Page 43 of 266 results (0.010 seconds)

CVSS: 4.7EPSS: 0%CPEs: 10EXPL: 0

Xen 4.x, when downgrading the grant table version, does not properly remove the status page from the tracking list when freeing the page, which allows local guest OS administrators to cause a denial of service (hypervisor crash) via unspecified vectors. Xen v4.x, cuando se baja la versión de la tabla de permisos, no elimina correctamente la página de estado de la lista de seguimiento cuando libera la página, lo que permite causar una denegación de servicio (caída del hipervisor) a los administradores de sistemas operativos huespedes del HVM local a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html http •

CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0

The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value. Las hiperllamadas (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, y (3) XENMEM_exchange en Xen v4.2 y anteriores permiten a los administradores invitados locales causar una denegación de servicio (bucle largo y cuelgue) a través de un valor modificado de "extent_order". • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04 •

CVSS: 7.4EPSS: 0%CPEs: 27EXPL: 0

The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range. El manejador XENMEM_exchange en Xen v4.2 y anteriores no comprueba correctamente la dirección de memoria, lo que permite causar una denegación de servicio (caída del S.O.) a administrador de sistemas operativos invitados PV o posiblemente obtener privilegios a través de vectores no especificados que sobrescriben memoria en rangos del hipervisor reservados. • http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not properly check the pagetable state when running on shadow pagetables, which allows a local HVM guest OS to cause a denial of service (hypervisor crash) via unspecified vectors. La llamada HVMOP_pagetable_dying en Xen v4.0, v4.1, y v4.2 no comprueba correctamente el estado "pagetable" cuando se ejecuta en "shadow pagetables", lo que permite a un sistema operativo HVM de invitado causar una denegación de servicio (caída del hipervisor) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.xen.org/archives/html/xen-announce/2012-11&#x • CWE-20: Improper Input Validation •

CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0

The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tmemc_restore_flush_page functions in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 do not check for negative id pools, which allows local guest OS users to cause a denial of service (memory corruption and host crash) or possibly execute arbitrary code via unspecified vectors. NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others. Las funciones (1) memc_save_get_next_page, (2) tmemc_restore_put_page y (3) tmemc_restore_flush_page en el Transcendent Memory (TMEM) en Xen v4.0, v4.1, y v4.2 no comprueba los pools de id negativos, lo que permite a usuarios del SO de invitado provocar una denegación de servicio (corrupción de memoria y caída del host) o posiblemente ejecutar código arbitrario a través de vectores no especificados. NOTA: este problema se publicó originalmente como parte de CVE-2012-3497, que era demasiado general; CVE-2012-3497 se ha dividido en este ID y otros. • http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html http://osvdb.org/85199 http://secunia.com/advisories/50472 http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.securityfocus.com/bid/55410 http://www.securitytracker.com/id?1027482 https://exchange.xforce.ibmcloud& • CWE-264: Permissions, Privileges, and Access Controls •