xen xen 4.1.1 vulnerabilities and exploits

(subscribe to this query)

Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and previous versions, when XSM is enabled, allow local users to cause a denial of service ...

Xen Xen Xen Xen 3.2.0 Xen Xen 3.2.1 Xen Xen 3.2.2 Xen Xen 3.2.3 Xen Xen 3.3.0 Xen Xen 3.3.1 Xen Xen 3.3.2 Xen Xen 3.4.0 Xen Xen 3.4.1 Xen Xen 3.4.2 Xen Xen 3.4.3

The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...

Freebsd Freebsd Illumos Illumos Joyent Smartos Xen Xen Xen Xen 4.0.0 Xen Xen 4.0.1 Xen Xen 4.0.2 Xen Xen 4.0.3 Xen Xen 4.0.4 Xen Xen 4.1.0 Xen Xen 4.1.1 Microsoft Windows 7

3 EDB exploits4 Github repositories1 Article

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x up to and including 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting...

Opensuse Opensuse 13.1 Opensuse Opensuse 13.2 Xen Xen 3.3.0 Xen Xen 3.3.1 Xen Xen 3.3.2 Xen Xen 3.4.0 Xen Xen 3.4.1 Xen Xen 3.4.2 Xen Xen 3.4.3 Xen Xen 3.4.4 Xen Xen 4.0.0 Xen Xen 4.0.1

1 Article

The libxl toolstack library in Xen 4.1.x up to and including 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows malicious users to cause a denial of service (memory and disk consu...

Xen Xen 4.1.0 Xen Xen 4.1.1 Xen Xen 4.1.2 Xen Xen 4.1.3 Xen Xen 4.1.4 Xen Xen 4.1.5 Xen Xen 4.1.6 Xen Xen 4.1.6.1 Xen Xen 4.2.0 Xen Xen 4.2.1 Xen Xen 4.2.2 Xen Xen 4.2.3

The XENMEM_exchange handler in Xen 4.2 and previous versions does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor ...

Xen Xen Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3.1.3 Xen Xen 3.1.4 Xen Xen 3.2.0 Xen Xen 3.2.1 Xen Xen 3.2.2 Xen Xen 3.2.3 Xen Xen 3.3.0 Xen Xen 3.3.1

The guest_physmap_mark_populate_on_demand function in Xen 4.2 and previous versions does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.

Xen Xen Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3.1.3 Xen Xen 3.1.4 Xen Xen 3.2.0 Xen Xen 3.2.1 Xen Xen 3.2.2 Xen Xen 3.2.3 Xen Xen 3.3.0 Xen Xen 3.3.1

The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and previous versions allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.

Xen Xen Xen Xen 3.0.2 Xen Xen 3.0.3 Xen Xen 3.0.4 Xen Xen 3.1.3 Xen Xen 3.1.4 Xen Xen 3.2.0 Xen Xen 3.2.1 Xen Xen 3.2.2 Xen Xen 3.2.3 Xen Xen 3.3.0 Xen Xen 3.3.1

Xen 3.1 up to and including 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handl...

Xen Xen 3.1.3 Xen Xen 3.1.4 Xen Xen 3.2.0 Xen Xen 3.2.1 Xen Xen 3.2.2 Xen Xen 3.2.3 Xen Xen 3.3.0 Xen Xen 3.3.1 Xen Xen 3.3.2 Xen Xen 3.4.0 Xen Xen 3.4.1 Xen Xen 3.4.2

The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x up to and including 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM g...

Xen Xen 3.4.0 Xen Xen 3.4.1 Xen Xen 3.4.2 Xen Xen 3.4.3 Xen Xen 3.4.4 Xen Xen 4.0.0 Xen Xen 4.0.1 Xen Xen 4.0.2 Xen Xen 4.0.3 Xen Xen 4.0.4 Xen Xen 4.1.0 Xen Xen 4.1.1

Xen 3.3.x up to and including 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning mult...

Xen Xen 3.3.0 Xen Xen 3.3.1 Xen Xen 3.3.2 Xen Xen 3.4.0 Xen Xen 3.4.1 Xen Xen 3.4.2 Xen Xen 3.4.3 Xen Xen 3.4.4 Xen Xen 4.0.1 Xen Xen 4.0.2 Xen Xen 4.0.3 Xen Xen 4.0.4

« PREV 1 2 3 4 5 6 7 8 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook