Search CVE reports


Toggle filters

81 – 90 of 156 results


CVE-2013-2072

Medium priority
Fixed

Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-1432

Medium priority

Some fixes available 3 of 4

Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause a denial of service (premature page free and...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-2196

Medium priority

Some fixes available 4 of 5

Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to “other problems”...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-2195

Medium priority

Some fixes available 4 of 5

The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to “pointer dereferences” involving unexpected calculations.

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-2194

Medium priority

Some fixes available 4 of 5

Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel.

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-3495

Medium priority
Ignored

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable...

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-2078

Medium priority
Fixed

Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction.

2 affected packages

xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.3
Show less packages

CVE-2013-2007

Low priority
Ignored

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

4 affected packages

qemu, qemu-kvm, xen, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu
qemu-kvm
xen
xen-3.3
Show less packages

CVE-2013-1964

Medium priority

Some fixes available 2 of 5

Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly...

4 affected packages

xen, xen-3.1, xen-3.2, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.1
xen-3.2
xen-3.3
Show less packages

CVE-2013-1952

Medium priority

Some fixes available 3 of 6

Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device’s interrupt remapping table entries for MSI interrupts, which allows local guest domains to...

4 affected packages

xen, xen-3.1, xen-3.2, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xen
xen-3.1
xen-3.2
xen-3.3
Show less packages