CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2013-4355 – Kernel: Xen: Xsa-63: information leak via I/O instruction emulation
https://notcve.org/view.php?id=CVE-2013-4355
01 Oct 2013 — Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. Xen v4.3.x y anterior no maneja correctamente ciertos errores, lo que permite a invitados locales HVM conseguir la memoria de la pila del hypervisor a través de un puerto o escritura de memoria mapeada de I/O u otra operación no especificada relacionada c... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 16EXPL: 0CVE-2013-1442 – Debian Security Advisory 3006-1
https://notcve.org/view.php?id=CVE-2013-1442
30 Sep 2013 — Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers. Xen 4.0 a 4.3.x, cuando se usan CPUs con capacidad AVX o LWP, no borra apropiadamente datos anteriores de registros al usar XSAVE o XRSTOR para extender el estado de los com... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-3495 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2013-3495
28 Aug 2013 — The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI). El motor Intel VT-d Interrupt Remapping en Xen 3.3.x a la 4.3.x permite a invitados (guest) locales provocar una denegación de servicio (kernel panic) a través de un Message Signaled Interrupt (MSI) mal for... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.7EPSS: 0%CPEs: 23EXPL: 0CVE-2013-2212 – Gentoo Linux Security Advisory 201504-04
https://notcve.org/view.php?id=CVE-2013-2212
28 Aug 2013 — The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range. La función vmx_set_uc_mode en Xen 3.3 hasta la versión 4.3, al deshabilitar cachés, permite a invitados HVM locales con a las regiones I/O asignadas a la memoria provocar una denegación de servicio (consumo de CPU y posiblemente pánico de hypervisor o d... • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •