Vulnerabilities > XEN > XEN > 4.11.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-08 | CVE-2018-19964 | Unspecified vulnerability in XEN 4.11.0/4.11.1 An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions. | 4.9 |
| 2018-12-08 | CVE-2018-19962 | Information Exposure vulnerability in multiple products An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. | 7.8 |
| 2018-12-08 | CVE-2018-19961 | Incomplete Cleanup vulnerability in multiple products An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. | 7.8 |
| 2018-01-05 | CVE-2018-5244 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. | 4.9 |