Vulnerabilities > XEN > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2021-28695 IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered.
low complexity
xen fedoraproject debian
6.8
2021-08-27 CVE-2021-28696 Incorrect Authorization vulnerability in multiple products
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered.
low complexity
xen fedoraproject debian CWE-863
6.8
2021-08-27 CVE-2021-28698 Infinite Loop vulnerability in multiple products
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains.
local
low complexity
xen fedoraproject debian CWE-835
5.5
2021-08-27 CVE-2021-28699 inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status.
local
low complexity
xen fedoraproject debian
5.5
2021-08-27 CVE-2021-28700 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen.
network
low complexity
xen fedoraproject debian CWE-770
4.9
2021-06-30 CVE-2021-28693 Unspecified vulnerability in XEN
xen/arm: Boot modules are not scrubbed The bootloader will load boot modules (e.g.
local
low complexity
xen
5.5
2021-06-29 CVE-2021-28690 Unspecified vulnerability in XEN
x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability.
network
low complexity
xen
6.5
2021-06-11 CVE-2021-28687 Missing Initialization of Resource vulnerability in XEN
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions.
local
low complexity
xen CWE-909
5.5
2021-06-11 CVE-2021-28689 Improper Cross-boundary Removal of Sensitive Data vulnerability in XEN
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1.
local
low complexity
xen CWE-212
5.5
2021-06-09 CVE-2021-26313 Information Exposure Through Discrepancy vulnerability in multiple products
Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
local
low complexity
xen arm broadcom intel debian CWE-203
5.5