Vulnerabilities > XEN > XEN > 4.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-10-30 | CVE-2015-7813 | Resource Management Errors vulnerability in XEN Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not properly handled in the do_physdev_op function in arch/arm/physdev.c, or (2) HYPERVISOR_hvm_op hypercalls, which are not properly handled in the do_hvm_op function in arch/arm/hvm.c. | 2.1 |
2015-10-01 | CVE-2015-7311 | Code vulnerability in XEN libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. | 3.6 |
2015-08-12 | CVE-2015-5166 | Permissions, Privileges, and Access Controls vulnerability in multiple products Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. | 7.2 |
2015-07-16 | CVE-2015-3259 | Permissions, Privileges, and Access Controls vulnerability in XEN Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. | 6.8 |
2015-06-15 | CVE-2015-4164 | Resource Management Errors vulnerability in XEN The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set. | 4.9 |
2015-06-15 | CVE-2015-4163 | Local Denial of Service vulnerability in Xen GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version. | 4.9 |
2015-06-03 | CVE-2015-4105 | Resource Management Errors vulnerability in XEN Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations. | 4.9 |
2015-06-03 | CVE-2015-4104 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors. | 7.8 |
2015-06-03 | CVE-2015-4103 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and accessing spanning multiple fields. | 4.9 |
2015-04-28 | CVE-2015-3340 | Information Exposure vulnerability in multiple products Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request. | 2.9 |