Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

xen xen 3.2.3 vulnerabilities and exploits

(subscribe to this query)
5.5
CVSSv2

CVE-2011-2901

Off-by-one error in the __addr_ok macro in Xen 3.3 and previous versions allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
Xen XenXen Xen 3.0.2Xen Xen 3.0.3Xen Xen 3.0.4Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3
4.9
CVSSv2

CVE-2013-0231

The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some o...
Linux Linux Kernel 2.6.18Linux Linux Kernel 3.8Xen Xen 3.0.2Xen Xen 3.0.3Xen Xen 3.0.4Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3
5
CVSSv2

CVE-2009-1758

The hypervisor_callback function in Xen, possibly prior to 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "c...
Xen XenXen Xen 2.0Xen Xen 3.0.2Xen Xen 3.0.3Xen Xen 3.0.4Xen Xen 3.1.2Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2
5.5
CVSSv2

CVE-2010-4247

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen prior to 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large ...
Citrix XenCitrix Xen 3.0.2Citrix Xen 3.0.3Citrix Xen 3.0.4Citrix Xen 3.1.3Citrix Xen 3.1.4Citrix Xen 3.2.0Citrix Xen 3.2.1Citrix Xen 3.2.2Citrix Xen 3.2.3Citrix Xen 3.3.0Citrix Xen 3.3.1
4.9
CVSSv2

CVE-2014-8867

The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and previous versions lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspeci...
Redhat Enterprise Linux 5.0Redhat Enterprise Linux Desktop 5.0Xen XenXen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 4.4.0Xen Xen 4.4.1Debian Debian Linux 7.0Opensuse Opensuse 13.1Opensuse Opensuse 13.2
5.5
CVSSv2

CVE-2011-1166

Xen, possibly prior to 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
Xen XenXen Xen 3.0.2Xen Xen 3.0.3Xen Xen 3.0.4Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1
2.7
CVSSv2

CVE-2010-3699

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, ...
Citrix Xen 3.0.2Citrix Xen 3.0.3Citrix Xen 3.0.4Citrix Xen 3.1.3Citrix Xen 3.1.4Citrix Xen 3.2.0Citrix Xen 3.2.1Citrix Xen 3.2.2Citrix Xen 3.2.3Citrix Xen 3.3.0Citrix Xen 3.3.1Citrix Xen 3.3.2
5.2
CVSSv2

CVE-2014-1893

Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a diffe...
Xen XenXen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3
5.2
CVSSv2

CVE-2014-1891

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...
Xen XenXen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3
6.1
CVSSv2

CVE-2010-4255

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and previous versions on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial ...
Citrix XenCitrix Xen 3.0.2Citrix Xen 3.0.3Citrix Xen 3.0.4Citrix Xen 3.1.2Citrix Xen 3.1.3Citrix Xen 3.1.4Citrix Xen 3.2.0Citrix Xen 3.2.1Citrix Xen 3.2.2Citrix Xen 3.2.3Citrix Xen 3.3.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
viasatdoscross-site request forgeryteconcethemeCVE-2025-1565CVE-2025-28076firmwarez2dweb serverCVE-2025-2070CVE-2025-3645CVE-2025-31324CVE-2024-6235
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook