CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2015-8555 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2015-8555
18 Mar 2016 — Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors. Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x y versiones anteriores no inicializa registros de memoria de pila x86 FPU y XMM cuando XSAVE/XRSTOR no se utilizan para gestionar el estado del registro extendido de invitado, lo que permite a dominios de i... • http://support.citrix.com/article/CTX203879 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.3EPSS: 0%CPEs: 37EXPL: 0CVE-2016-1571 – Debian Security Advisory 3519-1
https://notcve.org/view.php?id=CVE-2016-1571
22 Jan 2016 — The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check. La función paging_invlpg en include/asm-x86/paging.h en Xen 3.3.x hasta la versión 4.6.x, cuando se utiliza paginación en modo shadow o la virtualización anidada está habilitada, permite a us... • http://support.citrix.com/article/CTX205496 • CWE-17: DEPRECATED: Code •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2012-3494 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3494
23 Nov 2012 — The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register. La hiperllamada et_debugreg en include/asm-x86/debugreg.h en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando se ejecuta sobre systemas x86-64, permite a usuarios locales del SO invitado generar una... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2012-3495 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3495
23 Nov 2012 — The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors. La hypercall physdev_get_free_pirq en arch/x86/physdev.c en Xen v4.1.x y Citrix XenServer v6.0.2 y anteriores utiliza el val... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-3496 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3496
23 Nov 2012 — XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand. XENMEM_populate_physmap en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando el modo de traducción de página no se utiliza, permite a los kernels locales PV del SO invitado causar una denegación de servicio (caída d... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-16: Configuration •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-3498 – Gentoo Linux Security Advisory 201309-24
https://notcve.org/view.php?id=CVE-2012-3498
23 Nov 2012 — PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index. PHYSDEVOP_map_pirq en Xen v4.1 y v4.2 y Citrix XenServer v6.0.2 y anteriores permite a un kernel OS HVM invitado causar una denegación de servicio (caída del host) y posiblemente leer hipervisor o memoria mediante vectores relacionados con una falta de c... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-3516
https://notcve.org/view.php?id=CVE-2012-3516
23 Nov 2012 — The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location. La sub-operación GNTTABOP_swap_grant_ref en el "grant table hypercall" en Xen v4.2 y Citrix XenServer v6.0.2 permite a los kernels locales de invitado o administradores causar una denegación ... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.9EPSS: 88%CPEs: 20EXPL: 4CVE-2012-0217 – FreeBSD - Intel SYSRET Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-0217
12 Jun 2012 — The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a c... • https://packetstorm.news/files/id/152001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3262 – xen: insufficiencies in pv kernel image validation
https://notcve.org/view.php?id=CVE-2011-3262
19 Aug 2011 — tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service (management software infinite loop and management domain resource consumption) via unspecified vectors related to "Lack of error checking in the decompression loop." tools/libxc/xc_dom_bzimageloader.c en Xen v3.2, v3.3, v4.0 y v4.1 permite a usuarios locales provocar una denegación de servicio (bucle infinito de software de gestión y excesivo consumo de recursos en el administrador de dominios) a... • http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-1583 – xen: insufficiencies in pv kernel image validation
https://notcve.org/view.php?id=CVE-2011-1583
12 Aug 2011 — Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image that triggers (1) a buffer overflow during a decompression loop or (2) an out-of-bounds read in the loader involving unspecified length fields. Múltiples desbordamientos de entero en tools/libxc/xc_dom_bzimageloader.c en Xen v3.2, v3.3, v4.0, y v4.1 permite a usuarios locales provocar... • http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html • CWE-189: Numeric Errors •