Vulnerabilities > XEN > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-16 CVE-2015-7504 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
local
low complexity
qemu xen debian CWE-787
8.8
2017-09-12 CVE-2017-14319 Unspecified vulnerability in XEN
A grant unmapping issue was discovered in Xen through 4.9.x.
local
low complexity
xen
8.8
2017-09-12 CVE-2017-14316 Out-of-bounds Read vulnerability in XEN
A parameter verification issue was discovered in Xen through 4.9.x.
local
low complexity
xen CWE-125
8.8
2017-08-24 CVE-2017-12137 Classic Buffer Overflow vulnerability in multiple products
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
local
low complexity
xen citrix debian CWE-120
8.8
2017-08-24 CVE-2017-12136 Race Condition vulnerability in multiple products
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
local
high complexity
xen citrix debian CWE-362
7.8
2017-08-24 CVE-2017-12135 Incorrect Calculation vulnerability in multiple products
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
local
low complexity
xen citrix debian CWE-682
8.8
2017-08-24 CVE-2017-12134 Incorrect Calculation vulnerability in multiple products
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
local
low complexity
xen citrix CWE-682
8.8
2017-07-05 CVE-2017-10922 Resource Exhaustion vulnerability in XEN
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
network
low complexity
xen CWE-400
7.5
2017-07-05 CVE-2017-10916 Information Exposure vulnerability in XEN
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220.
network
low complexity
xen CWE-200
7.5
2017-07-05 CVE-2017-10914 Double Free vulnerability in XEN
The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
network
high complexity
xen CWE-415
8.1