CVSS: 9.8EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4554 – kernel: xen: hypercalls exposed to privilege rings 1 and 2 of HVM guests
https://notcve.org/view.php?id=CVE-2013-4554
24 Dec 2013 — Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. Xen 3.0.3 a 4.1.x (posiblemente 4.1.6.1), 4.2.x (posiblemente 4.2.3), y 4.3.x (posiblemente 4.3.1) no previene correctamente acceso a hypercalls, lo cual permite a usuarios invitados locales obtener privilegios a través de la ejecución de una aplicación manipulada en e... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4368 – xen: information leak through outs instruction emulation (XSA-67)
https://notcve.org/view.php?id=CVE-2013-4368
17 Oct 2013 — The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register. La instrucción de emulación outs en Xen 3.1.x, 4.2.x, 4.3.x, y anteriores versiones, cuando se usa la anulación del segmento FS: o GS:, utiliza una variable sin inicializar como segmento... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2013-4355 – Kernel: Xen: Xsa-63: information leak via I/O instruction emulation
https://notcve.org/view.php?id=CVE-2013-4355
01 Oct 2013 — Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. Xen v4.3.x y anterior no maneja correctamente ciertos errores, lo que permite a invitados locales HVM conseguir la memoria de la pila del hypervisor a través de un puerto o escritura de memoria mapeada de I/O u otra operación no especificada relacionada c... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2011-2901 – kernel: xen: off-by-one shift in x86_64 __addr_ok()
https://notcve.org/view.php?id=CVE-2011-2901
27 Sep 2013 — Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits. Error de superación de límite (off-by-one) en la macro __addr_ok en Xen 3.3 y anteriores permite a administradores invitados locales 64 bit PV causar una denegación del servicio (caída del host) a través de hypercalls no especificadas que ignoran bits de direcciones virtuales. Multiple vulnerabilities... • http://rhn.redhat.com/errata/RHSA-2011-1212.html • CWE-193: Off-by-one Error CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-2195 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2013-2195
23 Aug 2013 — The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations. El analizador ELF (libelf) in Xen v4.2.x y anteriores permite a los administradores invitados locales con ciertos permisos, tener un impacto no especificado a través de un kernel hecho manipulado, en relación con "desreferencia de puntero" que involucran cálculos inesperados. Multipl... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-2194 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2013-2194
23 Aug 2013 — Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel. Múltiples desbordamientos de enteros en el analizador ELF (libelf) en Xen v4.2.x y anteriores permite a los administradores invitados locales con ciertos permisos, tener un impacto no especificado a través de un kernel hecho manipulado. Multiple vulnerabilities have been found in Xen, allowing attackers on a Xen Virtual M... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-2196 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2013-2196
23 Aug 2013 — Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195. Múltiples vulnerabilidades no especificadas en Elf parser (libelf) en Xen v4.2.x y anteriores permite a los administradores invitados locales con ciertos permisos, tener un impacto no especificado a través de un kernel hecho manipulado, en ... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html •
CVSS: 9.8EPSS: 0%CPEs: 27EXPL: 0CVE-2013-1917 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2013-1917
13 May 2013 — Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction. Xen 3.1 a la 4.x, cuando ejecuta hosts con arquitectura de 64 bits en CPUs Intel, no limpia la bandera NT cuan emplea una IRET después de una instrucción SYSENTER, lo que permite a usuarios PV provocar una denega... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 29EXPL: 0CVE-2013-1920 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2013-1920
12 Apr 2013 — Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain event channel tracking table, which causes a use-after-free and allows local guest kernels to inject arbitrary events and gain privileges via unspecified vectors. Xen v4.2.x, v4.1.x, y anteriores, cuando el hypervisor se está ejecutando "bajo presión de memoria" y el Módulo de Seguridad Xen (XSM) está activado,... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2013-0231 – kernel: xen: pciback DoS via not rate limited log messages
https://notcve.org/view.php?id=CVE-2013-0231
13 Feb 2013 — The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. NOTE: some of these details are obtained from third party information. La función pciback_enable_msi en el controlador PCI backend (drivers/xen/pciback/conf_space_capability_msi.c) en Xen para Linux kernel v2.6.18 y v3.8, permite que los usuari... • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •