Vulnerabilities > XEN > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-01 CVE-2018-18883 NULL Pointer Dereference vulnerability in XEN
An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have unspecified other impact because nested VT-x is not properly restricted.
local
low complexity
xen CWE-476
7.2
2018-08-17 CVE-2018-15471 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products.
local
low complexity
xen linux canonical CWE-125
7.8
2018-07-28 CVE-2018-14678 Improper Initialization vulnerability in multiple products
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.
local
low complexity
linux xen debian canonical CWE-665
7.8
2018-05-10 CVE-2018-10982 An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
local
low complexity
xen debian
7.2
2018-05-08 CVE-2018-8897 Race Condition vulnerability in multiple products
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash.
7.2
2017-11-28 CVE-2017-17045 Use After Free vulnerability in XEN
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by leveraging the mishandling of Populate on Demand (PoD) Physical-to-Machine (P2M) errors.
local
low complexity
xen CWE-416
7.2
2017-10-18 CVE-2017-15595 Resource Exhaustion vulnerability in XEN
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
local
low complexity
xen CWE-400
7.2
2017-10-18 CVE-2017-15592 Exposure of Resource to Wrong Sphere vulnerability in XEN
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
local
low complexity
xen CWE-668
7.2
2017-10-16 CVE-2015-7504 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
local
low complexity
qemu xen debian CWE-787
8.8
2017-09-12 CVE-2017-14319 Unspecified vulnerability in XEN
A grant unmapping issue was discovered in Xen through 4.9.x.
local
low complexity
xen
7.2