Vulnerabilities > XEN > XEN > 14.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-27 | CVE-2021-28698 | Infinite Loop vulnerability in multiple products long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. | 5.5 |
| 2021-08-27 | CVE-2021-28699 | inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. | 5.5 |
| 2021-08-27 | CVE-2021-28700 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen. | 4.9 |
| 2021-06-11 | CVE-2021-28689 | Improper Cross-boundary Removal of Sensitive Data vulnerability in XEN x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. | 5.5 |