Vulnerabilities > XEN > XEN > 3.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-05 | CVE-2023-34321 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN Arm provides multiple helpers to clean & invalidate the cache for a given region. | 3.3 |
| 2024-01-05 | CVE-2023-34322 | Improper Check for Dropped Privileges vulnerability in XEN For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. | 7.8 |
| 2024-01-05 | CVE-2023-34323 | NULL Pointer Dereference vulnerability in XEN When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. | 5.5 |
| 2024-01-05 | CVE-2023-46837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN Arm provides multiple helpers to clean & invalidate the cache for a given region. | 3.3 |
| 2023-09-22 | CVE-2023-34319 | Out-of-bounds Write vulnerability in multiple products The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. | 7.8 |
| 2023-03-21 | CVE-2022-42332 | Use After Free vulnerability in multiple products x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. | 7.8 |
| 2022-01-25 | CVE-2022-23034 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. | 5.5 |
| 2021-12-07 | CVE-2021-28703 | Unspecified vulnerability in XEN grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. | 7.0 |
| 2021-11-24 | CVE-2021-28706 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. | 8.6 |
| 2021-08-27 | CVE-2021-28698 | Infinite Loop vulnerability in multiple products long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains. | 5.5 |