CVE-2014-4021 – xen: Hypervisor heap contents leaked to guests (xsa-100)
https://notcve.org/view.php?id=CVE-2014-4021
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. Xen 3.2.x hasta 4.4.x no limpia debidamente las páginas de memoria recuperadas de invitados, lo que permite a usuarios locales del sistema operativo invitado obtener información sensible a través de vectores no especificados. It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. • http://linux.oracle.com/errata/ELSA-2014-0926-1.html http://linux.oracle.com/errata/ELSA-2014-0926.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/59208 http://secunia.com/advisories/60027 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') •
CVE-2014-1893
https://notcve.org/view.php?id=CVE-2014-1893
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1891, CVE-2014-1892, and CVE-2014-1894. Múltiples desbordamientos de enteros en las suboperaciones (1) FLASK_GETBOOL y (2) FLASK_SETBOOL en la hiperllamada flask hypercall en Xen 4.1.x, 3.3.x, 3.2.x y anteriores, cuando XSM está habilitado, permiten a usuarios locales causar una denegación de servicio (fallo de procesador) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-1891, CVE-2014-1892 y CVE-2014-1894. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2014/02/07/12 http://www.openwall.com/lists/oss-security/2014/02/07/4 http://www.openwall.com/lists/oss-security/2014/02/10/8 http://xenbits.xen.org/xsa • CWE-189: Numeric Errors •
CVE-2014-1892
https://notcve.org/view.php?id=CVE-2014-1892
Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a "large memory allocation," a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894. Xen 3.3 hasta 4.1, cuando XSM está habilitada, permite a usuarios locales causar una denegación de servicio a través de vectores relacionados con una reserva de memoria grande, una vulnerabilidad diferente a CVE-2014-1891, CVE-2014-1893 y CVE-2014-1894. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2014/02/07/12 http://www.openwall.com/lists/oss-security/2014/02/07/4 http://www.openwall.com/lists/oss-security/2014/02/10/8 http://xenbits.xen.org/xsa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2014-1891
https://notcve.org/view.php?id=CVE-2014-1891
Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different vulnerability than CVE-2014-1892, CVE-2014-1893, and CVE-2014-1894. Múltiples desbordamiento de enteros en las suboperaciones (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER y (4) FLASK_CONTEXT_TO_SID en la hiperllamada flask en Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x y anteriores, cuando XSM está habilitado, permiten a usuarios locales causar una denegación de servicio (fallo de procesador) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-1892, CVE-2014-1893 y CVE-2014-1894. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2014/02/07/12 http://www.openwall.com/lists/oss-security/2014/02/07/4 http://www.openwall.com/lists/oss-security/2014/02/10/8 http://xenbits.xen.org/xsa • CWE-189: Numeric Errors •
CVE-2013-4554 – kernel: xen: hypercalls exposed to privilege rings 1 and 2 of HVM guests
https://notcve.org/view.php?id=CVE-2013-4554
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. Xen 3.0.3 a 4.1.x (posiblemente 4.1.6.1), 4.2.x (posiblemente 4.2.3), y 4.3.x (posiblemente 4.3.1) no previene correctamente acceso a hypercalls, lo cual permite a usuarios invitados locales obtener privilegios a través de la ejecución de una aplicación manipulada en el anillo 1 o el anillo 2. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://rhn.redhat.com/errata/RHSA-2014-0285.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists • CWE-264: Permissions, Privileges, and Access Controls •