Skip to main content

Xen

446 CVEs product

Monthly

CVE-2018-19965 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the. Rated medium severity (CVSS 5.6).

Denial Of Service Canonical Xen Xenserver Debian Linux
NVD
CVSS 3.0
5.6
EPSS
0.4%
CVE-2018-19964 MEDIUM PATCH This Month

An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-19963 HIGH PATCH This Week

An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-19962 HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. Rated high severity (CVSS 7.8). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Amd Information Disclosure Xen Debian Linux Xenserver
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-19961 HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. Rated high severity (CVSS 7.8).

Amd Information Disclosure Xen Debian Linux Xenserver
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-18883 HIGH PATCH This Week

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Intel Null Pointer Dereference Denial Of Service Xen
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-15471 HIGH This Week

An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Denial Of Service Information Disclosure Linux +3
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-15470 MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-15469 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-15468 MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Intel Xen
NVD
CVSS 3.0
6.0
EPSS
0.3%
CVE-2018-14678 HIGH PATCH This Week

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Xen Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-12893 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-12892 CRITICAL Act Now

An issue was discovered in Xen 4.7 through 4.10.x. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Debian Linux Xen
NVD
CVSS 3.0
9.9
EPSS
2.6%
CVE-2018-12891 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Debian Linux Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-10982 HIGH PATCH This Week

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-10981 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Debian Linux Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-8897 HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux Race Condition Intel +12
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
18.7%
CVE-2018-10472 MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with. Rated medium severity (CVSS 5.6). No vendor patch available.

Information Disclosure Xen Debian Linux
NVD
CVSS 3.0
5.6
EPSS
0.4%
CVE-2018-10471 MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-7542 MEDIUM This Month

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-7541 HIGH This Week

An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-7540 MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-5244 MEDIUM This Month

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2017-17566 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-17565 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion. Rated medium severity (CVSS 5.6).

Denial Of Service Xen
NVD
CVSS 3.0
5.6
EPSS
0.1%
CVE-2017-17564 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-17563 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count. Rated high severity (CVSS 7.8). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-17046 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-17045 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-17044 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15597 CRITICAL PATCH Act Now

An issue was discovered in Xen through 4.9.x. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Privilege Escalation Xen
NVD
CVSS 3.0
9.1
EPSS
1.5%
CVE-2017-15596 MEDIUM PATCH This Month

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
CVSS 3.0
6.0
EPSS
0.1%
CVE-2017-15595 HIGH POC PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Xen
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-15594 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-15593 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15592 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Denial Of Service Information Disclosure Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-15591 MEDIUM PATCH This Month

An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15590 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-15589 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15588 HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry. Rated high severity (CVSS 7.8).

RCE Race Condition Xen
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-7504 HIGH PATCH This Week

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service RCE Qemu +2
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2017-14431 MEDIUM PATCH This Month

Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Xen
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-14319 HIGH PATCH This Week

A grant unmapping issue was discovered in Xen through 4.9.x. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Xen
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2017-14318 MEDIUM PATCH This Month

An issue was discovered in Xen 4.5.x through 4.9.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-14317 MEDIUM PATCH This Month

A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. Rated medium severity (CVSS 5.6).

Denial Of Service Race Condition Xen
NVD
CVSS 3.0
5.6
EPSS
0.1%
CVE-2017-14316 HIGH PATCH This Week

A parameter verification issue was discovered in Xen through 4.9.x. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Xen
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2017-12137 HIGH PATCH This Week

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Xen Xenserver Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.0%
CVE-2017-12136 HIGH PATCH This Week

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the. Rated high severity (CVSS 7.8).

Denial Of Service Race Condition Xen Xenserver Debian Linux
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-12135 HIGH PATCH This Week

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver Debian Linux
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-12134 HIGH PATCH This Week

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-12855 MEDIUM This Month

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-10923 MEDIUM This Month

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.8%
CVE-2017-10922 HIGH PATCH This Week

The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-10921 CRITICAL PATCH Act Now

The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
CVSS 3.0
10.0
EPSS
1.1%
CVE-2017-10920 CRITICAL PATCH Act Now

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
CVSS 3.0
10.0
EPSS
1.1%
CVE-2017-10919 MEDIUM This Month

Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.7%
CVE-2017-10918 CRITICAL Act Now

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.0
10.0
EPSS
1.7%
CVE-2017-10917 CRITICAL Act Now

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xen
NVD
CVSS 3.0
9.1
EPSS
0.8%
CVE-2017-10916 HIGH This Week

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-10915 CRITICAL Act Now

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Xen
NVD
CVSS 3.0
9.0
EPSS
0.5%
CVE-2017-10914 HIGH This Week

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Xen
NVD
CVSS 3.0
8.1
EPSS
0.6%
CVE-2017-10913 CRITICAL Act Now

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2017-10912 CRITICAL Act Now

Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.0
10.0
EPSS
1.7%
CVE-2017-8905 HIGH PATCH This Week

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-8904 HIGH PATCH This Week

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-8903 HIGH PATCH This Week

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-7995 LOW Monitor

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen Manager Manager Proxy Openstack Cloud +2
NVD
CVSS 3.0
3.8
EPSS
0.1%
CVE-2017-7228 HIGH POC PATCH This Week

An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen
NVD GitHub Exploit-DB
CVSS 3.0
8.2
EPSS
1.5%
CVE-2016-9818 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9817 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9816 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9815 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9384 MEDIUM PATCH This Month

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9378 MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Authentication Bypass Xen
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9377 MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Xen
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-9932 LOW PATCH Monitor

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD VulDB
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-10025 MEDIUM PATCH This Month

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Amd Xen Xenserver
NVD VulDB
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-10024 MEDIUM PATCH This Month

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2016-10013 HIGH PATCH This Week

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9386 HIGH PATCH This Week

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xenserver Xen
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9385 MEDIUM PATCH This Month

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Canonical Xen Xenserver
NVD VulDB
CVSS 3.0
6.0
EPSS
0.1%
CVE-2016-9383 HIGH PATCH This Week

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service RCE Xen Xenserver
NVD VulDB
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-9382 HIGH PATCH This Week

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Xen Xenserver
NVD VulDB
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-9380 HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in. Rated high severity (CVSS 7.5).

Information Disclosure Xen Xenserver
NVD VulDB
CVSS 3.0
7.5
EPSS
0.1%
CVE-2016-9379 HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Information Disclosure Xen Xenserver
NVD VulDB
CVSS 3.0
7.9
EPSS
0.1%
CVE-2016-7777 MEDIUM PATCH This Month

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Xen
NVD
CVSS 3.0
6.3
EPSS
0.1%
CVE-2016-7154 MEDIUM PATCH This Month

Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption RCE Use After Free Xen
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2016-7094 MEDIUM PATCH This Month

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. Rated medium severity (CVSS 4.1).

Denial Of Service Buffer Overflow Xen
NVD
CVSS 3.0
4.1
EPSS
0.1%
CVE-2016-7093 HIGH PATCH This Week

Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD
CVSS 3.0
8.2
EPSS
0.1%
CVE-2016-7092 HIGH PATCH This Week

The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD
CVSS 3.0
8.2
EPSS
0.1%
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the. Rated medium severity (CVSS 5.6).

Denial Of Service Canonical Xen +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because x86 IOREQ server resource accounting (for. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones. Rated high severity (CVSS 7.8). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Amd Information Disclosure Xen +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes. Rated high severity (CVSS 7.8).

Amd Information Disclosure Xen +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of service (NULL pointer dereference) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Intel Null Pointer Dereference Denial Of Service +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Denial Of Service +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen Debian Linux
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Intel +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux
NVD
EPSS 3% CVSS 9.9
CRITICAL Act Now

An issue was discovered in Xen 4.7 through 4.10.x. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Debian Linux Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Debian Linux Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Debian Linux Xen
NVD
EPSS 19% CVSS 7.8
HIGH POC PATCH THREAT Act Now

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Privilege Escalation Linux +14
NVD GitHub Exploit-DB
EPSS 0% CVSS 5.6
MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with. Rated medium severity (CVSS 5.6). No vendor patch available.

Information Disclosure Xen Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xen +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Debian Linux
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion. Rated medium severity (CVSS 5.6).

Denial Of Service Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference. Rated high severity (CVSS 7.8).

Denial Of Service Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count. Rated high severity (CVSS 7.8). This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, because disjoint blocks, and physical addresses that. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a denial of service (BUG and host OS crash) by. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging the mishandling of Populate on Demand (PoD) errors. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

An issue was discovered in Xen through 4.9.x. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Xen
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Denial Of Service Information Disclosure Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers (who control a stub domain kernel or tool stack) to cause a denial of service (host OS crash) because of a missing comparison (of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry. Rated high severity (CVSS 7.8).

RCE Race Condition Xen
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Denial Of Service +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a denial of service (ARM or x86 AMD host OS memory consumption) by continually rebooting, because certain cleanup is skipped if no. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A grant unmapping issue was discovered in Xen through 4.9.x. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Information Disclosure Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Xen 4.5.x through 4.9.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Xen
NVD
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. Rated medium severity (CVSS 5.6).

Denial Of Service Race Condition Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A parameter verification issue was discovered in Xen through 4.9.x. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Xen Xenserver +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the. Rated high severity (CVSS 7.8).

Denial Of Service Race Condition Xen +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information,. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform the guest that a grant is in use. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-225. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Xen
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xen
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions (MPX) and Protection Key (PKU) features, which makes it easier for guest OS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Information Disclosure Xen
NVD
EPSS 1% CVSS 8.1
HIGH This Week

The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Race Condition Xen
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Xen through 4.8.x mishandles page transfer, which allows guest OS users to obtain privileged host OS access, aka XSA-217. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which might allow PV guest OS users to execute arbitrary code on the. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

RCE Xen
NVD
EPSS 0% CVSS 3.8
LOW Monitor

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen Manager +4
NVD
EPSS 2% CVSS 8.2
HIGH POC PATCH This Week

An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Xen
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Authentication Bypass +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Amd Xen
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Xen
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Amd +2
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Xen Xenserver
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected". Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Xenserver Xen
NVD VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Denial Of Service Canonical Xen +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Denial Of Service RCE Xen +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Xen +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in. Rated high severity (CVSS 7.5).

Information Disclosure Xen Xenserver
NVD VulDB
EPSS 0% CVSS 7.9
HIGH PATCH This Week

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity.

Information Disclosure Xen Xenserver
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks. Rated medium severity (CVSS 6.3).

Race Condition Information Disclosure Xen
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption RCE +2
NVD
EPSS 0% CVSS 4.1
MEDIUM PATCH This Month

Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update. Rated medium severity (CVSS 4.1).

Denial Of Service Buffer Overflow Xen
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Xen
NVD
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy