Vulnerabilities > XEN > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-08 | CVE-2019-17351 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7. | 4.9 |
2019-10-08 | CVE-2019-17350 | Infinite Loop vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation. | 5.5 |
2018-12-08 | CVE-2018-19967 | Improper Input Validation vulnerability in multiple products An issue was discovered in Xen through 4.11.x on Intel x86 platforms allowing guest OS users to cause a denial of service (host OS hang) because Xen does not work around Intel's mishandling of certain HLE transactions associated with the KACQUIRE instruction prefix. | 4.9 |
2018-12-08 | CVE-2018-19965 | An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. | 5.6 |
2018-12-08 | CVE-2018-19964 | Unspecified vulnerability in XEN 4.11.0/4.11.1 An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions. | 4.9 |
2018-12-08 | CVE-2018-19963 | Reachable Assertion vulnerability in XEN 4.11.0 An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for external emulators) was mishandled. | 6.9 |
2018-08-17 | CVE-2018-15470 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen through 4.11.x. | 4.9 |
2018-08-17 | CVE-2018-15469 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.11.x. | 4.9 |
2018-08-17 | CVE-2018-15468 | Incorrect Authorization vulnerability in XEN An issue was discovered in Xen through 4.11.x. | 4.9 |
2018-07-02 | CVE-2018-12892 | Information Exposure vulnerability in multiple products An issue was discovered in Xen 4.7 through 4.10.x. | 6.5 |