Vulnerabilities > XEN > XEN > 4.8.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-28 | CVE-2017-17044 | Infinite Loop vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. | 4.9 |
| 2017-10-18 | CVE-2017-15595 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | 7.2 |
| 2017-10-18 | CVE-2017-15594 | Unspecified vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging. | 4.6 |
| 2017-10-18 | CVE-2017-15593 | Missing Release of Resource after Effective Lifetime vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. | 4.9 |
| 2017-10-18 | CVE-2017-15592 | Exposure of Resource to Wrong Sphere vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests. | 7.2 |
| 2017-09-12 | CVE-2017-14319 | Unspecified vulnerability in XEN A grant unmapping issue was discovered in Xen through 4.9.x. | 7.2 |
| 2017-09-12 | CVE-2017-14317 | Race Condition vulnerability in XEN A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. | 4.7 |
| 2017-09-12 | CVE-2017-14316 | Out-of-bounds Read vulnerability in XEN A parameter verification issue was discovered in Xen through 4.9.x. | 7.2 |