Page 23 of 160 results (0.008 seconds)

CVSS: 3.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-3158

https://notcve.org/view.php?id=CVE-2016-3158

The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-2076. La función xrstor en arch/x86/xstate.c en Xen 4.x no maneja correctamente escrituras al bit FSW.ES hardware cuando se ejecuta en procesadores AMD64, lo que permite a usuarios locales del SO invitado obtener información sensible del contenido de registro de otro invitado aprovechando una excepción pendiente y bits de máscara. NOTA: esta vulnerabilidad existe por una solución incorrecta para CVE-2013-2076. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181699.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181729.html http://support.citrix.com/article/CTX209443 http://www.debian.org/security/2016/dsa-3554 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/85714 http://www.securitytracker.com/id/1035435 http://xenbits.xen.org/xsa/advisory-172.html http://xenbits.xen.org/xsa/xsa172-4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2016-2270

https://notcve.org/view.php?id=CVE-2016-2270

Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings. Xen 4.6.x y versiones anteriores permite a administradores invitados locales provocar una denegación de servicio (reinicio de host) a través de vectores relacionados con múltiples mapeos de páginas MMIO con diferentes ajustes de cacheado. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177990.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178518.html http://www.debian.org/security/2016/dsa-3519 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securitytracker.com/id/1035042 http://xenbits.xen.org/xsa/advisory-154.html https://security.gentoo.org/glsa/201604-03 • CWE-20: Improper Input Validation •

CVSS: 4.4EPSS: 0%CPEs: 43EXPL: 0

CVE-2015-8552

https://notcve.org/view.php?id=CVE-2015-8552

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks." El controlador backend PCI en Xen, cuando se ejecuta en un sistema x86 y utiliza Linux 3.1.x hasta la versión 4.3.x como dominio de controlador, permite a administradores locales invitados generar un flujo continuo de mensajes WARN y provocar una denegación de servicio (consumo de disco) aprovechando un sistema con acceso a un dispositivo físico PCI capaz de pasar a través de MSI o MSI-X y operaciones XEN_PCI_OP_enable_msi, también conocido como "Lenux pciback missing sanity checks". • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2016-08 • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-8338

https://notcve.org/view.php?id=CVE-2015-8338

Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors. Xen 4.6.x y versiones anteriores no impone adecuadamente límites en órdenes de entrada de página para las suboperaciones (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange y posiblemente otra HYPERVISOR_memory_op, lo que permite a administradores ARM invitados del SO causar una denegación de servicio (consumo de CPU, reinicio de invitado o tiempo de watchdog excedido o reinicio host) y posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://www.debian.org/security/2016/dsa-3633 http://www.securityfocus.com/bid/78920 http://www.securitytracker.com/id/1034390 http://xenbits.xen.org/xsa/advisory-158.html • CWE-254: 7PK - Security Features •

CVSS: 4.7EPSS: 0%CPEs: 44EXPL: 0

CVE-2015-8339

https://notcve.org/view.php?id=CVE-2015-8339

The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host crash) via unspecified vectors related to domain teardown. La función memory_exchange en common/memory.c en Xen 3.2.x hasta la versión 4.6.x no devuelve adecuadamente páginas a un dominio, lo que podría permitir a administradores invitados del SO causar una denegación de servicio (caída del host) a través de vectores no especificados relacionados con un desensamblaje de dominio. • http://support.citrix.com/article/CTX203451 http://www.debian.org/security/2016/dsa-3519 http://www.securityfocus.com/bid/79038 http://www.securitytracker.com/id/1034391 http://xenbits.xen.org/xsa/advisory-159.html https://security.gentoo.org/glsa/201604-03 • CWE-19: Data Processing Errors •