Vulnerabilities > XEN

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-25598 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Xen 4.14.x.
local
low complexity
xen fedoraproject opensuse CWE-670
5.5
5.5
2020-09-23 CVE-2020-25597 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject CWE-755
6.5
6.5
2020-09-23 CVE-2020-25596 Injection vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject debian opensuse CWE-74
5.5
5.5
2020-09-23 CVE-2020-25595 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject debian opensuse CWE-269
7.8
7.8
2020-07-20 CVE-2020-15852 Incorrect Default Permissions vulnerability in multiple products
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests.
local
low complexity
linux xen netapp CWE-276
7.8
7.8
2020-07-07 CVE-2020-15567 Race Condition vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE.
local
high complexity
xen debian opensuse fedoraproject CWE-362
7.8
7.8
2020-07-07 CVE-2020-15566 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation.
local
low complexity
xen debian CWE-754
6.5
6.5
2020-07-07 CVE-2020-15565 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d.
local
low complexity
xen debian fedoraproject opensuse CWE-400
8.8
8.8
2020-07-07 CVE-2020-15564 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info.
local
low complexity
xen debian fedoraproject CWE-119
6.5
6.5
2020-07-07 CVE-2020-15563 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash.
local
low complexity
xen debian fedoraproject opensuse CWE-119
6.5
6.5