Vulnerabilities > XEN > XEN > 4.1.5

DATE CVE VULNERABILITY TITLE RISK
2024-01-05 CVE-2023-34321 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2024-01-05 CVE-2023-34322 Improper Check for Dropped Privileges vulnerability in XEN
For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
local
low complexity
xen CWE-273
7.8
2024-01-05 CVE-2023-34323 NULL Pointer Dereference vulnerability in XEN
When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes.
local
low complexity
xen CWE-476
5.5
2024-01-05 CVE-2023-46837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2023-09-22 CVE-2023-34319 Out-of-bounds Write vulnerability in multiple products
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece.
local
low complexity
xen debian CWE-787
7.8
2023-03-21 CVE-2022-42332 Use After Free vulnerability in multiple products
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode.
local
low complexity
xen debian fedoraproject CWE-416
7.8
2022-10-11 CVE-2022-33748 Improper Handling of Exceptional Conditions vulnerability in multiple products
lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path.
local
high complexity
xen fedoraproject debian CWE-755
5.6
2022-04-05 CVE-2022-26356 Improper Locking vulnerability in multiple products
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls.
local
high complexity
xen debian fedoraproject CWE-667
5.6
2022-01-25 CVE-2022-23034 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled.
local
low complexity
xen fedoraproject debian CWE-191
5.5
2021-12-07 CVE-2021-28703 Unspecified vulnerability in XEN
grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory.
local
high complexity
xen
7.0