Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xen xen 4.2.2 vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2014-1642
The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor cr...
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.2.1
Xen Xen 4.2.2
4.4
CVSSv2
CVE-2013-4371
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of servi...
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
Xen Xen 4.3.0
Xen Xen 4.2.0
4.3
CVSSv2
CVE-2013-2076
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which c...
Xen Xen 4.0.4
Xen Xen 4.0.2
Xen Xen 4.0.0
Xen Xen 4.0.1
Xen Xen 4.0.3
Xen Xen 4.2.2
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.1.5
Xen Xen 4.1.2
Xen Xen 4.1.1
Xen Xen 4.1.0
Xen Xen 4.1.3
Xen Xen 4.1.4
3.6
CVSSv2
CVE-2015-7311
libxl in Xen 4.1.x up to and including 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.2.5
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.2
Xen Xen 4.3.3
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.1
3.3
CVSSv2
CVE-2014-7156
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x up to and including 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) v...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.1
Xen Xen 3.3.0
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.4.0
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.3.0
Xen Xen 4.3.1
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.2
Xen Xen 4.2.3
3.3
CVSSv2
CVE-2013-1922
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted,...
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
2.9
CVSSv2
CVE-2015-3340
Xen 4.2.x up to and including 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.3.3
Xen Xen 4.3.4
Xen Xen 4.5.0
Xen Xen 4.2.3
Xen Xen 4.2.4
Xen Xen 4.4.0
Xen Xen 4.2.0
Xen Xen 4.3.1
Xen Xen 4.3.2
Xen Xen 4.4.2
Xen Xen 4.4.1
Xen Xen 4.2.5
Xen Xen 4.3.0
Suse Suse Linux Enterprise Server 11.0
Suse Suse Linux Enterprise Software Development Kit 11.0
Suse Suse Linux Enterprise Desktop 11.0
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Debian Debian Linux 8.0
2.7
CVSSv2
CVE-2013-4375
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x prior to 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
Xen Xen 4.3.0
Qemu Qemu 1.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.2.3
2.1
CVSSv2
CVE-2015-7971
Xen 3.2.x up to and including 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properl...
Xen Xen 3.3.1
Xen Xen 3.3.2
Xen Xen 4.0.1
Xen Xen 4.0.2
Xen Xen 4.1.4
Xen Xen 4.1.5
Xen Xen 4.3.2
Xen Xen 4.3.4
Xen Xen 3.4.0
Xen Xen 3.4.1
Xen Xen 4.0.3
Xen Xen 4.0.4
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.2.1
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 3.2.0
Xen Xen 3.2.1
Xen Xen 3.2.2
Xen Xen 3.4.2
Xen Xen 3.4.3
2.1
CVSSv2
CVE-2015-7972
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x up to and including 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM g...
Xen Xen 3.4.1
Xen Xen 3.4.2
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.1.1
Xen Xen 4.2.1
Xen Xen 4.2.2
Xen Xen 4.4.1
Xen Xen 4.5.0
Xen Xen 3.4.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.6.1
Xen Xen 4.2.0
Xen Xen 4.3.4
Xen Xen 4.4.0
Xen Xen 3.4.3
Xen Xen 3.4.4
Xen Xen 4.1.2
Xen Xen 4.1.3
Xen Xen 4.2.3
Xen Xen 4.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »