xen xen 4.2.1 vulnerabilities and exploits

(subscribe to this query)

Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and previous versions allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel.

Xen Xen Xen Xen 4.2.0 Xen Xen 4.2.1

The Elf parser (libelf) in Xen 4.2.x and previous versions allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations.

Xen Xen Xen Xen 4.2.0 Xen Xen 4.2.1

Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and previous versions allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE...

Xen Xen Xen Xen 4.2.0 Xen Xen 4.2.1

The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging...

Xen Xen 4.2.0 Xen Xen 4.2.1

qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted,...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2

The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration.

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0

The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors tha...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0

Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of servi...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of servic...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction ...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook