Vulnerabilities > XEN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-02 | CVE-2014-7155 | Permissions, Privileges, and Access Controls vulnerability in multiple products The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. | 5.8 |
| 2014-10-02 | CVE-2014-7154 | Race Condition vulnerability in multiple products Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors. | 6.1 |
| 2014-08-29 | CVE-2014-5147 | Permissions, Privileges, and Access Controls vulnerability in XEN 4.4.0 Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a crafted 32-bit process. | 4.3 |
| 2014-08-22 | CVE-2014-5149 | Resource Management Errors vulnerability in multiple products Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146. | 4.7 |
| 2014-08-22 | CVE-2014-5146 | Resource Management Errors vulnerability in multiple products Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149. | 4.7 |
| 2014-07-09 | CVE-2014-4022 | Information Exposure vulnerability in XEN 4.4.0 The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall. | 2.7 |
| 2014-06-18 | CVE-2014-4021 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in XEN Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. | 2.7 |
| 2014-06-05 | CVE-2014-3969 | Permissions, Privileges, and Access Controls vulnerability in XEN 4.4.0 Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors. | 7.4 |
| 2014-06-05 | CVE-2014-3968 | Denial of Service vulnerability in Xen The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. | 5.5 |
| 2014-06-05 | CVE-2014-3967 | Denial of Service vulnerability in Xen 'HVM MSI injection' The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. | 5.5 |