CVSS: 6.0EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4554 – kernel: xen: hypercalls exposed to privilege rings 1 and 2 of HVM guests
https://notcve.org/view.php?id=CVE-2013-4554
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. Xen 3.0.3 a 4.1.x (posiblemente 4.1.6.1), 4.2.x (posiblemente 4.2.3), y 4.3.x (posiblemente 4.3.1) no previene correctamente acceso a hypercalls, lo cual permite a usuarios invitados locales obtener privilegios a través de la ejecución de una aplicación manipulada en el anillo 1 o el anillo 2. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://rhn.redhat.com/errata/RHSA-2014-0285.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.2EPSS: 0%CPEs: 23EXPL: 0CVE-2013-4553
https://notcve.org/view.php?id=CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock). La hypercall XEN_DOMCTL_getmemlist en Xen 3.4.x a 4.3.x (posiblemente 4.3.1) no obtiene siempre los bloqueos page_alloc_lock y mm_rwlock en el mismo orden, lo cual permite a administradores locales invitados causar denegación de servicio (bloqueo del host). • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/11/26/8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-6400
https://notcve.org/view.php?id=CVE-2013-6400
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors. En Xen 4.2.x y 4.3.x, al utilizar Intel VT-d y un dispositivo PCI asignado, no borra el indicador que suprime vocados de IOMMU TLB cuando se producen errores no especificados, que hace que entradas de la TLB no sean eliminadas y permite a los locales administradores de invitados para causar una denegación de servicio (caída de host) o ganar privilegios a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html http://secunia.com/advisories/55932 http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/12/10/7 http://www.securitytracker.com/id/10 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.7EPSS: 0%CPEs: 6EXPL: 0CVE-2013-4551
https://notcve.org/view.php?id=CVE-2013-4551
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execution." Xen 4.2.x y 4.3.x, cuando la virtualización anidada es desactivada, no comprueba correctamente las rutas de emulación para VMLAUNCH y (2) VMRESUME, lo que permite a usuarios HVM locales provocar una denegación de servicio (cierre del host) a través de vectores sin especificar, relacionados con "ejecución de instrucción VMX en invitado". • http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://secunia.com/advisories/55398 http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/11/11/1 http://www.securityfocus.com/bid/63625 http://www.securitytracker.com/id/1029313 https://exchange.xforce.ibmcloud.com/vulnerabilities/88649 • CWE-20: Improper Input Validation •
CVSS: 5.2EPSS: 0%CPEs: 13EXPL: 0CVE-2013-4416
https://notcve.org/view.php?id=CVE-2013-4416
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. La aplicación Ocaml xenstored (oxenstored) en Xen 4.1.x, 4.2.x, y 4.3.x permite dominios locales de clientes provocar una denegación de servicio (dominio apagado) a través de un mensaje grande de respuesta. • http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://osvdb.org/99072 http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/10/29/5 http://www.securityfocus.com/bid/63404 http://www.securitytracker.com/id/1029264 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •