Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.2 vulnerabilities and exploits
(subscribe to this query)
507
VMScore
CVE-2013-2212
The vmx_set_uc_mode function in Xen 3.3 up to and including 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range.
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 4.3.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
436
VMScore
CVE-2015-7969
Multiple memory leaks in Xen 4.0 up to and including 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the ...
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.0.0
Xen Xen 4.1.2
Xen Xen 4.1.3
463
VMScore
CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.1
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.1.0
481
VMScore
CVE-2014-8594
The do_mmu_update function in arch/x86/mm.c in Xen 4.x up to and including 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM gues...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Debian Debian Linux 7.0
Xen Xen 4.0.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.2.1
543
VMScore
CVE-2014-7154
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 up to and including 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Debian Debian Linux 7.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.1
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
418
VMScore
CVE-2013-3495
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x up to and including 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Xen Xen 4.3.0
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
1 Article
169
VMScore
CVE-2013-1917
Xen 3.1 up to and including 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handl...
Xen Xen 3.1.4
Xen Xen 3.1.3
Xen Xen 3.3.0
Xen Xen 3.4.3
Xen Xen 4.0.2
Xen Xen 4.0.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.4
Xen Xen 4.0.3
Xen Xen 4.2.0
Xen Xen 4.1.3
Xen Xen 3.2.3
Xen Xen 3.2.1
Xen Xen 3.4.4
Xen Xen 3.4.1
Xen Xen 4.0.0
Xen Xen 4.1.4
Xen Xen 3.2.2
Xen Xen 3.2.0
694
VMScore
CVE-2015-8341
The libxl toolstack library in Xen 4.1.x up to and including 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows malicious users to cause a denial of service (memory and disk consu...
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.0
Xen Xen 4.2.3
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 4.6.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.2.4
Xen Xen 4.2.5
Xen Xen 4.4.1
Xen Xen 4.4.2
Xen Xen 4.1.0
Xen Xen 4.1.6.1
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.3.2
Xen Xen 4.3.3
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.1.5
614
VMScore
CVE-2016-1570
The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x up to and including 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the...
Xen Xen 4.5.1
Xen Xen 4.5.0
Xen Xen 4.3.3
Xen Xen 4.3.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.6.1
Xen Xen 4.1.0
Xen Xen 3.4.1
Xen Xen 4.6.0
Xen Xen 4.5.2
Xen Xen 4.3.4
Xen Xen 4.2.2
Xen Xen 4.2.1
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.4.3
Xen Xen 4.4.2
Xen Xen 4.3.0
Xen Xen 4.2.5
Xen Xen 4.1.6
Xen Xen 4.1.5
694
VMScore
CVE-2015-4104
Xen 3.3.x up to and including 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »