Vulnerabilities > XEN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-03 | CVE-2015-6654 | Permissions, Privileges, and Access Controls vulnerability in XEN 4.4.0/4.5.0/4.5.1 The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest. | 2.1 |
| 2015-08-12 | CVE-2015-5166 | Permissions, Privileges, and Access Controls vulnerability in multiple products Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. | 7.2 |
| 2015-07-16 | CVE-2015-3259 | Permissions, Privileges, and Access Controls vulnerability in XEN Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. | 6.8 |
| 2015-06-15 | CVE-2015-4164 | Resource Management Errors vulnerability in XEN The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set. | 4.9 |
| 2015-06-15 | CVE-2015-4163 | Local Denial of Service vulnerability in Xen GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version. | 4.9 |
| 2015-06-03 | CVE-2015-4105 | Resource Management Errors vulnerability in XEN Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. | 4.9 |
| 2015-06-03 | CVE-2015-4104 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors. | 7.8 |
| 2015-06-03 | CVE-2015-4103 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields. | 4.9 |
| 2015-04-28 | CVE-2015-3340 | Information Exposure vulnerability in multiple products Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. | 2.9 |
| 2015-04-01 | CVE-2015-2756 | Permissions, Privileges, and Access Controls vulnerability in multiple products QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. | 4.9 |