CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2015-5154 – qemu: ide: atapi: heap overflow during I/O buffer memory access
https://notcve.org/view.php?id=CVE-2015-5154
27 Jul 2015 — Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. Desbordamiento del buffer basado en memoria dinámica en el subsistema IDE en QEMU, usado en Xen 4.5.x y versiones anteriores, cuando el contenedor tiene una unidad CDROM habilitada, permite a usuarios invitados locales ejecutar código arbitrario en el host a través de comandos AT... • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 37EXPL: 0CVE-2015-4164 – Debian Security Advisory 3286-1
https://notcve.org/view.php?id=CVE-2015-4164
15 Jun 2015 — The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set. La función compat_iret en Xen 3.1 hasta 4.5 itera en la dirección errónea a través de un bucle, lo que permite a administradores locales invitados de PV de 32 dits causar una denegación de servicio (bucle grande y cuelgue del sistema) a través de una llamada hypercall_ir... • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-2152 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2015-2152
18 Mar 2015 — Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support. Xen 4.5.x y anteriores capacita a ciertos backends por defecto cuando emula un dispositivo VGA para una gemu invita... • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2015-2044 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2015-2044
11 Mar 2015 — The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size. Las rutinas de emulación para dispositivos X86 no especificados en Xen 3.2.x hasta 4.5.x no inicializa correctamente los datos, lo que permite a usuarios locales invitados HVM obtener información sensible a través de vectores que involucran un tamaño de acceso no soportado. Multiple... • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2015-2045 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2015-2045
11 Mar 2015 — The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors. La hiperllamada HYPERVISOR_xen_version en Xen 3.2.x hasta 4.5.x ni inicializa correctamente las estructuras de datos, lo que permite a usuarios locales invitados obtener información sensible a través de vectores no especificados. Multiple vulnerabilities have been found in Xen, the worst of which can allow remote... • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2015-2151 – xen: hypervisor memory corruption due to x86 emulator flaw (xsa123)
https://notcve.org/view.php?id=CVE-2015-2151
11 Mar 2015 — The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors. El emulador x86 en Xen 3.2.x hasta 4.5.x no ignora correctamente las anulaciones de segmentos para instrucciones con operandos del registro, lo que permite a usuarios locales invitados obtener información sensible... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9065 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2014-9065
09 Dec 2014 — common/spinlock.c in Xen 4.4.x and earlier does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability to CVE-2014-9066. common/spinlock.c en Xen 4.4.x y anteriores no maneja correctamente los bloqueos de lectura y escritura, lo que permite a usuarios locales invitados de x86 causar una denegación de servicio (denegación de escritura o fin de... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html • CWE-17: DEPRECATED: Code •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-9066 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2014-9066
09 Dec 2014 — Xen 4.4.x and earlier, when using a large number of VCPUs, does not properly handle read and write locks, which allows local x86 guest users to cause a denial of service (write denial or NMI watchdog timeout and host crash) via a large number of read requests, a different vulnerability than CVE-2014-9065. Xen 4.4.x y versiones anteriores, cuando utiliza un gran número de VCPUs, no maneja adecuadamente los bloqueos de lectura y escritura, lo que permite a usuarios invitados x86 locales causar una denegación ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html • CWE-17: DEPRECATED: Code •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2014-8867 – xen: Insufficient bounding of "REP MOVS" to MMIO emulated inside the hypervisor (xsa112)
https://notcve.org/view.php?id=CVE-2014-8867
01 Dec 2014 — The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, 3.2.x, and earlier lacks properly bounds checking for memory mapped I/O (MMIO) emulated in the hypervisor, which allows local HVM guests to cause a denial of service (host crash) via unspecified vectors. El soporte de aceleración para la instrucción 'REP MOVS' en Xen 4.4.x, 3.2.x, y anteriores falla en la comprobación correcta de los límites para entrada/salida del mapeado de memoria (memory mapped I/O, MMIO) emulado en el hipervisor, lo ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 • CWE-17: DEPRECATED: Code •
CVSS: 7.5EPSS: 2%CPEs: 35EXPL: 0CVE-2014-9030 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2014-9030
24 Nov 2014 — The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE. La función do_mmu_update en arch/x86/mm.c en Xen 3.2.x hasta 4.4.x no maneja debidamente las referencias de páginas, lo que permite a dominios remotos causar una denegación de servicio mediante el aprovechamiento del control sobre un invitado HVM y un MMU_MACHPHYS_UP... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html • CWE-20: Improper Input Validation •