Vulnerabilities > XEN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-11-21 | CVE-2012-4535 | Resource Management Errors vulnerability in XEN Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." | 1.9 |
| 2012-10-31 | CVE-2012-4544 | Improper Input Validation vulnerability in XEN The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk. | 2.1 |
| 2012-10-31 | CVE-2012-2625 | Improper Input Validation vulnerability in XEN and Xen-Unstable The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x allows local para-virtualized guest users to cause a denial of service (memory consumption) via a large (1) bzip2 or (2) lzma compressed kernel image. | 2.7 |
| 2012-06-12 | CVE-2012-0217 | Buffer Errors vulnerability in Freebsd The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. | 7.2 |
| 2009-10-05 | CVE-2009-3525 | Permissions, Privileges, and Access Controls vulnerability in XEN 3.0.3/3.3.0/3.3.1 The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password. | 7.2 |
| 2009-05-22 | CVE-2009-1758 | Resource Management Errors vulnerability in XEN The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a segmentation fault in "certain address ranges." | 5.0 |
| 2008-11-07 | CVE-2008-4993 | Link Following vulnerability in XEN 3.2.1 qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file. | 6.9 |
| 2008-08-14 | CVE-2008-3687 | Buffer Errors vulnerability in XEN and XEN Flask Module Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the XSM:FLASK module, allows unprivileged domain users (domU) to execute arbitrary code via the flask_op hypercall. | 6.8 |
| 2007-12-17 | CVE-2007-6416 | Permissions, Privileges, and Access Controls vulnerability in XEN 3.1.2 The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations. | 4.6 |
| 2007-03-20 | CVE-2007-0998 | Permissions, Privileges, and Access Controls vulnerability in XEN Qemu The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. | 4.3 |