CVSS: 8.3EPSS: 0%CPEs: 6EXPL: 0CVE-2014-1666
https://notcve.org/view.php?id=CVE-2014-1666
The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors. La función do_physdev_op en Xen 4.1.5, 4.1.6.1, 4.2.2 hasta 4.2.3 y 4.3.x no restringe adecuadamente el acceso a las operaciones: (1) PHYSDEVOP_release_msix y (2) PHYSDEVOP_prepare_msix , lo que permite a los huéspedes PV locales provocar una denegación de servicio ( mal funcionamiento de host o invitado) o posiblemente obtener privilegios a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127580.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127607.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://osvdb.org/102536 http://secunia.com/advisories/56650 http://security.gentoo.org/glsa/glsa-201407-03.xml http://support.citrix.com/article/CTX200288 http://www.openwall.com/lis • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.7EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4375
https://notcve.org/view.php?id=CVE-2013-4375
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. El backend PV qdisk en qemu-xen de Xen 4.2.x y 4.3.x anteriores a 4.3.1, y qemu 1.1 y otras versiones, permite a invitados locales HVM causar una denegación de servicio (consumo de referencia de concesión de dominio) a través de vectores no especificados. • http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/10/10/14 http://www.ubuntu.com/usn/USN-2092-1 http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html • CWE-399: Resource Management Errors •
CVSS: 6.0EPSS: 0%CPEs: 34EXPL: 0CVE-2013-4554 – kernel: xen: hypercalls exposed to privilege rings 1 and 2 of HVM guests
https://notcve.org/view.php?id=CVE-2013-4554
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2. Xen 3.0.3 a 4.1.x (posiblemente 4.1.6.1), 4.2.x (posiblemente 4.2.3), y 4.3.x (posiblemente 4.3.1) no previene correctamente acceso a hypercalls, lo cual permite a usuarios invitados locales obtener privilegios a través de la ejecución de una aplicación manipulada en el anillo 1 o el anillo 2. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://rhn.redhat.com/errata/RHSA-2014-0285.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists&# • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.2EPSS: 0%CPEs: 23EXPL: 0CVE-2013-4553
https://notcve.org/view.php?id=CVE-2013-4553
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock). La hypercall XEN_DOMCTL_getmemlist en Xen 3.4.x a 4.3.x (posiblemente 4.3.1) no obtiene siempre los bloqueos page_alloc_lock y mm_rwlock en el mismo orden, lo cual permite a administradores locales invitados causar denegación de servicio (bloqueo del host). • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/11/26/8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-6400
https://notcve.org/view.php?id=CVE-2013-6400
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors. En Xen 4.2.x y 4.3.x, al utilizar Intel VT-d y un dispositivo PCI asignado, no borra el indicador que suprime vocados de IOMMU TLB cuando se producen errores no especificados, que hace que entradas de la TLB no sean eliminadas y permite a los locales administradores de invitados para causar una denegación de servicio (caída de host) o ganar privilegios a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125081.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/125111.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html http://lists.xen.org/archives/html/xen-announce/2013-12/msg00002.html http://secunia.com/advisories/55932 http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.openwall.com/lists/oss-security/2013/12/10/7 http://www.securitytracker.com/id/10 • CWE-264: Permissions, Privileges, and Access Controls •