CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 0CVE-2016-4962 – Debian Security Advisory 3633-1
https://notcve.org/view.php?id=CVE-2016-4962
07 Jun 2016 — The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore. libxl device-handling en Xen 4.6.x y versiones anteriores permite a administradores locales invitados de SO provocar una denegación de servicio (consumo de recurso o confusión de facilidad de gestión) u obtener privilegios de anfitrión de SO man... • http://www.debian.org/security/2016/dsa-3633 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.6EPSS: 0%CPEs: 12EXPL: 0CVE-2016-5242 – Debian Security Advisory 3633-1
https://notcve.org/view.php?id=CVE-2016-5242
07 Jun 2016 — The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding references to them, related to VMID exhaustion. La función p2m_teardown en arch/arm/p2m.c en Xen 4.4.x hasta la versión 4.6.x permite a usuarios locales invitados del SO con acceso al dominio del controlador provocar una denegación de servicio (referencia a punte... • http://www.debian.org/security/2016/dsa-3633 •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4480 – Debian Security Advisory 3633-1
https://notcve.org/view.php?id=CVE-2016-4480
18 May 2016 — The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory. La función guest_walk_tables en arch/x86/mm/guest_walk en Xen 4.6.x y versiones anteriores no maneja adecuadamente el bit de entrada a la tabla de página Page Size (PS) en los niveles de tabla de página L4 y L3, lo que podría permitir a... • http://www.debian.org/security/2016/dsa-3633 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-3159 – Debian Security Advisory 3554-1
https://notcve.org/view.php?id=CVE-2016-3159
13 Apr 2016 — The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076. La función fpu_fxrstor en arch/x86/i387.c en Xen 4.x no maneja correctamente escrituras al bit FSW.ES hardware cuando se ejecuta en proc... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8554 – Gentoo Linux Security Advisory 201604-03
https://notcve.org/view.php?id=CVE-2015-8554
06 Apr 2016 — Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to a passed-through MSI-X capable physical PCI device and MSI-X table entries, related to a "write path." Desbordamiento de buffer en hw/pt-msi.c en Xen 4.6.x y versiones anteriores, cuando se utiliza el modelo de dispositivo qemu-xen-traditional (también conocido como qemu-dm), permite a admin... • http://support.citrix.com/article/CTX203879 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2015-8555 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2015-8555
18 Mar 2016 — Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors. Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x y versiones anteriores no inicializa registros de memoria de pila x86 FPU y XMM cuando XSAVE/XRSTOR no se utilizan para gestionar el estado del registro extendido de invitado, lo que permite a dominios de i... • http://support.citrix.com/article/CTX203879 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-2270 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-2270
19 Feb 2016 — Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. Xen 4.6.x y versiones anteriores permite a administradores invitados locales provocar una denegación de servicio (reinicio de host) a través de vectores relacionados con múltiples mapeos de páginas MMIO con diferentes ajustes de cacheado. Multiple security issues have been found in the Xen virtualisation solution, which... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-2271 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-2271
19 Feb 2016 — VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP. VMX en Xen 4.6.x y versiones anteriores, cuando utiliza una CPU Intel o Cyrix, permite a usuarios invitados HVM locales provocar una denegación de servicio (caída de invitado) a través de vectores relacionados con una RIP no canónica. Multiple security issues have been found in the Xen virtualisation solution, which may result in ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html •
CVSS: 8.5EPSS: 0%CPEs: 30EXPL: 0CVE-2016-1570 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-1570
22 Jan 2016 — The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier (MFN) to the (1) MMUEXT_MARK_SUPER or (2) MMUEXT_UNMARK_SUPER sub-op in the HYPERVISOR_mmuext_op hypercall or (3) unknown vectors related to page table updates. La funcionalidad superpage PV en arch/x86/mm.c en Xen 3.4.0, 3.4.1 y 4.1.x hasta la versión 4.6... • http://www.debian.org/security/2016/dsa-3519 • CWE-20: Improper Input Validation •
CVSS: 6.3EPSS: 0%CPEs: 37EXPL: 0CVE-2016-1571 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-1571
22 Jan 2016 — The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. La función paging_invlpg en include/asm-x86/paging.h en Xen 3.3.x hasta la versión 4.6.x, cuando se utiliza paginación en modo shadow o la virtualización anidada está habilitada, permite a us... • http://support.citrix.com/article/CTX205496 • CWE-17: DEPRECATED: Code •