Vulnerabilities > XEN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-12 | CVE-2017-17564 | 7PK - Errors vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode. | 7.8 |
| 2017-12-12 | CVE-2017-17563 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode. | 7.8 |
| 2017-11-28 | CVE-2017-17046 | Information Exposure vulnerability in XEN An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that do not start at zero, are mishandled. | 6.5 |
| 2017-11-28 | CVE-2017-17045 | Use After Free vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors. | 8.8 |
| 2017-11-28 | CVE-2017-17044 | Infinite Loop vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. | 6.5 |
| 2017-10-30 | CVE-2017-15597 | Information Exposure vulnerability in XEN 4.8.0/4.9.0 An issue was discovered in Xen through 4.9.x. | 9.1 |
| 2017-10-18 | CVE-2017-15596 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. | 6.0 |
| 2017-10-18 | CVE-2017-15595 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | 8.8 |
| 2017-10-18 | CVE-2017-15594 | Unspecified vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging. | 8.8 |
| 2017-10-18 | CVE-2017-15593 | Missing Release of Resource after Effective Lifetime vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. | 6.5 |