xen xen 4.4.1 vulnerabilities and exploits

(subscribe to this query)

Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which all...

Xen Xen 4.4.1 Xen Xen 4.4.0

The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU.

Xen Xen 4.4.0 Xen Xen 4.4.1

Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physde...

Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0 Xen Xen 4.5.1 Xen Xen 4.6.0

1 Article

The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x up to and including 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.

Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.4.2 Xen Xen 4.4.3 Xen Xen 4.5.0 Xen Xen 4.5.1 Xen Xen 4.5.2 Xen Xen 4.6.0

Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.

Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.2 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0 Fedoraproject Fedora 20 Fedoraproject Fedora 21

The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x up to and including 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the device model (qemu-dm)...

Fedoraproject Fedora 20 Fedoraproject Fedora 21 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.2 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0

GNTTABOP_swap_grant_ref in Xen 4.2 up to and including 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version.

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.4 Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.5.0

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x up to and including 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them,...

Xen Xen 4.4.0 Xen Xen 4.4.1 Xen Xen 4.4.2 Xen Xen 4.4.3 Xen Xen 4.4.4 Xen Xen 4.5.0 Xen Xen 4.5.1 Xen Xen 4.5.2 Xen Xen 4.5.3 Xen Xen 4.6.0 Xen Xen 4.6.1

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 up to and including 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified...

Xen Xen 4.1.0 Xen Xen 4.1.1 Xen Xen 4.1.2 Xen Xen 4.1.3 Xen Xen 4.1.4 Xen Xen 4.1.5 Xen Xen 4.1.6.1 Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.3.0

1 Article

Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service (system crash) via a crafted hypercall during HVM guest teardown.

Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3 Xen Xen 4.2.4 Xen Xen 4.2.5 Xen Xen 4.3.0 Xen Xen 4.3.1 Xen Xen 4.3.2 Xen Xen 4.3.3 Xen Xen 4.4.0 Xen Xen 4.4.1

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook