Vulnerabilities > XEN > XEN > 4.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-11-19 | CVE-2014-8595 | Code vulnerability in multiple products arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check privileges, which allows local HVM guest users to gain privileges or cause a denial of service (crash) via a crafted (1) CALL, (2) JMP, (3) RETF, (4) LCALL, (5) LJMP, or (6) LRET far branch instruction. | 1.9 |
2014-11-19 | CVE-2014-8594 | Improper Input Validation vulnerability in multiple products The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x does not properly restrict updates to only PV page tables, which allows remote PV guests to cause a denial of service (NULL pointer dereference) by leveraging hardware emulation services for HVM guests using Hardware Assisted Paging (HAP). | 5.4 |
2014-10-02 | CVE-2014-7188 | Resource Management Errors vulnerability in XEN The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors. | 8.3 |
2014-10-02 | CVE-2014-7156 | Permissions, Privileges, and Access Controls vulnerability in XEN The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors. | 3.3 |
2014-10-02 | CVE-2014-7155 | Permissions, Privileges, and Access Controls vulnerability in multiple products The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. | 5.8 |
2014-10-02 | CVE-2014-7154 | Race Condition vulnerability in multiple products Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors. | 6.1 |
2014-06-18 | CVE-2014-4021 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in XEN Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. | 2.7 |
2014-05-07 | CVE-2014-3124 | Permissions, Privileges, and Access Controls vulnerability in XEN The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecified memory page types. | 6.7 |
2014-04-01 | CVE-2014-1893 | Numeric Errors vulnerability in XEN Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1891, CVE-2014-1892, and CVE-2014-1894. | 5.2 |
2014-04-01 | CVE-2014-1892 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in XEN Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894. | 5.2 |