Total
466 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3496 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand. | |||||
| CVE-2012-3498 | 2 Citrix, Xen | 2 Xenserver, Xen | 2025-04-11 | 5.6 MEDIUM | N/A |
| PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. | |||||
| CVE-2013-4355 | 1 Xen | 1 Xen | 2025-04-11 | 1.5 LOW | N/A |
| Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. | |||||
| CVE-2012-6031 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (CPU hang and host crash) via unspecified vectors related to a spinlock being held in the "bad_copy error path." NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. | |||||
| CVE-2012-5511 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Stack-based buffer overflow in the dirty video RAM tracking functionality in Xen 3.4 through 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) via a large bitmap image. | |||||
| CVE-2011-1936 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest crash) via unspecified vectors. | |||||
| CVE-2013-0151 | 1 Xen | 1 Xen | 2025-04-11 | 4.6 MEDIUM | N/A |
| The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging administrative access to an HVM guest in a domain with a large number of VCPUs. | |||||
| CVE-2013-0215 | 1 Xen | 1 Xen | 2025-04-11 | 4.3 MEDIUM | N/A |
| oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xenstore ring during read operations, which allows guest OS users to cause a denial of service (daemon crash and host-control outage, or memory consumption) or obtain sensitive control-plane data by leveraging guest administrative access. | |||||
| CVE-2013-1918 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal." | |||||
| CVE-2012-4535 | 1 Xen | 1 Xen | 2025-04-11 | 1.9 LOW | N/A |
| Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." | |||||
| CVE-2013-0152 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled. | |||||
| CVE-2013-2211 | 1 Xen | 1 Xen | 2025-04-11 | 7.4 HIGH | N/A |
| The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors. | |||||
| CVE-2012-4537 | 1 Xen | 1 Xen | 2025-04-11 | 2.1 LOW | N/A |
| Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability." | |||||
| CVE-2014-1666 | 1 Xen | 1 Xen | 2025-04-11 | 8.3 HIGH | N/A |
| The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors. | |||||
| CVE-2013-1919 | 1 Xen | 1 Xen | 2025-04-11 | 4.7 MEDIUM | N/A |
| Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices." | |||||
| CVE-2013-2076 | 1 Xen | 1 Xen | 2025-04-11 | 4.3 MEDIUM | N/A |
| Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged to obtain sensitive information such as cryptographic keys, a similar vulnerability to CVE-2006-1056. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. | |||||
| CVE-2011-1763 | 1 Xen | 1 Xen | 2025-04-11 | 7.7 HIGH | N/A |
| The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port. | |||||
| CVE-2013-2195 | 1 Xen | 1 Xen | 2025-04-11 | 6.9 MEDIUM | N/A |
| The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations. | |||||
| CVE-2013-0154 | 1 Xen | 1 Xen | 2025-04-11 | 1.9 LOW | N/A |
| The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall. | |||||
| CVE-2011-2519 | 2 Redhat, Xen | 4 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation and 1 more | 2025-04-11 | 5.5 MEDIUM | N/A |
| Xen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction. | |||||