CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0CVE-2015-2044
https://notcve.org/view.php?id=CVE-2015-2044
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size. Las rutinas de emulación para dispositivos X86 no especificados en Xen 3.2.x hasta 4.5.x no inicializa correctamente los datos, lo que permite a usuarios locales invitados HVM obtener información sensible a través de vectores que involucran un tamaño de acceso no soportado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://support.citrix.com/article/CTX200484 http://www.debian.org/security/2015/dsa-3181 http://www.securityfocus.com/bid/72954 http://www.securitytracker.com/id/1031806 http://www. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0268
https://notcve.org/view.php?id=CVE-2015-0268
The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with general interrupt controller (GIC) version 2, allows local guest users to cause a denial of service (host crash) by writing an invalid value to the GICD.SGIR register. La función vgic_v2_to_sgi en arch/arm/vgic-v2.c en Xen 4.5.x, cuando funciona en el hardware ARM con General Interrupt Controller (GIC) version 2, permite a usuarios locales invitados causar una denegación de servicio (caída del anfitrión) mediante la escritura de un valor inválido en el registro GICD.SGIR. • http://www.securityfocus.com/bid/72591 http://www.securitytracker.com/id/1031746 http://xenbits.xen.org/xsa/advisory-117.html https://exchange.xforce.ibmcloud.com/vulnerabilities/100868 • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 23EXPL: 0CVE-2015-1563
https://notcve.org/view.php?id=CVE-2015-1563
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged. La virtualización del distribuidor ARM GIC en Xen 4.4.x y 4.5.x permite a invitados locales causar una denegación de servicio mediante la provocación del registro un número grande de mensajes. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://www.openwall.com/lists/oss-security/2015/01/29/9 http://www.securityfocus.com/bid/72766 http://www.securitytracker.com/id/1031663 http://xenbits.xen.org/xsa/advisory-118.html • CWE-399: Resource Management Errors •