.1 vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2016-4480
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and previous versions does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of me...
Oracle Vm Server 3.4
Oracle Vm Server 3.2
Oracle Vm Server 3.3
Xen Xen
8.8
CVSSv3
CVE-2016-3960
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping.
Xen Xen -
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Oracle Vm Server 3.4
Oracle Vm Server 3.3
Oracle Vm Server 3.2
8.2
CVSSv3
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
Xen Xen -
Novell Suse Linux Enterprise Real Time Extension 12
1 Github repository
3.8
CVSSv3
CVE-2016-3158
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception a...
Xen Xen
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Oracle Vm Server 3.4
Oracle Vm Server 3.3
3.8
CVSSv3
CVE-2016-3159
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exceptio...
Oracle Vm Server 3.3
Oracle Vm Server 3.4
Xen Xen
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Debian Debian Linux 8.0
8.6
CVSSv3
CVE-2015-8555
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and previous versions do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vect...
Citrix Xenserver 6.0
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.6.0
Xen Xen 4.3.4
Xen Xen 4.3.3
Xen Xen 4.4.1
Xen Xen 4.4.0
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.5.3
Xen Xen 4.5.2
Xen Xen 4.3.0
Xen Xen 4.4.4
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.6.1
5.5
CVSSv3
CVE-2016-2271
VMX in Xen 4.6.x and previous versions, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP.
Xen Xen 4.6.0
Xen Xen 4.6.1
6.8
CVSSv3
CVE-2016-2270
Xen 4.6.x and previous versions allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Xen Xen
Oracle Vm Server 3.4
7
CVSSv3
CVE-2015-8709
kernel/ptrace.c in the Linux kernel up to and including 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace sys...
Linux Linux Kernel
8.5
CVSSv3
CVE-2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x up to and including 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the...
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.1
Xen Xen 4.6.0
Xen Xen 4.5.2
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.3.0
Xen Xen 4.2.5
Xen Xen 4.1.6
Xen Xen 4.1.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »