Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.1.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 4.1.4
Xen Xen 4.3.1
Xen Xen 4.2.1
NA
CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x up to and including 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.1.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 3.4.1
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.0.1
NA
CVE-2013-4416
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.6.1
Xen Xen 4.1.4
Xen Xen 4.3.1
Xen Xen 4.2.1
NA
CVE-2013-4494
Xen prior to 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.
Xen Xen
Debian Debian Linux 7.0
NA
CVE-2013-4361
The fbld instruction emulation in Xen 3.3.x up to and including 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.1.3
Xen Xen 3.3.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 3.4.1
Xen Xen 3.3.0
Xen Xen 4.2.1
Xen Xen 4.0.1
NA
CVE-2013-1442
Xen 4.0 up to and including 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows loca...
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.1.2
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.1
Xen Xen 4.0.1
Xen Xen 4.0.3
NA
CVE-2013-4329
The xenlight library (libxl) in Xen 4.0.x up to and including 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service v...
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.1.2
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.1
Xen Xen 4.0.1
Xen Xen 4.0.3
NA
CVE-2013-2072
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges vi...
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Debian Debian Linux 7.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
NA
CVE-2013-2212
The vmx_set_uc_mode function in Xen 3.3 up to and including 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range.
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 3.4.0
Xen Xen 4.3.0
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 3.3.2
Xen Xen 4.1.2
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.1.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 3.4.3
Xen Xen 4.1.3
Xen Xen 3.3.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 3.4.1
Xen Xen 3.3.0
Xen Xen 4.2.1
Xen Xen 4.0.1
NA
CVE-2013-2076
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which c...
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »