Vulnerabilities > XEN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-05 | CVE-2023-46837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN Arm provides multiple helpers to clean & invalidate the cache for a given region. | 3.3 |
| 2023-12-08 | CVE-2023-34320 | Improper Locking vulnerability in multiple products Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity. | 5.5 |
| 2023-11-10 | CVE-2023-4949 | Out-of-bounds Write vulnerability in multiple products An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation. | 6.7 |
| 2023-09-22 | CVE-2023-34319 | Out-of-bounds Write vulnerability in multiple products The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. | 7.8 |
| 2023-08-11 | CVE-2022-40982 | Information Exposure Through Discrepancy vulnerability in multiple products Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
| 2023-08-08 | CVE-2023-20588 | Divide By Zero vulnerability in multiple products A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | 5.5 |
| 2023-07-24 | CVE-2023-20593 | An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. | 5.5 |
| 2023-06-07 | CVE-2022-4949 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. | 8.8 |
| 2023-05-17 | CVE-2022-42336 | Unspecified vulnerability in XEN 4.17 Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. | 3.3 |
| 2023-04-25 | CVE-2022-42335 | NULL Pointer Dereference vulnerability in multiple products x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. | 7.8 |