Vulnerabilities > XEN
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-10 | CVE-2018-10981 | Infinite Loop vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request. | 6.5 |
2018-05-08 | CVE-2018-8897 | Race Condition vulnerability in multiple products A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. | 7.8 |
2018-04-27 | CVE-2018-10472 | Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot. | 5.6 |
2018-04-27 | CVE-2018-10471 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754. | 6.5 |
2018-02-27 | CVE-2018-7542 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC. | 6.5 |
2018-02-27 | CVE-2018-7541 | An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. | 8.8 |
2018-02-27 | CVE-2018-7540 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | 6.5 |
2018-01-05 | CVE-2018-5244 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. | 6.5 |
2017-12-12 | CVE-2017-17566 | Unspecified vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page. | 7.8 |
2017-12-12 | CVE-2017-17565 | Improper Input Validation vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P. | 5.6 |