Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.3.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5149
Certain MMU virtualization operations in Xen 4.2.x up to and including 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Xen Xen 4.2.2
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.2.3
NA
CVE-2014-3968
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.2.0
Xen Xen 4.2.1
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Xen Xen 4.4.0
NA
CVE-2014-3967
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
Xen Xen 4.2.3
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.4.0
Opensuse Opensuse 13.1
Opensuse Opensuse 12.3
Xen Xen 4.3.0
Xen Xen 4.3.1
NA
CVE-2014-3124
The HVMOP_set_mem_type control in Xen 4.1 up to and including 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations f...
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.6.1
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.4.0
Xen Xen 4.1.0
Xen Xen 4.1.1
NA
CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.2.2
Xen Xen 3.2.3
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 3.3.2
Xen Xen 3.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.1
Xen Xen
Xen Xen 3.3.0
Xen Xen 3.3.1
Xen Xen 4.1.0
NA
CVE-2014-1895
Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory ...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.3.1
Xen Xen 4.3.0
Xen Xen 4.2.2
Xen Xen 4.2.3
NA
CVE-2014-1896
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.0
Xen Xen 4.3.0
Xen Xen 4.2.3
Xen Xen 4.3.1
NA
CVE-2014-2599
The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x up to and including 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.
Xen Xen 4.3.2
Xen Xen 4.4.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.2
Xen Xen 4.1.5
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.3.1
NA
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
NA
CVE-2014-1642
The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor cr...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »