Search CVE reports


Toggle filters

21 – 30 of 156 results


CVE-2014-5148

Low priority
Fixed

Xen 4.4.x, when running on an ARM system and “handling an unknown system register access from 64-bit userspace,” returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-7188

Medium priority

Some fixes available 4 of 5

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-7156

Medium priority

Some fixes available 4 of 5

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-7155

Medium priority

Some fixes available 4 of 5

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-7154

Medium priority
Fixed

Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-5147

Medium priority
Fixed

Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not properly handle traps from the guest domain that use a different address width, which allows local guest users to cause a denial of service (host crash) via a...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-5149

Medium priority

Some fixes available 1 of 3

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-5146

Medium priority

Some fixes available 1 of 3

Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-4022

Medium priority
Fixed

The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, when running on an ARM platform, does not properly initialize the structure containing the grant table pages for a domain, which allows local guest administrators...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2014-4021

Medium priority

Some fixes available 5 of 6

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages