CVSS: 6.3EPSS: 0%CPEs: 37EXPL: 0CVE-2016-1571 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-1571
22 Jan 2016 — The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. La función paging_invlpg en include/asm-x86/paging.h en Xen 3.3.x hasta la versión 4.6.x, cuando se utiliza paginación en modo shadow o la virtualización anidada está habilitada, permite a us... • http://support.citrix.com/article/CTX205496 • CWE-17: DEPRECATED: Code •
CVSS: 8.5EPSS: 0%CPEs: 30EXPL: 0CVE-2016-1570 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-1570
22 Jan 2016 — The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates. La funcionalidad superpage PV en arch/x86/mm.c en Xen 3.4.0, 3.4.1 y 4.1.x hasta la versión 4.6... • http://www.debian.org/security/2016/dsa-3519 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8615
https://notcve.org/view.php?id=CVE-2015-8615
08 Jan 2016 — The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to cause a denial of service via a large number of changes to the callback method (HVM_PARAM_CALLBACK_IRQ). La función hvm_set_callback_via en arch/x86/hvm/irq.c en Xen 4.6 no limita el número de mensajes de la consola de printk cuando inicia sesión el nuevo método de llamada de retorno, lo que permite a usuarios d... • http://www.securityfocus.com/bid/79644 • CWE-254: 7PK - Security Features •
CVSS: 4.4EPSS: 0%CPEs: 43EXPL: 0CVE-2015-8552 – Ubuntu Security Notice USN-2846-1
https://notcve.org/view.php?id=CVE-2015-8552
20 Dec 2015 — The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks." El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y utiliza Lin... • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8338 – Debian Security Advisory 3633-1
https://notcve.org/view.php?id=CVE-2015-8338
17 Dec 2015 — Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors. Xen 4.6.x y versiones anteriores no impone adecuadamente límites en órdenes de entrada ... • http://www.debian.org/security/2016/dsa-3633 • CWE-254: 7PK - Security Features •
CVSS: 6.2EPSS: 0%CPEs: 44EXPL: 0CVE-2015-8340 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2015-8340
17 Dec 2015 — The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host crash) via unspecified vectors, related to XENMEM_exchange error handling. La función memory_exchange en common/memory.c en Xen 3.2.x hasta la versión 4.6.x no devuelve adecuadamente páginas a un dominio, lo que podría permitir a administradores invitados del SO causar una denegación de servicio (interbloqueo o ca... • http://support.citrix.com/article/CTX203451 • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2015-8341 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2015-8341
17 Dec 2015 — The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows attackers to cause a denial of service (memory and disk consumption) by starting domains. La librería libxl toolstack en Xen 4.1.x hasta la versión 4.6.x no libera adecuadamente el mapeo de archivos utilizados como kernels y ramdisks iniciales cuando manejan múltiples dominios en el mismo proceso, lo que permi... • http://www.debian.org/security/2016/dsa-3519 • CWE-399: Resource Management Errors •
CVSS: 6.2EPSS: 0%CPEs: 44EXPL: 0CVE-2015-8339 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2015-8339
17 Dec 2015 — The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown. La función memory_exchange en common/memory.c en Xen 3.2.x hasta la versión 4.6.x no devuelve adecuadamente páginas a un dominio, lo que podría permitir a administradores invitados del SO causar una denegación de servicio (caída del host) a través de vec... • http://support.citrix.com/article/CTX203451 • CWE-19: Data Processing Errors •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-7812 – Debian Security Advisory 3414-1
https://notcve.org/view.php?id=CVE-2015-7812
17 Nov 2015 — The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface. La función hypercall_create_continuation en arch/arm/domain.c en Xen 4.4.x hasta la versión 4.6.x permite a usuarios locales invitados provocar una denegación de servicio (caída de host) a través de una hypercall a la interfaz multi llamada. Multiple security issues have been found in the Xen virt... • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html • CWE-254: 7PK - Security Features •
CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0CVE-2015-8104 – virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
https://notcve.org/view.php?id=CVE-2015-8104
16 Nov 2015 — The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c. El subsistema KVM en el kernel Linux hasta la versión 4.2.6, y Xen 4.3.x hasta la versión 4.6.x permite a usuarios del SO invitados causar una denegación de servicio (panic en el host del SO o cuelgue) desencadenando muchas excepciones #DB (también conocidas como Debug), relacionadas con s... • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •