CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14317 – Debian Security Advisory 4050-1
https://notcve.org/view.php?id=CVE-2017-14317
12 Sep 2017 — A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any parts of the system relying on it (including domain creation / destruction, ballooning, device changes, etc.). Se ha descubierto un problema de limpieza de dominio en el demonio C xenstore (también conocido como cxenstored) en Xen hasta la versión 4.9.x. Cuando s... • http://www.securityfocus.com/bid/100826 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2017-14318 – Debian Security Advisory 4050-1
https://notcve.org/view.php?id=CVE-2017-14318
12 Sep 2017 — An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for the page in question. However, the function does not check to see if the owning domain actually has a grant table or not. • http://www.securityfocus.com/bid/100817 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2017-12136 – Gentoo Linux Security Advisory 201801-14
https://notcve.org/view.php?id=CVE-2017-12136
24 Aug 2017 — Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling. Una condición de carrera en el código de tabla de concesiones en Xen 4.6.x a 4.9.x permite que administradores invitados locales del sistema operativo provoquen una denegación de servicio (corrupción de lista libre y bloqueo del host) o que obtengan beneficios... • http://www.debian.org/security/2017/dsa-3969 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2017-12855
https://notcve.org/view.php?id=CVE-2017-12855
15 Aug 2017 — Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. A guest is expected not to modify the grant details while it is in use, whereas the guest is free to modify/reuse the grant entry when it is not in use. Under some circumstances, Xen will clear the status bits too early, incorrectly informing the guest that the grant is no longer in use. A guest may prematurely believe that a granted frame is safely private again, and reuse it in a way which contains sensi... • http://www.debian.org/security/2017/dsa-3969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10919
https://notcve.org/view.php?id=CVE-2017-10919
05 Jul 2017 — Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. Xen hasta la versión 4.8.x, maneja inapropiadamente la inyección de interrupción virtual, que permite a los usuarios del sistema operativo invitado causar una denegación de servicio (bloqueo del hypervisor), también se conoce como XSA-223. • http://www.debian.org/security/2017/dsa-3969 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-10913 – Gentoo Linux Security Advisory 201710-17
https://notcve.org/view.php?id=CVE-2017-10913
05 Jul 2017 — The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1. La característica de tabla grant en Xen, hasta las versiones 4.8.x, ofrece información de mapeo falsa en ciertos casos de llamadas simultáneas de desasignación, lo que permite que atacantes del backend obtengan información sensible o adquieran privilegios. Esto también se conoce como X... • http://www.debian.org/security/2017/dsa-3969 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-10923
https://notcve.org/view.php?id=CVE-2017-10923
05 Jul 2017 — Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. Xen hasta la versión 4.8.x, no comprueba un índice de matriz vCPU sobre el envío de un SGI, lo que permite a los usuarios del sistema operativo invitado causar una denegación de servicio (bloqueo del hypervisor), también se conoce como XSA-225. • http://www.securityfocus.com/bid/99160 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2017-10916
https://notcve.org/view.php?id=CVE-2017-10916
05 Jul 2017 — The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220. La implementación context-switch de vCPU en Xen hasta la versión 4.8.x, interactúa inapropiadamente con las funcionalidades Memory Protection Extensions (MPX) y Protection Key (PKU), lo que facilita a los usuarios del sistema operativo invitado super... • http://www.debian.org/security/2017/dsa-3969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10915 – Gentoo Linux Security Advisory 201710-17
https://notcve.org/view.php?id=CVE-2017-10915
05 Jul 2017 — The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. La característica de shadow-paging en Xen, hasta las versiones 4.8.x, gestiona de manera incorrecta referencias de páginas y, en consecuencia, introduce una condición de carrera, lo que permite que los usuarios invitados del sistema operativo obtengan privilegios Xen. Esto también se conoce como XSA-219. Multiple vulnerabil... • http://www.debian.org/security/2017/dsa-3969 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10914 – Gentoo Linux Security Advisory 201710-17
https://notcve.org/view.php?id=CVE-2017-10914
05 Jul 2017 — The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2. La característica de tabla grant en Xen, hasta las versiones 4.8.x, incluye una condición de carrera que da lugar a una doble liberación (double free). Esto permite que los usuarios invitados del sistema operativo provoquen una denegación de servicio (consumo d... • http://www.debian.org/security/2017/dsa-3969 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free •