Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

xen xen 4.2.3 vulnerabilities and exploits

(subscribe to this query)
5.8
CVSSv2

CVE-2014-7155

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and previous versions does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involvin...
Xen XenXen Xen 3.0.2Xen Xen 3.0.3Xen Xen 3.0.4Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1
4.7
CVSSv2

CVE-2015-8339

The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown.
Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4
4.7
CVSSv2

CVE-2015-8340

The memory_exchange function in common/memory.c in Xen 3.2.x up to and including 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handli...
Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4
2.9
CVSSv2

CVE-2015-3340

Xen 4.2.x up to and including 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
Xen Xen 4.2.0Xen Xen 4.2.1Xen Xen 4.2.2Xen Xen 4.2.3Xen Xen 4.2.4Xen Xen 4.2.5Xen Xen 4.3.0Xen Xen 4.3.1Xen Xen 4.3.2Xen Xen 4.3.3Xen Xen 4.3.4Xen Xen 4.4.0
5.5
CVSSv3

CVE-2017-14431

Memory leak in Xen 3.3 up to and including 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207.
Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2Xen Xen 3.4.3Xen Xen 3.4.4Xen Xen 4.0.0Xen Xen 4.0.1Xen Xen 4.0.2Xen Xen 4.0.3
4.4
CVSSv3

CVE-2015-8552

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x up to and including 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a s...
Xen Xen 3.1.3Xen Xen 3.1.4Xen Xen 3.2.0Xen Xen 3.2.1Xen Xen 3.2.2Xen Xen 3.2.3Xen Xen 3.3.0Xen Xen 3.3.1Xen Xen 3.3.2Xen Xen 3.4.0Xen Xen 3.4.1Xen Xen 3.4.2
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
viasatdoscross-site request forgeryteconcethemeCVE-2025-1565CVE-2025-28076firmwarez2dweb serverCVE-2025-2070CVE-2025-3645CVE-2025-31324CVE-2024-6235
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook