Filtered by vendor Xen
Subscriptions
Filtered by product Xen
Subscriptions
Total
493 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21125 | 6 Debian, Fedoraproject, Intel and 3 more | 14 Debian Linux, Fedora, Sgx Dcap and 11 more | 2025-05-05 | 5.5 Medium |
| Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21123 | 6 Debian, Fedoraproject, Intel and 3 more | 14 Debian Linux, Fedora, Sgx Dcap and 11 more | 2025-05-05 | 5.5 Medium |
| Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-42326 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2025-05-05 | 5.5 Medium |
| Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As this error is encountered only when handling the deleted node at transaction finalization, the transaction will have been performed partially and without updating the accounting information. This will enable a malicious guest to create arbitrary number of nodes. | ||||
| CVE-2015-8104 | 6 Canonical, Debian, Linux and 3 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2025-04-23 | 10 Critical |
| The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. | ||||
| CVE-2017-10912 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. | ||||
| CVE-2017-10914 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2. | ||||
| CVE-2017-10918 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222. | ||||
| CVE-2017-15595 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | ||||
| CVE-2016-9817 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. | ||||
| CVE-2016-9383 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. | ||||
| CVE-2017-14319 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were taken into account. | ||||
| CVE-2016-9385 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. | ||||
| CVE-2017-12137 | 3 Citrix, Debian, Xen | 3 Xenserver, Debian Linux, Xen | 2025-04-20 | N/A |
| arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | ||||
| CVE-2017-7228 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays. | ||||
| CVE-2016-10025 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check. | ||||
| CVE-2017-10917 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221. | ||||
| CVE-2017-14431 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. | ||||
| CVE-2016-10013 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. | ||||
| CVE-2016-10024 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-20 | N/A |
| Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations. | ||||
| CVE-2017-12855 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensitive information, while the domain on the far end of the grant is still using the grant. Xen 4.9, 4.8, 4.7, 4.6, and 4.5 are affected. | ||||