Skip to main content

Xen

446 CVEs product

Monthly

CVE-2026-23555 HIGH PATCH This Week

Xenstored on Ubuntu and Debian crashes when a guest VM submits a Xenstore command with an illegal node path "/local/domain/", causing a denial of service to that hypervisor component. An unprivileged guest can trigger this crash via a forced assert() statement, or if the service is built without debugging symbols, cause xenstored to consume excessive CPU resources while becoming unresponsive to further requests. No patch is currently available for this vulnerability.

Denial Of Service Xen
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-58150 HIGH PATCH This Week

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. [CVSS 8.8 HIGH]

Buffer Overflow Xen Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-58145 HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Xen Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-58144 HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Xen Suse
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-58143 CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-58142 CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-27466 CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2024-45819 MEDIUM PATCH This Month

PVH guests have their ACPI tables constructed by the toolstack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Xen
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2024-45818 MEDIUM PATCH This Month

The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Xen
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-45817 HIGH PATCH This Week

In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Xen
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2024-31146 HIGH PATCH This Week

When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without. Rated high severity (CVSS 7.5). This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-31145 HIGH PATCH This Week

Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. Rated high severity (CVSS 7.5). This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Intel Denial Of Service Amd Xen
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-31143 HIGH PATCH This Week

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Xen
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-31142 HIGH PATCH This Week

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Buffer Overflow Xen Fedora
NVD
CVSS 3.1
7.5
EPSS
17.4%
CVE-2023-46837 LOW PATCH Monitor

Arm provides multiple helpers to clean & invalidate the cache for a given region. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Xen
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-46836 MEDIUM PATCH This Month

The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. Rated medium severity (CVSS 4.7).

Buffer Overflow Xen
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2023-46835 MEDIUM PATCH This Month

The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Amd Memory Corruption Xen
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-34328 MEDIUM PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Amd Information Disclosure Xen
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-34327 MEDIUM PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Amd Information Disclosure Xen
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-34326 HIGH This Week

The caching invalidation guidelines from the AMD-Vi specification (48882-Rev 3.07-PUB-Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Xen
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-34325 HIGH PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Xen
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-34324 MEDIUM PATCH This Month

Closing of an event channel in the Linux kernel can result in a deadlock. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Linux Denial Of Service Linux Kernel Xen
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2023-34323 MEDIUM PATCH This Month

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Xen
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-34322 HIGH This Week

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-34321 LOW PATCH Monitor

Arm provides multiple helpers to clean & invalidate the cache for a given region. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Xen
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-34320 MEDIUM This Month

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cortex A77 Firmware Xen
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-4949 MEDIUM PATCH This Month

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Grub Xen
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-34319 HIGH PATCH This Week

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Xen Debian Linux Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-20588 MEDIUM This Month

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Debian Linux Epyc 7351P Firmware Epyc 7401P Firmware +44
NVD
CVSS 3.1
5.5
EPSS
12.4%
CVE-2023-20593 MEDIUM POC PATCH This Month

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen Debian Linux Ryzen 3 3100 Firmware Ryzen 3 3300X Firmware +67
NVD
CVSS 3.1
5.5
EPSS
5.8%
CVE-2022-4949 HIGH POC PATCH This Week

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE WordPress File Upload Adsanity Xen
NVD VulDB
CVSS 3.1
8.8
EPSS
8.6%
CVE-2022-23824 MEDIUM PATCH This Month

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Athlon X4 750 Firmware Athlon X4 760K Firmware Athlon X4 830 Firmware +165
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-42327 HIGH PATCH This Week

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Authentication Bypass Intel Xen Fedora
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-42326 MEDIUM PATCH This Month

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42325 MEDIUM PATCH This Month

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42324 MEDIUM PATCH This Month

Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42323 MEDIUM PATCH This Month

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42322 MEDIUM PATCH This Month

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42321 MEDIUM PATCH This Month

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-42320 HIGH PATCH This Week

Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. Rated high severity (CVSS 7.0).

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-42319 MEDIUM PATCH This Month

Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-42318 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42317 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42316 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42315 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42314 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42313 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42312 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42311 MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Fedora Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-42310 MEDIUM PATCH This Month

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-42309 HIGH PATCH This Week

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-33748 MEDIUM PATCH This Month

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
5.6
EPSS
0.2%
CVE-2022-33747 LOW PATCH Monitor

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
3.8
EPSS
0.3%
CVE-2022-33746 MEDIUM PATCH This Month

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-33745 HIGH PATCH This Week

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-29901 MEDIUM This Month

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Information Disclosure Core I7 6500U Firmware Core I7 6510U Firmware +127
NVD
CVSS 3.1
6.5
EPSS
4.9%
CVE-2022-29900 MEDIUM This Month

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Debian Linux Fedora Xen Athlon X4 750 Firmware +122
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2022-33743 HIGH PATCH This Week

network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Kernel Xen Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-33742 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-33741 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-33740 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Fedora Debian Linux Linux Kernel Xen
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-26365 HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Kernel Xen Debian Linux Fedora
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2022-21166 MEDIUM PATCH This Month

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen Fedora Sgx Dcap +4
NVD
CVSS 3.1
5.5
EPSS
5.9%
CVE-2022-21127 MEDIUM PATCH This Month

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen Sgx Dcap Sgx Psw +2
NVD
CVSS 3.1
5.5
EPSS
5.5%
CVE-2022-21125 MEDIUM PATCH This Month

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen Fedora Sgx Dcap +4
NVD
CVSS 3.1
5.5
EPSS
6.5%
CVE-2022-21123 MEDIUM PATCH This Month

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen Fedora Sgx Dcap +4
NVD
CVSS 3.1
5.5
EPSS
6.3%
CVE-2022-26364 MEDIUM POC PATCH This Month

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2022-26363 MEDIUM PATCH This Month

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2022-26362 MEDIUM PATCH This Month

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. Rated medium severity (CVSS 6.4).

Race Condition Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
6.4
EPSS
0.4%
CVE-2022-26361 HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow Xen Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26360 HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow Xen Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26359 HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow Xen Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26358 HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow Xen Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-26357 HIGH PATCH This Week

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-26356 MEDIUM PATCH This Month

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Debian Linux Fedora
NVD
CVSS 3.1
5.6
EPSS
0.2%
CVE-2022-23960 MEDIUM PATCH This Month

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Cortex R7 Firmware Cortex R8 Firmware Cortex A57 Firmware +18
NVD
CVSS 3.1
5.6
EPSS
0.5%
CVE-2022-23042 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-23041 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23040 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23039 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23038 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-23037 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2022-23036 HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen Debian Linux
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2021-28703 HIGH This Week

grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2021-28709 HIGH PATCH This Week

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28705 HIGH PATCH This Week

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora Debian Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-28708 HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-28707 HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux Fedora
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-28706 HIGH PATCH This Week

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Fedora Debian Linux
NVD
CVSS 3.1
8.6
EPSS
2.1%
CVE-2021-28704 HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Fedora Debian Linux
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Xenstored on Ubuntu and Debian crashes when a guest VM submits a Xenstore command with an illegal node path "/local/domain/", causing a denial of service to that hypervisor component. An unprivileged guest can trigger this crash via a forced assert() statement, or if the service is built without debugging symbols, cause xenstored to consume excessive CPU resources while becoming unresponsive to further requests. No patch is currently available for this vulnerability.

Denial Of Service Xen
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. [CVSS 8.8 HIGH]

Buffer Overflow Xen Suse
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are two issues related to the mapping of pages belonging to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Xen +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are multiple issues related to the handling and accessing of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Xen Suse
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

PVH guests have their ACPI tables constructed by the toolstack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Xen
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Xen
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without. Rated high severity (CVSS 7.5). This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. Rated high severity (CVSS 7.5). This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Intel Denial Of Service Amd +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An optional feature of PCI MSI called "Multiple Message" allows a device to use multiple consecutive interrupt vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Information Disclosure Xen
NVD
EPSS 17% CVSS 7.5
HIGH PATCH This Week

Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

Buffer Overflow Xen Fedora
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Arm provides multiple helpers to clean & invalidate the cache for a given region. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Xen
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. Rated medium severity (CVSS 4.7).

Buffer Overflow Xen
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Amd Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Amd Information Disclosure Xen
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] AMD CPUs since ~2014 have extensions to normal x86 debugging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Amd Information Disclosure Xen
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The caching invalidation guidelines from the AMD-Vi specification (48882-Rev 3.07-PUB-Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage contains parsing code for several filesystems, most of them. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Xen
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

Closing of an event channel in the Linux kernel can result in a deadlock. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Linux Denial Of Service Linux Kernel +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Xen
NVD
EPSS 0% CVSS 7.8
HIGH This Week

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Arm provides multiple helpers to clean & invalidate the cache for a given region. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Xen
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cortex A77 Firmware Xen
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Grub Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Xen +2
NVD
EPSS 12% CVSS 5.5
MEDIUM This Month

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Amd Information Disclosure Debian Linux +46
NVD
EPSS 6% CVSS 5.5
MEDIUM POC PATCH This Month

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen Debian Linux +69
NVD
EPSS 9% CVSS 8.8
HIGH POC PATCH This Week

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE WordPress File Upload +2
NVD VulDB
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Athlon X4 750 Firmware +167
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Authentication Bypass Intel Xen +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. Rated high severity (CVSS 7.0).

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Fedora +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Buffer Overflow Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

P2M pool freeing may take excessively long The P2M pool backing second level address translation for guests may be of significant size. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Xen Debian Linux +1
NVD
EPSS 5% CVSS 6.5
MEDIUM This Month

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Intel Information Disclosure +129
NVD
EPSS 4% CVSS 6.5
MEDIUM This Month

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Debian Linux Fedora +124
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Linux Kernel Xen +1
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux +2
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Fedora Debian Linux +2
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Fedora Debian Linux +2
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Kernel Xen +2
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen +6
NVD
EPSS 5% CVSS 5.5
MEDIUM PATCH This Month

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen +4
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen +6
NVD
EPSS 6% CVSS 5.5
MEDIUM PATCH This Month

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Intel Information Disclosure Xen +6
NVD
EPSS 0% CVSS 6.7
MEDIUM POC PATCH This Month

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. Rated medium severity (CVSS 6.4).

Race Condition Information Disclosure Xen +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Intel Amd Buffer Overflow +3
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. Rated high severity (CVSS 7.0).

Race Condition Information Disclosure Xen +2
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Debian Linux +1
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. Rated medium severity (CVSS 5.6).

Information Disclosure Xen Cortex R7 Firmware +20
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several. Rated high severity (CVSS 7.0). No vendor patch available.

Denial Of Service Race Condition Xen +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

grant table v2 status pages may remain accessible after de-allocation (take two) Guest get permitted access to certain Xen-owned pages of memory. Rated high severity (CVSS 7.0). No vendor patch available.

Information Disclosure Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Xen Fedora +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux +1
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Xen Fedora +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Fedora +1
NVD
Page 1 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy