CVSS: 2.7EPSS: 0%CPEs: 24EXPL: 0CVE-2014-4021 – xen: Hypervisor heap contents leaked to guests (xsa-100)
https://notcve.org/view.php?id=CVE-2014-4021
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. Xen 3.2.x hasta 4.4.x no limpia debidamente las páginas de memoria recuperadas de invitados, lo que permite a usuarios locales del sistema operativo invitado obtener información sensible a través de vectores no especificados. It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. • http://linux.oracle.com/errata/ELSA-2014-0926-1.html http://linux.oracle.com/errata/ELSA-2014-0926.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/59208 http://secunia.com/advisories/60027 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3967
https://notcve.org/view.php?id=CVE-2014-3967
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors. La función HVMOP_inject_msi en Xen 4.2.x, 4.3.x y 4.4.x no comprueba debidamente el valor de retorno de la comprobación de configuraciones IRQ, lo que permite a administradores locales invitados de HVM causar una denegación de servicio (referencia a puntero nulo y caída) a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134710.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134739.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://www.openwall.com/lists/oss-security/2014/06/04/13 http://www.securityfocus.com/bid/67794 http://www.securitytracker.com/id/1030322 http://xenbits.xen.org/xsa/advisory-96.html ht •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3969
https://notcve.org/view.php?id=CVE-2014-3969
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors. Xen 4.4.x, cuando funciona en un sistema ARM, no comprueba debidamente permisos de escritura en direcciones virtuales, lo que permite a administradores locales invitados ganar privilegios a través de vectores no especificados. • http://secunia.com/advisories/58975 http://www.openwall.com/lists/oss-security/2014/06/04/14 http://www.securityfocus.com/bid/67819 http://www.securitytracker.com/id/1030333 http://xenbits.xen.org/xsa/advisory-98.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3968
https://notcve.org/view.php?id=CVE-2014-3968
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged. La función HVMOP_inject_msi en Xen 4.2.x, 4.3.x y 4.4.x permite a administradores locales invitados causar una denegación de servicio (caída de anfitrión) a través de un número grande de solicitudes manipuladas, lo que provoca que se registra un mensaje de error. • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134710.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134739.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://www.openwall.com/lists/oss-security/2014/06/04/13 http://www.securityfocus.com/bid/67794 http://www.securityfocus.com/bid/67824 http://www.securitytracker.com/id/1030322 http:/ •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3714
https://notcve.org/view.php?id=CVE-2014-3714
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which allows local users to read system memory or cause a denial of service (crash) via a crafted 32-bit ARM guest kernel in an image, which triggers a buffer overflow. La funcionalidad de carga de imágenes ARM en Xen 4.4.x no valida debidamente la longitud de kernels, lo que permite a usuarios locales leer memoria de sistema o causar una denegación de servicio (caída) a través de un kernel ARM de 32-bits invitado manipulado en un imagen, lo que provoca un desbordamiento de buffer. • http://www.openwall.com/lists/oss-security/2014/05/14/4 http://www.openwall.com/lists/oss-security/2014/05/15/6 http://www.openwall.com/lists/oss-security/2014/05/16/1 http://www.securitytracker.com/id/1030252 http://xenbits.xen.org/xsa/advisory-95.html • CWE-20: Improper Input Validation •