CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-5147
https://notcve.org/view.php?id=CVE-2014-5147
Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a crafted 32-bit process. Xen 4.4.x, cuando funciona un kernel de 64 bits en un sistema ARM, no maneja debidamente las trampas del domino invitado que utiliza una anchura de dirección diferente, lo que permite a usuarios locales invitados causar una denegación de servicio (caída del anfitrión) a través de un proceso de 32 bits manipulado. • http://www.securitytracker.com/id/1030724 http://xenbits.xen.org/xsa/advisory-102.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2014-5146
https://notcve.org/view.php?id=CVE-2014-5146
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5149. Ciertas operaciones de la virtualización MMU en Xen 4.2.x hasta 4.4.x anterior al patch xsa97-hap, cuando utiliza Hardware Assisted Paging (HAP), no son preferentes, lo que permite a huéspedes locales HVM causar una denegación de servicio (consumo de vcpu) mediante la invocación de estas operaciones, las cuales procesan cada página asignada a un huésped, una vulnerabilidad diferente a CVE-2014-5149. • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136980.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136981.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html http://www.securityfocus.com/bid/69198 http://www.securitytracker.com/id/1030723 http://xenbits.xen.org/xsa/advisory-97.html https://exchange.xforce.ibmcloud.com/vulnerabilities/95234 https:/ • CWE-399: Resource Management Errors •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2014-5149
https://notcve.org/view.php?id=CVE-2014-5149
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a different vulnerability than CVE-2014-5146. Ciertas operaciones de la virtualización MMU en Xen 4.2.x hasta 4.4.x, cuando se utilizan las tablas de las páginas shadow, no son preferentes, lo que permite a huéspedes locales HVM causar una denegación de servicio (consumo de vcpu) mediante la invocación de estas operaciones, las cuales procesan cada página asignada a un huésped, una vulnerabilidad diferente a CVE-2014-5146. • http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136980.html http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136981.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html http://www.securityfocus.com/bid/69199 http://www.securitytracker.com/id/1030723 http://xenbits.xen.org/xsa/advisory-97.html https://exchange.xforce.ibmcloud.com/vulnerabilities/95235 https:/ • CWE-399: Resource Management Errors •
CVSS: 2.7EPSS: 0%CPEs: 2EXPL: 0CVE-2014-4022
https://notcve.org/view.php?id=CVE-2014-4022
The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators to obtain sensitive information via the GNTTABOP_setup_table subhypercall. La función alloc_domain_struct en arch/arm/domain.c en Xen 4.4.x, cuando funciona en una plataforma ARM, no inicializa debidamente la estructura que contiene las páginas de tablas de permisos para un dominio, lo que permite a administradores locales invitados obtener información sensible a través de la subhiperllamada GNTTABOP_setup_table. • http://secunia.com/advisories/59523 http://www.securityfocus.com/bid/68184 http://www.securitytracker.com/id/1030471 http://xenbits.xen.org/xsa/advisory-101.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.7EPSS: 0%CPEs: 24EXPL: 0CVE-2014-4021 – xen: Hypervisor heap contents leaked to guests (xsa-100)
https://notcve.org/view.php?id=CVE-2014-4021
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors. Xen 3.2.x hasta 4.4.x no limpia debidamente las páginas de memoria recuperadas de invitados, lo que permite a usuarios locales del sistema operativo invitado obtener información sensible a través de vectores no especificados. It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. • http://linux.oracle.com/errata/ELSA-2014-0926-1.html http://linux.oracle.com/errata/ELSA-2014-0926.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/59208 http://secunia.com/advisories/60027 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') •