Filtered by vendor Xen
Subscribe
Search
Total
111 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-7093 | 1 Xen | 1 Xen | 2017-07-01 | 7.2 HIGH | 8.2 HIGH |
| Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation. | |||||
| CVE-2016-7092 | 1 Xen | 1 Xen | 2017-07-01 | 6.8 MEDIUM | 8.2 HIGH |
| The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables. | |||||
| CVE-2016-9383 | 2 Citrix, Xen | 2 Xenserver, Xen | 2017-07-01 | 7.2 HIGH | 8.8 HIGH |
| Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. | |||||
| CVE-2016-9386 | 2 Citrix, Xen | 2 Xenserver, Xen | 2017-07-01 | 4.6 MEDIUM | 7.8 HIGH |
| The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values. | |||||
| CVE-2016-9382 | 2 Citrix, Xen | 2 Xenserver, Xen | 2017-07-01 | 4.6 MEDIUM | 7.8 HIGH |
| Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode. | |||||
| CVE-2015-8555 | 2 Citrix, Xen | 2 Xenserver, Xen | 2017-07-01 | 5.0 MEDIUM | 8.6 HIGH |
| Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors. | |||||
| CVE-2015-8554 | 1 Xen | 1 Xen | 2017-07-01 | 6.6 MEDIUM | 7.5 HIGH |
| Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a "write path." | |||||
| CVE-2016-6258 | 2 Citrix, Xen | 2 Xenserver, Xen | 2017-07-01 | 7.2 HIGH | 8.8 HIGH |
| The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. | |||||
| CVE-2016-3960 | 3 Fedoraproject, Oracle, Xen | 3 Fedora, Vm Server, Xen | 2016-12-03 | 7.2 HIGH | 8.8 HIGH |
| Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping. | |||||
| CVE-2016-3157 | 2 Canonical, Xen | 2 Ubuntu Linux, Xen | 2016-12-03 | 7.2 HIGH | 7.8 HIGH |
| The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access. | |||||
| CVE-2016-4480 | 2 Oracle, Xen | 2 Vm Server, Xen | 2016-12-01 | 7.2 HIGH | 8.4 HIGH |
| The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory. | |||||