Search CVE reports
1 – 10 of 87 results
CVE-2013-2016
Low priorityA flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged...
6 affected packages
kvm, qemu, qemu-kvm, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
kvm | — | — | — | — | — |
qemu | — | — | — | — | — |
qemu-kvm | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-3346
Low priorityBuffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ...
5 affected packages
qemu-kvm, xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu-kvm | — | — | — | — | — |
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-1936
Medium priorityXen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause a denial of service (guest...
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-1780
Medium priorityThe instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread.
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-1763
Medium priorityThe get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port.
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-1166
Medium priorityXen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables.
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-2519
Medium priorityXen in the Linux kernel, when running a guest on a host without hardware assisted paging (HAP), allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction.
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2011-2901
Medium priorityOff-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2013-1964
Medium prioritySome fixes available 2 of 5
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly...
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2013-1952
Medium prioritySome fixes available 3 of 6
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to...
4 affected packages
xen, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
xen | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |