Total
466 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4416 | 1 Xen | 1 Xen | 2024-11-21 | 5.2 MEDIUM | N/A |
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. | |||||
CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2024-11-21 | 2.7 LOW | N/A |
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | |||||
CVE-2013-4371 | 1 Xen | 1 Xen | 2024-11-21 | 4.4 MEDIUM | N/A |
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the realloc function fails, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2013-4370 | 1 Xen | 1 Xen | 2024-11-21 | 4.6 MEDIUM | N/A |
The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corruption and crash) and possibly execute arbitrary code via unspecified vectors that trigger a (1) use-after-free or (2) double free. | |||||
CVE-2013-4369 | 1 Xen | 1 Xen | 2024-11-21 | 1.9 LOW | N/A |
The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate configuration. | |||||
CVE-2013-4368 | 1 Xen | 1 Xen | 2024-11-21 | 1.9 LOW | N/A |
The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register. | |||||
CVE-2013-4361 | 1 Xen | 1 Xen | 2024-11-21 | 2.1 LOW | N/A |
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. | |||||
CVE-2013-4356 | 1 Xen | 1 Xen | 2024-11-21 | 5.4 MEDIUM | N/A |
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). | |||||
CVE-2013-4355 | 1 Xen | 1 Xen | 2024-11-21 | 1.5 LOW | N/A |
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. | |||||
CVE-2013-4329 | 1 Xen | 1 Xen | 2024-11-21 | 6.5 MEDIUM | N/A |
The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction. | |||||
CVE-2013-3495 | 2 Opensuse, Xen | 2 Opensuse, Xen | 2024-11-21 | 4.7 MEDIUM | N/A |
The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI). | |||||
CVE-2013-2212 | 1 Xen | 1 Xen | 2024-11-21 | 5.7 MEDIUM | N/A |
The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption and possibly hypervisor or guest kernel panic) via a crafted GFN range. | |||||
CVE-2013-2211 | 1 Xen | 1 Xen | 2024-11-21 | 7.4 HIGH | N/A |
The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors. | |||||
CVE-2013-2196 | 1 Xen | 1 Xen | 2024-11-21 | 6.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195. | |||||
CVE-2013-2195 | 1 Xen | 1 Xen | 2024-11-21 | 6.9 MEDIUM | N/A |
The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations. | |||||
CVE-2013-2194 | 1 Xen | 1 Xen | 2024-11-21 | 6.9 MEDIUM | N/A |
Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel. | |||||
CVE-2013-2078 | 1 Xen | 1 Xen | 2024-11-21 | 4.7 MEDIUM | N/A |
Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction. | |||||
CVE-2013-2077 | 1 Xen | 1 Xen | 2024-11-21 | 5.2 MEDIUM | N/A |
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecified vectors. | |||||
CVE-2013-2076 | 1 Xen | 1 Xen | 2024-11-21 | 4.3 MEDIUM | N/A |
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged to obtain sensitive information such as cryptographic keys, a similar vulnerability to CVE-2006-1056. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. | |||||
CVE-2013-2072 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-11-21 | 7.4 HIGH | N/A |
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges via a crafted cpumap. |