CRITICAL10.0CVE-2017-10921The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, wh… from 0, < 4.9.0-r0
CRITICAL10.0CVE-2017-10920The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_hos… from 0, < 4.9.0-r0
CRITICAL10.0CVE-2017-10918Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host… from 0, < 4.9.0-r0
CRITICAL10.0xen - security update
from 0, < 4.9.0-r0
CRITICAL9.9qemu-kvm - security update
from 0, < 4.7.2-r0
CRITICAL9.9Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.
from 0, < 4.7.1-r5
CRITICAL9.9An issue was discovered in Xen 4.7 through 4.10.x.
from 0, < 4.11.0-r0
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0, < 4.18.5-r2
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0, < 4.18.5-r2
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0, < 4.18.5-r2
CRITICAL9.8An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descrip…
from 0, < 4.12.1-r1
CRITICAL9.8The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows ba…
from 0, < 4.9.0-r0
CRITICAL9.1Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex…
from 0, < 4.18.5-r9
CRITICAL9.1qemu - security update
from 0, < 4.7.1-r5
CRITICAL9.1An issue was discovered in Xen through 4.9.x.
from 0, < 4.9.0-r7
CRITICAL9.1Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of servic…
from 0, < 4.9.0-r0
CRITICAL9.0The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest…
from 0, < 4.9.0-r0
HIGH8.8Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing.
from 0, < 4.18.5-r4
HIGH8.8Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during…
from 0, < 4.14.5-r6
HIGH8.8xen - security update
from 0, < 4.14.5-r5
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.13.4-r2
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.13.4-r2
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.13.4-r2
HIGH8.8certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures (page tables) may…
from 0, < 4.15.1-r1
HIGH8.8An issue was discovered in Xen through 4.14.x.
from 0, < 4.13.2-r3
HIGH8.8xen - security update
from 0, < 4.13.2-r3
HIGH8.8An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x.
from 0, < 0
HIGH8.8An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data…
from 0, < 4.12.4-r0
HIGH8.8An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain…
from 0, < 4.12.3-r2
HIGH8.8An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear p…
from 0, < 4.12.2-r0
HIGH8.8An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercal…
from 0, < 4.12.1-r1
HIGH8.8An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the…
from 0, < 4.12.1-r1
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an…
from 0, < 4.11.2-r0
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-tab…
from 0, < 4.11.2-r0
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain…
from 0, < 4.11.1-r0
HIGH8.8An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of s…
from 0, < 4.11.1-r0
HIGH8.8An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt num…
from 0, < 4.10.1-r1
HIGH8.8An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by…
from 0, < 4.10.0-r2
HIGH8.8An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, o…
from 0, < 4.7.3-r2
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consum…
from 0, < 4.9.0-r6
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain pri…
from 0, < 4.9.0-r6
HIGH8.8xen - security update
from 0, < 4.9.0-r6
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain p…
from 0, < 4.9.0-r6
HIGH8.8A grant unmapping issue was discovered in Xen through 4.9.x.
from 0, < 4.9.0-r4
HIGH8.8xen - security update
from 0, < 4.9.0-r4
HIGH8.8arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
from 0, < 4.9.0-r1
HIGH8.8Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vector…
from 0, < 4.9.0-r1
HIGH8.8Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the…
from 0, < 4.6.3-r7
HIGH8.8Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which mi…
from 0, < 4.8.1-r2
HIGH8.8Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitr…
from 0, < 4.8.1-r2
HIGH8.8Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive info…
from 0, < 4.7.1-r1
HIGH8.8The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges b…
from 0, < 4.7.0-r0
HIGH8.6x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnera…
from 0, < 4.15.5-r0
HIGH8.6guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hyperca…
from 0, < 4.13.4-r2
HIGH8.2xen - security update
from 0, < 4.7.2-r0
HIGH8.2Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges…
from 0, < 4.7.0-r1
HIGH8.2xen - security update
from 0, < 4.7.0-r1
HIGH8.1The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial o…
from 0, < 4.9.0-r0
HIGH7.9xen - security update
from 0, < 4.7.1-r1
HIGH7.8The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a gr…
from 0, < 4.18.5-r7
HIGH7.8In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmd_vm_ops defines .…
from 0, < 0
HIGH7.8In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned b…
from 0, < 0
HIGH7.8The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple mo…
from 0, < 4.18.5-r5
HIGH7.8The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices w…
from 0, < 4.15.5-r3
HIGH7.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage…
from 0, < 4.15.5-r3
HIGH7.8For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
from 0, < 4.15.5-r1
HIGH7.8The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the hea…
from 0, < 0
HIGH7.8x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted…
from 0, < 4.17.0-r5
HIGH7.8x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Pa…
from 0, < 4.15.5-r0
HIGH7.8network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in…
from 0, < 4.15.4-r0
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.13.4-r3
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.13.4-r3
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.13.4-r3
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.13.4-r3
HIGH7.8xen - security update
from 0, < 4.13.4-r3
HIGH7.8issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/…
from 0, < 4.14.3-r2
HIGH7.8issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/…
from 0, < 4.13.4-r2
HIGH7.8Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory.
from 0, < 4.13.3-r3
HIGH7.8grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory.
from 0, < 4.13.3-r2
HIGH7.8An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause…
from 0, < 4.12.4-r0
HIGH7.8xen - security update
from 0, < 4.12.4-r0
HIGH7.8An issue was discovered in Xen through 4.14.x.
from 0, < 4.12.3-r4
HIGH7.8xen - security update
from 0, < 4.12.3-r4
HIGH7.8An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non…
from 0, < 4.12.3-r2
HIGH7.8xen - security update
from 0, < 4.12.2-r1
HIGH7.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a gues…
from 0, < 4.11.2-r0
HIGH7.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging…
from 0, < 4.11.2-r0
HIGH7.8An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privi…
from 0, < 4.11.1-r0
HIGH7.8An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because sma…
from 0, < 4.11.1-r0
HIGH7.8xen - security update
from 0, < 4.11.1-r0
HIGH7.8A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the…
from 0, < 4.10.1-r1
HIGH7.8An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privil…
from 0, < 4.6.6-r3
HIGH7.8An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privilege…
from 0, < 4.6.6-r3
HIGH7.8xen - security update
from 0, < 4.6.6-r3
HIGH7.8xen - security update
from 0, < 4.9.0-r6
HIGH7.8Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free l…
from 0, < 4.9.0-r1
HIGH7.8xen - security update
from 0, < 4.7.1-r4
HIGH7.8The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest user…
from 0, < 4.7.1-r1
HIGH7.8Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or ca…
from 0, < 4.7.1-r1
HIGH7.6xen - security update
from 0, < 4.13.4-r1