Vulnerabilities > XEN > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2017-8904 | Arbitrary Code Execution vulnerability in XEN 4.8.0/4.8.1 Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214. | 6.8 |
| 2017-02-27 | CVE-2016-9818 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. | 4.9 |
| 2017-02-27 | CVE-2016-9817 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. | 4.9 |
| 2017-02-27 | CVE-2016-9816 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. | 4.9 |
| 2017-02-27 | CVE-2016-9815 | Improper Access Control vulnerability in XEN 4.7.0/4.7.1 Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. | 4.9 |
| 2017-01-26 | CVE-2016-10024 | Improper Input Validation vulnerability in multiple products Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations. | 4.9 |
| 2017-01-26 | CVE-2016-10013 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. | 4.6 |
| 2017-01-23 | CVE-2016-9386 | Permissions, Privileges, and Access Controls vulnerability in multiple products The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values. | 4.6 |
| 2017-01-23 | CVE-2016-9385 | Improper Input Validation vulnerability in multiple products The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. | 4.9 |
| 2017-01-23 | CVE-2016-9382 | Permissions, Privileges, and Access Controls vulnerability in multiple products Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode. | 4.6 |