Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.0 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv2
CVE-2012-6031
The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue ...
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
4.4
CVSSv2
CVE-2012-6034
The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv functions and the (3) TMEMC_SAVE_GET_POOL_UUID sub-operation in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS use...
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
4.4
CVSSv2
CVE-2012-6036
The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption ...
Xen Xen 4.1.0
Xen Xen 4.2.0
Xen Xen 4.0.0
6.9
CVSSv2
CVE-2012-3497
(1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) TMEMC_SAVE_GET_CLIENT_FLAGS and (4) TMEMC_SAVE_END in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (NULL pointer dereference or memory corruptio...
Xen Xen 4.2.0
Xen Xen 4.0.0
Xen Xen 4.1.0
4.6
CVSSv2
CVE-2013-0151
The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging...
Xen Xen 4.2.0
Xen Xen 4.2.1
1.9
CVSSv2
CVE-2013-4369
The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration.
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.0
4.6
CVSSv2
CVE-2013-4370
The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors tha...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
4.4
CVSSv2
CVE-2013-4371
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of servi...
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
2.1
CVSSv2
CVE-2012-3494
The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 de...
Citrix Xenserver
Xen Xen 4.0.0
Xen Xen 4.1.0
Xen Xen 4.2.0
4.7
CVSSv2
CVE-2012-3496
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and previous versions, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_de...
Xen Xen 4.0.0
Xen Xen 4.1.0
Xen Xen 4.2.0
Citrix Xenserver
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »