Vulnerabilities > XEN > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-10-31 CVE-2019-18425 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors.
network
low complexity
xen debian fedoraproject opensuse CWE-269
critical
9.8
2018-07-27 CVE-2017-2620 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
9.9
2018-07-03 CVE-2017-2615 Out-of-bounds Write vulnerability in multiple products
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue.
network
low complexity
qemu redhat citrix debian xen CWE-787
critical
9.1
2018-07-02 CVE-2018-12892 Information Exposure vulnerability in multiple products
An issue was discovered in Xen 4.7 through 4.10.x.
network
low complexity
debian xen CWE-200
critical
9.9
2017-10-30 CVE-2017-15597 Information Exposure vulnerability in XEN 4.8.0/4.9.0
An issue was discovered in Xen through 4.9.x.
network
low complexity
xen CWE-200
critical
9.1
2017-07-05 CVE-2017-10921 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
network
low complexity
xen CWE-119
critical
10.0
2017-07-05 CVE-2017-10920 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
network
low complexity
xen CWE-119
critical
10.0
2017-07-05 CVE-2017-10918 Improper Input Validation vulnerability in XEN
Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
network
low complexity
xen CWE-20
critical
10.0
2017-07-05 CVE-2017-10917 NULL Pointer Dereference vulnerability in XEN
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
network
low complexity
xen CWE-476
critical
9.1
2017-07-05 CVE-2017-10915 Race Condition vulnerability in XEN
The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
network
high complexity
xen CWE-362
critical
9.0