Vulnerabilities > XEN > XEN > 4.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-13 | CVE-2017-14431 | Missing Release of Resource after Effective Lifetime vulnerability in XEN Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no pass-through device was ever assigned, aka XSA-207. | 4.9 |
| 2017-09-12 | CVE-2017-14319 | Unspecified vulnerability in XEN A grant unmapping issue was discovered in Xen through 4.9.x. | 7.2 |
| 2017-09-12 | CVE-2017-14318 | NULL Pointer Dereference vulnerability in XEN An issue was discovered in Xen 4.5.x through 4.9.x. | 4.9 |
| 2017-09-12 | CVE-2017-14317 | Race Condition vulnerability in XEN A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. | 4.7 |
| 2017-09-12 | CVE-2017-14316 | Out-of-bounds Read vulnerability in XEN A parameter verification issue was discovered in Xen through 4.9.x. | 7.2 |
| 2017-08-15 | CVE-2017-12855 | Information Exposure vulnerability in XEN Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. | 2.1 |
| 2017-07-05 | CVE-2017-10922 | Resource Exhaustion vulnerability in XEN The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. | 5.0 |
| 2017-07-05 | CVE-2017-10921 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2. | 10.0 |
| 2017-07-05 | CVE-2017-10920 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1. | 10.0 |
| 2017-07-05 | CVE-2017-10919 | Denial of Service vulnerability in Xen 'xen/arch/arm/gic.c' Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. | 5.0 |