CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5661 – Potential Denial of Service affecting XenServer and Citrix Hypervisor
https://notcve.org/view.php?id=CVE-2024-5661
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. Se ha identificado un problema tanto en XenServer 8 como en Citrix Hypervisor 8.2 CU1 LTSR que puede permitir que un administrador malintencionado de una máquina virtual invitada haga que el host se vuelva lento o no responda. • https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-3798
https://notcve.org/view.php?id=CVE-2014-3798
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame. Las Herramientas para Invitados de Windows en Citrix XenServer versión 6.2 SP1 y anteriores, permiten a los atacantes remotos causar una denegación de servicio (fallo del Sistema Operativo invitado) por medio de una trama de Ethernet especialmente diseñada. • http://secunia.com/advisories/58455 http://support.citrix.com/article/CTX140814 http://www.securityfocus.com/bid/67693 http://www.securitytracker.com/id/1030304 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 5CVE-2018-8897 – Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability
https://notcve.org/view.php?id=CVE-2018-8897
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. • https://www.exploit-db.com/exploits/44697 https://www.exploit-db.com/exploits/45024 https://github.com/can1357/CVE-2018-8897 https://github.com/nmulasmajic/CVE-2018-8897 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9 http://openwall.com/lists/oss-security/2018/05/08/1 http://openwall.com/lists/oss-security/2018/05/08/4 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en http: • CWE-250: Execution with Unnecessary Privileges CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-12134
https://notcve.org/view.php?id=CVE-2017-12134
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation. La función xen_biovec_phys_mergeable en drivers/xen/biomerge.c en Xen podría permitir que usuarios invitados locales del sistema operativo corrompan transmisiones en bloque de datos del sistema y, consecuentemente, obtengan información sensible de la memoria, provoquen una denegación de servicio o consigan privilegios del SO mediante el aprovechamiento del cálculo incorrecto de block IO merge-ability. • http://www.debian.org/security/2017/dsa-3981 http://www.openwall.com/lists/oss-security/2017/08/15/4 http://www.securityfocus.com/bid/100343 http://www.securitytracker.com/id/1039176 http://xenbits.xen.org/xsa/advisory-229.html https://bugzilla.redhat.com/show_bug.cgi?id=1477656 https://security.gentoo.org/glsa/201801-14 https://support.citrix.com/article/CTX225941 https://usn.ubuntu.com/3655-1 https://usn.ubuntu.com/3655-2 • CWE-682: Incorrect Calculation •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2017-12135
https://notcve.org/view.php?id=CVE-2017-12135
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Xen permite que usuarios locales invitados del sistema operativo provoquen una denegación de servicio (bloqueo) o que tengan la posibilidad de obtener información sensible u obtener privilegios mediante vectores relacionados con concesiones transitivas. • http://www.debian.org/security/2017/dsa-3969 http://www.openwall.com/lists/oss-security/2017/08/15/1 http://www.openwall.com/lists/oss-security/2017/08/17/6 http://www.openwall.com/lists/oss-security/2020/04/14/4 http://www.securityfocus.com/bid/100344 http://www.securitytracker.com/id/1039178 http://xenbits.xen.org/xsa/advisory-226.html https://bugzilla.redhat.com/show_bug.cgi?id=1477655 https://security.gentoo.org/glsa/201801-14 https://support.cit • CWE-682: Incorrect Calculation •