CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7814 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7814
30 Oct 2015 — Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using XENMEM_decrease_reservation to reduce the memory of the domain. Condición de carrera en la función relinquish_memory en arch/arm/domain.c en Xen 4.6.x y versiones anteriores permite a dominios locales con control parcial de la gestión provocar una denegación de ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2015-7835 – Debian Security Advisory 3390-1
https://notcve.org/view.php?id=CVE-2015-7835
30 Oct 2015 — The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. La función mod_l2_entry en arch/x86/mm.c en Xen 3.4 hasta la versión 4.6.x no valida correctamente las entradas de la tabla de paginación de nivel 2, lo que permite a administradores invitados PV locales obtener privilegios a través de un mapeo de superpage manipulado. It was discovered that t... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2015-7969 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7969
30 Oct 2015 — Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated using the (1) XEN_DOMCTL_max_vcpus hypercall or the xenoprofile state vcpu pointer array allocated using the (2) XENOPROF_get_buffer or (3) XENOPROF_set_passive hypercall. Fugas de memoria múltiples en Xen 4.0 hasta la versión 4.6.x permite a administradores local... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 37EXPL: 0CVE-2015-7971 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7971
30 Oct 2015 — Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c. Xen 3.2.x hasta la versión 4.6.x no limita el número de m... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-19: Data Processing Errors •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2015-7972 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7972
30 Oct 2015 — The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure." La función (1) libxl_set_memory_target en tools/libxl/libxl.c y (2) libxl__build_post en tools/libxl/libxl_dom.c en Xen 3.4.x hast... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0CVE-2015-7311 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7311
01 Oct 2015 — libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. libxl en Xen 4.1.x hasta la versión 4.6.x no maneja correctamente el indicador de solo lectura en los discos cuando se utiliza el dispositivo modelo qemu-xen, lo que permite a usuarios invitados locales escribir a una imagen de disco de sólo lectura. Multiple security issues have been found in the Xen virtualisation solu... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167077.html • CWE-17: DEPRECATED: Code •
CVSS: 9.3EPSS: 0%CPEs: 65EXPL: 0CVE-2015-5165 – Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)
https://notcve.org/view.php?id=CVE-2015-5165
12 Aug 2015 — The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. Vulnerabilidad en la emulación de modo offload C+ en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, tal y como se utiliza en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria dinámica del proceso a través de vectores no especificados. An information leak flaw was found in the wa... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-5166 – Ubuntu Security Notice USN-2724-1
https://notcve.org/view.php?id=CVE-2015-5166
12 Aug 2015 — Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. Vulnerabilidad de uso después de liberación en la memoria en QEMU en Xen 4.5.x y versiones anteriores, no desconecta completamente los dispositivos de bloque emulados, lo que permite a usuarios invitados HVM locales obtener privilegios desconectando un dispositivo de bloque dos veces. It was discovered that ... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2015-5154 – qemu: ide: atapi: heap overflow during I/O buffer memory access
https://notcve.org/view.php?id=CVE-2015-5154
27 Jul 2015 — Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands. Desbordamiento del buffer basado en memoria dinámica en el subsistema IDE en QEMU, usado en Xen 4.5.x y versiones anteriores, cuando el contenedor tiene una unidad CDROM habilitada, permite a usuarios invitados locales ejecutar código arbitrario en el host a través de comandos AT... • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-3259 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-3259
16 Jul 2015 — Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. Desbordamiento del buffer basado en pila en la utilidad xl command line en Xen 4.1.x hasta 4.5.x permite administradores invitados locales obtener privilegios a través de un argumento largo de configuración. Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information ... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html • CWE-264: Permissions, Privileges, and Access Controls •