Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.1.4 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2014-1950
Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x up to and including 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with access to management functions to cause ...
Xen Xen 4.1.5
Xen Xen 4.1.6.1
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.2.1
5.2
CVSSv2
CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x up to and including 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).
Xen Xen 4.3.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.0.0
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.2.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 3.4.4
Xen Xen 4.3.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.0.3
5.2
CVSSv2
CVE-2013-4416
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.1.4
Xen Xen 4.1.5
5.2
CVSSv2
CVE-2013-4494
Xen prior to 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.
Xen Xen
Debian Debian Linux 7.0
2.1
CVSSv2
CVE-2013-4361
The fbld instruction emulation in Xen 3.3.x up to and including 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 3.4.2
Xen Xen 3.4.3
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.0
Xen Xen 3.3.0
Xen Xen 3.4.4
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.1.3
1.2
CVSSv2
CVE-2013-1442
Xen 4.0 up to and including 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows loca...
Xen Xen 4.0.0
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.2.1
Xen Xen 4.2.2
6.5
CVSSv2
CVE-2013-4329
The xenlight library (libxl) in Xen 4.0.x up to and including 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service v...
Xen Xen 4.2.2
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.2.3
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.0.4
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.0.0
Xen Xen 4.0.1
7.4
CVSSv2
CVE-2013-2072
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges vi...
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Debian Debian Linux 7.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.0.0
Xen Xen 4.0.1
4.3
CVSSv2
CVE-2013-2076
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which c...
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
5.2
CVSSv2
CVE-2013-2077
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors.
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.3
Xen Xen 4.1.4
Xen Xen 4.1.1
Xen Xen 4.1.2
Xen Xen 4.1.0
Xen Xen 4.1.5
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »