Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3967
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Xen Xen 4.2.3
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.4.0
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Xen Xen 4.3.0
Xen Xen 4.3.1
NA
CVE-2014-3124
The HVMOP_set_mem_type control in Xen 4.1 up to and including 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations f...
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.6.1
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.4.0
Xen Xen 4.1.0
Xen Xen 4.1.1
NA
CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.1
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.1.0
NA
CVE-2014-1895
Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory ...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
NA
CVE-2014-1896
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.2.3
Xen Xen 4.3.1
NA
CVE-2014-2599
The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x up to and including 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.
Xen Xen 4.3.2
Xen Xen 4.4.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.2
Xen Xen 4.1.5
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.3.1
NA
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
NA
CVE-2014-1642
The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor cr...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.2.2
NA
CVE-2013-4375
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x prior to 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
Xen Xen 4.3.0
Qemu Qemu 1.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
NA
CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x up to and including 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.0.0
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.2.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 3.4.4
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »