Vulnerabilities > XEN > XEN > 4.16

DATE CVE VULNERABILITY TITLE RISK
2024-01-05 CVE-2023-34321 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2024-01-05 CVE-2023-34323 NULL Pointer Dereference vulnerability in XEN
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes.
local
low complexity
xen CWE-476
5.5
2024-01-05 CVE-2023-34327 Unspecified vulnerability in XEN
[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service. 1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of a previous vCPUs debug mask state. 2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT. This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock up the CPU entirely.
local
low complexity
xen
5.5
2024-01-05 CVE-2023-46837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2023-09-22 CVE-2023-34319 Out-of-bounds Write vulnerability in multiple products
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece.
local
low complexity
xen debian CWE-787
7.8
2023-03-21 CVE-2022-42331 x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late.
local
low complexity
xen fedoraproject
5.5
2023-03-21 CVE-2022-42332 Use After Free vulnerability in multiple products
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode.
local
low complexity
xen debian fedoraproject CWE-416
7.8
2023-03-21 CVE-2022-42333 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place.
network
low complexity
xen debian fedoraproject CWE-770
8.6
2023-03-21 CVE-2022-42334 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place.
local
low complexity
xen debian fedoraproject CWE-770
6.5
2022-11-01 CVE-2022-42319 Memory Leak vulnerability in multiple products
Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily.
local
low complexity
xen debian fedoraproject CWE-401
6.5