CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2012-5513 – kernel: xen: XENMEM_exchange may overwrite hypervisor memory
https://notcve.org/view.php?id=CVE-2012-5513
04 Dec 2012 — The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range. El manejador XENMEM_exchange en Xen v4.2 y anteriores no comprueba correctamente la dirección de memoria, lo que permite causar una denegación de servicio (caída del S.O.) a administrador de sistemas operativos invitados PV o ... • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00000.html • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-4535 – kernel: xen: VCPU timer overflow leads to PCPU deadlock and host death-by-watchdog
https://notcve.org/view.php?id=CVE-2012-4535
16 Nov 2012 — Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." Xen 3.4 hasta 4.2 y posiblemente versiones anteriores permite a los administradores de sistemas operativos clientes locales causar una denegación de servicio (bucle infinito en Xen y consumo de CPU física), configurando un VCPU con una "fecha límite inapropiada". These packages contain the Li... • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-4537 – kernel: xen: Memory mapping failure can crash Xen
https://notcve.org/view.php?id=CVE-2012-4537
16 Nov 2012 — Xen 3.4 through 4.2, and possibly earlier versions, does not properly synchronize the p2m and m2p tables when the set_p2m_entry function fails, which allows local HVM guest OS administrators to cause a denial of service (memory consumption and assertion failure), aka "Memory mapping failure DoS vulnerability." Xen v3.4 hasta v4.2 y posiblemente versiones anteriores, no sincroniza correctamente las tablas p2m y m2p cuando la función set_p2m_entry falla, lo que permite a los administradores de sistemas operat... • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html • CWE-16: Configuration •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-4544 – xen: Xen domain builder Out-of-memory due to malicious kernel/ramdisk
https://notcve.org/view.php?id=CVE-2012-4544
31 Oct 2012 — The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (a) kernel or (b) ramdisk. El PV domain builder en Xen 4.2 y anteriores, no valida el tamaño del kernel o del ramdisk(1) antes o (2) después de la descompresión, lo que permite a administradores locales de los sistemas huésped provocar una denegación de servicio ... • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091832.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 1CVE-2012-3432 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3432
20 Aug 2012 — The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations emulator for Xen 3.3 and 4.x, when running an HVM guest, does not properly reset certain state information between emulation cycles, which allows local guest OS users to cause a denial of service (guest OS crash) via unspecified operations on MMIO regions. La función handle_mmio en arch/x86/hvm/io.c en el emulador de operaciones MMIO para Xen v3.3 y v4.x, cuando se ejecuta un HVM huesped, no reinicia correctamente la información de estado ... • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2012-0218 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-0218
24 Jun 2012 — Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler for a syscall or sysenter instruction, does not properly clear a flag for exception injection when injecting a General Protection Fault, which allows local PV guest OS users to cause a denial of service (guest crash) by later triggering an exception that would normally be handled within Xen. Xen v3.4, v4.0 y v4.1, cuando en el sistema operativo huésped no se ha registrado un controlador para una instrucción syscall o sysenter, no limpia c... • http://lists.xen.org/archives/html/xen-announce/2012-06/msg00003.html •
CVSS: 7.9EPSS: 88%CPEs: 20EXPL: 5CVE-2012-0217 – FreeBSD Intel SYSRET Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0217
12 Jun 2012 — The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a c... • https://packetstorm.news/files/id/152001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2011-3131 – kernel: xen: IOMMU fault livelock
https://notcve.org/view.php?id=CVE-2011-3131
20 Oct 2011 — Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock. Xen v4.1.1 y anteriores permite causar una denegación de servicio (consumo de CPU y bloqueo de Xen) a los kernels de sistemas operativos huesped que controlan dispositivos PCI[E] a través de muchas peticiones DMA modificadas que son denegadas por la IOMMU, lo que desencadena un b... • http://old-list-archives.xen.org/archives/html/xen-devel/2011-06/msg01106.html • CWE-399: Resource Management Errors •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3262 – xen: insufficiencies in pv kernel image validation
https://notcve.org/view.php?id=CVE-2011-3262
19 Aug 2011 — tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop." tools/libxc/xc_dom_bzimageloader.c en Xen v3.2, v3.3, v4.0 y v4.1 permite a usuarios locales provocar una denegación de servicio (bucle infinito de software de gestión y excesivo consumo de recursos en el administrador de dominios) a... • http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-1583 – xen: insufficiencies in pv kernel image validation
https://notcve.org/view.php?id=CVE-2011-1583
12 Aug 2011 — Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. Múltiples desbordamientos de entero en tools/libxc/xc_dom_bzimageloader.c en Xen v3.2, v3.3, v4.0, y v4.1 permite a usuarios locales provocar... • http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html • CWE-189: Numeric Errors •