Page 2 of 16 results (0.010 seconds)

CVSS: 3.2EPSS: 0%CPEs: 1EXPL: 0

Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors. Un error índice de matriz en el controlador de HVMOP_set_mem_access en Xen v4.1 permite causar una denegación de servicio (caída del S.O.) u obtener información sensible a los administradores de sistemas operativos invitados en el HVM local a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://secunia.com/advisories/51397 http://secunia.com/advisories/51486 http://secunia.com/advisories/51487 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml h • CWE-16: Configuration •

CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0

PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. PHYSDEVOP_map_pirq en Xen v4.1 y v4.2 y Citrix XenServer v6.0.2 y anteriores permite a un kernel OS HVM invitado causar una denegación de servicio (caída del host) y posiblemente leer hipervisor o memoria mediante vectores relacionados con una falta de comproebación de map->index. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html http://osvdb.org/85198 http://secunia.com/advisories/ • CWE-20: Improper Input Validation •

CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0

The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location. La sub-operación GNTTABOP_swap_grant_ref en el "grant table hypercall" en Xen v4.2 y Citrix XenServer v6.0.2 permite a los kernels locales de invitado o administradores causar una denegación de servicio (caída del host) y, posiblemente, obtener privilegios a través de una referencia manipulada que genera una escritura en una ubicación en memoria del hipervisor • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html http://secunia.com/advisories/50472 http://secunia.com/advisories/50530 http://support.citrix.com/article/CTX134708 http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking http://www.openwall.com/lists/oss-security/2012/09/05/11 http://www.securityfocus.com/bid/55411 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0

The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors. La hypercall physdev_get_free_pirq en arch/x86/physdev.c en Xen v4.1.x y Citrix XenServer v6.0.2 y anteriores utiliza el valor devuelto por la función get_free_pirq como un índice de la matriz sin comprobar que el valor de retorno indica un error, permitiendo a los huéspedes del OS invitado causar una denegación de servicio (escritura de memoria no válidas y caída del host) y, posiblemente, obtener privilegios a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html http://secunia.com/advisories/51413 http://secunia.com&#x • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. Citrix XenServer versiones 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0 y 5.0 Update 3, contiene una vulnerabilidad de Escalada de Privilegios Locales que podría permitir a usuarios locales con acceso a un sistema operativo invitado alcanzar privilegios elevados. • http://www.securityfocus.com/bid/55432 • CWE-269: Improper Privilege Management •