Vulnerabilities > XEN > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-08 CVE-2019-17340 Memory Leak vulnerability in multiple products
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
local
low complexity
xen debian CWE-401
8.8
2018-12-08 CVE-2018-19966 Interpretation Conflict vulnerability in multiple products
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging.
local
low complexity
xen debian CWE-436
8.8
2018-12-08 CVE-2018-19963 Reachable Assertion vulnerability in XEN 4.11.0
An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled.
local
high complexity
xen CWE-617
7.8
2018-12-08 CVE-2018-19962 Information Exposure vulnerability in multiple products
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
local
high complexity
xen debian citrix CWE-200
7.8
2018-12-08 CVE-2018-19961 Incomplete Cleanup vulnerability in multiple products
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
local
high complexity
xen debian citrix CWE-459
7.8
2018-11-01 CVE-2018-18883 NULL Pointer Dereference vulnerability in XEN
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.
local
low complexity
xen CWE-476
8.8
2018-08-17 CVE-2018-15471 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products.
local
low complexity
xen linux canonical CWE-125
7.8
2018-07-28 CVE-2018-14678 Improper Initialization vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.
local
low complexity
linux xen debian canonical CWE-665
7.8
2018-05-10 CVE-2018-10982 An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
local
low complexity
xen debian
8.8
2018-05-08 CVE-2018-8897 Race Condition vulnerability in multiple products
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash.
7.8