Search CVE reports
41 – 50 of 156 results
CVE-2014-2915
Medium priorityXen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash) via unspecified vectors, related to (1)...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1896
Low priorityThe (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC series allows local guests to cause a denial of service or possibly gain privileges via crafted xenstore ring indexes, which triggers a...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1895
Medium priorityOff-by-one error in the flask_security_avc_cachestats function in xsm/flask/flask_op.c in Xen 4.2.x and 4.3.x, when the maximum number of physical CPUs are in use, allows local users to cause a denial of service (host crash) or...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1894
Medium priorityMultiple integer overflows in unspecified suboperations in the flask hypercall in Xen 3.2.x and earlier, when XSM is enabled, allow local users to cause a denial of service (processor fault) via unspecified vectors, a different...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1893
Medium prioritySome fixes available 2 of 3
Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service (processor...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1892
Medium prioritySome fixes available 2 of 3
Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause a denial of service via vectors related to a “large memory allocation,” a different vulnerability than CVE-2014-1891, CVE-2014-1893, and CVE-2014-1894.
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1891
Medium priorityMultiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL, (3) FLASK_USER, and (4) FLASK_CONTEXT_TO_SID suboperations in the flask hypercall in Xen 4.3.x, 4.2.x, 4.1.x, 3.2.x, and earlier, when XSM is enabled, allow...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-3346
Low priorityBuffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ...
5 affected packages
qemu-kvm, xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu-kvm | — | — | — | — | — |
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-2599
Medium prioritySome fixes available 3 of 4
The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x for 64-bit allow local guest administrators to cause a denial of service (CPU consumption) by leveraging access to certain...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2014-1950
Medium priorityUse-after-free vulnerability in the xc_cpupool_getinfo function in Xen 4.1.x through 4.3.x, when using a multithreaded toolstack, does not properly handle a failure by the xc_cpumap_alloc function, which allows local users with...
2 affected packages
xen, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |