xen xen 4.3.1 vulnerabilities and exploits

(subscribe to this query)

Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction ...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

Off-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or obtain sensitive information from hypervisor memory ...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of servic...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memory corruption and hypervisor cr...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 up to and including 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest mal...

Xen Xen 4.1.5 Xen Xen 4.1.6.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "in...

Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1 Opensuse Opensuse 13.1

The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a "read or write past the end of the ring."...

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.4.0

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x up to and including 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm)...

Fedoraproject Fedora 20 Fedoraproject Fedora 21 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.2 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.2 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0 Fedoraproject Fedora 20 Fedoraproject Fedora 21

GNTTABOP_swap_grant_ref in Xen 4.2 up to and including 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.4 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook