Vulnerabilities > XEN > XEN > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-24 | CVE-2017-12137 | Classic Buffer Overflow vulnerability in multiple products arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. | 7.2 |
| 2017-08-24 | CVE-2017-12134 | Incorrect Calculation vulnerability in multiple products The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. | 7.2 |
| 2017-07-05 | CVE-2017-10913 | Unspecified vulnerability in XEN The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1. | 7.5 |
| 2017-05-11 | CVE-2017-8903 | Arbitrary Code Execution vulnerability in XEN 4.8.0/4.8.1 Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. | 7.2 |
| 2017-04-04 | CVE-2017-7228 | Improper Validation of Array Index vulnerability in XEN An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. | 7.2 |
| 2017-01-23 | CVE-2016-9383 | Improper Input Validation vulnerability in multiple products Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions. | 7.2 |
| 2016-09-21 | CVE-2016-7154 | Use After Free vulnerability in XEN Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number. | 7.2 |
| 2016-09-21 | CVE-2016-7093 | Permissions, Privileges, and Access Controls vulnerability in XEN 4.5.3/4.6.3/4.7.0 Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation. | 7.2 |
| 2016-08-02 | CVE-2016-6258 | Improper Access Control vulnerability in multiple products The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries. | 7.2 |
| 2016-05-18 | CVE-2016-4480 | Permissions, Privileges, and Access Controls vulnerability in multiple products The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory. | 7.2 |