Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

xen xen 4.1.1 vulnerabilities and exploits

(subscribe to this query)
0.005
EPSS

CVE-2014-3124

The HVMOP_set_mem_type control in Xen 4.1 up to and including 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations f...
Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.3.0
0.025
EPSS

CVE-2014-7188

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 up to and including 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified...
Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.3.0
0.000
EPSS

CVE-2014-2599

The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x up to and including 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain service domains for HVM guests and a large input.
Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.3.0
0.001
EPSS

CVE-2012-4535

Xen 3.4 up to and including 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1
0.001
EPSS

CVE-2012-4537

Xen 3.4 up to and including 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka ...
Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1
0.001
EPSS

CVE-2013-4329

The xenlight library (libxl) in Xen 4.0.x up to and including 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service v...
Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.2.0
0.003
EPSS

CVE-2013-2072

Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges vi...
Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Debian Debian Linux 7.0Xen Xen 4.0.0Xen Xen 4.0.1
0.001
EPSS

CVE-2013-1442

Xen 4.0 up to and including 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows loca...
Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3Xen Xen 4.0.4Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.2.0
0.000
EPSS

CVE-2015-3259

Stack-based buffer overflow in the xl command line utility in Xen 4.1.x up to and including 4.5.x allows local guest administrators to gain privileges via a long configuration argument.
Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.3.0
0.008
EPSS

CVE-2014-7156

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x up to and including 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) v...
Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 4.1.0Xen Xen 4.1.1Xen Xen 4.1.2Xen Xen 4.1.3Xen Xen 4.1.4Xen Xen 4.1.5Xen Xen 4.1.6.1Xen Xen 4.2.0Xen Xen 4.2.1
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
loftoceanCVE-2025-49234CVE-2025-48145spareCVE-2025-49854CVE-2023-33538injectioninjectmichal jaworskitemplate injectionCVE-2025-45878CVE-2025-43200slim seo
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook