Vulnerabilities > XEN > XEN > 4.13.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-05 | CVE-2023-34323 | NULL Pointer Dereference vulnerability in XEN When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. | 5.5 |
2024-01-05 | CVE-2023-34327 | Unspecified vulnerability in XEN [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previous vCPUs debug mask state. 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT. This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock up the CPU entirely. | 5.5 |
2024-01-05 | CVE-2023-34328 | Unspecified vulnerability in XEN [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previous vCPUs debug mask state. 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT. This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock up the CPU entirely. | 5.5 |
2022-11-01 | CVE-2022-42319 | Memory Leak vulnerability in multiple products Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. | 6.5 |
2022-11-01 | CVE-2022-42325 | Memory Leak vulnerability in multiple products Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. | 5.5 |
2022-11-01 | CVE-2022-42326 | Memory Leak vulnerability in multiple products Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. | 5.5 |
2022-10-11 | CVE-2022-33746 | Improper Resource Shutdown or Release vulnerability in multiple products P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. | 6.5 |
2022-10-11 | CVE-2022-33748 | Improper Handling of Exceptional Conditions vulnerability in multiple products lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. | 5.6 |
2022-04-05 | CVE-2022-26357 | Race Condition vulnerability in multiple products race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. | 7.0 |
2021-10-06 | CVE-2021-28702 | Improper Privilege Management vulnerability in multiple products PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR"). | 7.6 |