Vulnerabilities > Xensource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-06-16 | CVE-2010-2070 | Local Denial Of Service vulnerability in Xen 'arch/ia64/xen/faults.c' arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742. | 4.9 |
| 2008-06-23 | CVE-2008-1952 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xensource XEN Para Virtualized Frame Buffer The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory. | 2.1 |
| 2008-05-14 | CVE-2008-1944 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xensource XEN 3.0/3.0.3 Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of messages." https://bugzilla.redhat.com/show_bug.cgi?id=443078 "The PVFB backend is a user space program running as root in dom0" | 7.2 |
| 2008-05-14 | CVE-2008-1943 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xensource XEN Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer. | 2.1 |