Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

xen xen 4.6.3 vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2

CVE-2017-8905

Xen up to and including 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215.
Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.2Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.6.5
2.1
CVSSv2

CVE-2016-10025

VMFUNC emulation in Xen 4.6.x up to and including 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.7.0Xen Xen 4.7.1Xen Xen 4.8.0Citrix Xenserver 6.0.2Citrix Xenserver 6.2.0Citrix Xenserver 6.5Citrix Xenserver 7.0
4.9
CVSSv2

CVE-2016-6259

Xen 4.5.x up to and including 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
Xen Xen 4.5.0Xen Xen 4.5.1Xen Xen 4.5.2Xen Xen 4.5.3Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.7.0Citrix Xenserver 6.0Citrix Xenserver 6.0.2Citrix Xenserver 6.1Citrix Xenserver 6.2.0
2.1
CVSSv2

CVE-2017-12855

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances...
Xen Xen 4.5.0Xen Xen 4.5.1Xen Xen 4.5.2Xen Xen 4.5.3Xen Xen 4.5.5Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.6.5Xen Xen 4.6.6Xen Xen 4.7.0
4.9
CVSSv2

CVE-2017-15591

An issue exists in Xen 4.5.x up to and including 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of range start to range end) within the DMOP map/unmap implementation.
Xen Xen 4.5.0Xen Xen 4.5.1Xen Xen 4.5.2Xen Xen 4.5.3Xen Xen 4.5.5Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.6.5Xen Xen 4.6.6Xen Xen 4.7.0
4.9
CVSSv2

CVE-2017-14318

An issue exists in Xen 4.5.x up to and including 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table i...
Xen Xen 4.5.0Xen Xen 4.5.1Xen Xen 4.5.2Xen Xen 4.5.3Xen Xen 4.5.5Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.6.5Xen Xen 4.6.6Xen Xen 4.7.0
6.9
CVSSv2

CVE-2017-12136

Race condition in the grant table code in Xen 4.6.x up to and including 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
Xen Xen 4.6.0Xen Xen 4.6.1Xen Xen 4.6.3Xen Xen 4.6.4Xen Xen 4.6.5Xen Xen 4.6.6Xen Xen 4.7.0Xen Xen 4.7.1Xen Xen 4.7.2Xen Xen 4.7.3Xen Xen 4.8.0Xen Xen 4.8.1
4.9
CVSSv2

CVE-2017-15596

An issue exists in Xen 4.4.x up to and including 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
Xen Xen 4.4.0Xen Xen 4.4.1Xen Xen 4.4.2Xen Xen 4.4.3Xen Xen 4.4.4Xen Xen 4.5.0Xen Xen 4.5.1Xen Xen 4.5.2Xen Xen 4.5.3Xen Xen 4.5.4Xen Xen 4.5.5Xen Xen 4.6.0
7.2
CVSSv2

CVE-2016-6258

The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and previous versions allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
Xen Xen 3.4.0Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3
5
CVSSv2

CVE-2016-5244

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel up to and including 4.6.3 does not initialize a certain structure member, which allows remote malicious users to obtain sensitive information from kernel stack memory by reading an RDS message.
Fedoraproject Fedora 23Suse Linux Enterprise Real Time Extension 11Fedoraproject Fedora 24Suse Linux Enterprise Debuginfo 11Suse Linux Enterprise Real Time Extension 12Suse Linux Enterprise Server 11Redhat Enterprise Linux 6.0Suse Suse Linux Enterprise Software Development Kit 11Suse Linux Enterprise Workstation Extension 12Redhat Enterprise Linux 5Suse Linux Enterprise Desktop 12Suse Opensuse Leap 42.1
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
ssl.comCVE-2025-3278CVE-2025-24054brute forcefirewallprivilege escalationCVE-2025-24914qriousladCVE-2025-42599pritunlnamelessmcCVE-2025-3103CVE-2025-43895
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook