CRITICAL10.0CVE-2017-10921The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, wh… from 0, < 4.8.1-1+deb9u3
CRITICAL10.0CVE-2017-10920The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_hos… from 0, < 4.8.1-1+deb9u3
CRITICAL10.0CVE-2017-10918Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host… from 0, < 4.8.1-1+deb9u3
CRITICAL10.0xen - security update
from 0, < 4.8.1-1+deb9u3
CRITICAL10.0xen - security update
from 0, < 4.1.6.lts1-9
CRITICAL10.0xen - security update
from 0, < 4.4.1-9+deb8u10
CRITICAL10.0The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host…
from 0, < 4.8.0~rc3-1
CRITICAL9.9qemu-kvm - security update
from 0, < 4.4.0-1
CRITICAL9.9qemu-kvm - security update
from 0, < 4.1.6.lts1-12
CRITICAL9.9Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.
from 0, < 4.4.0-1
CRITICAL9.9An issue was discovered in Xen 4.7 through 4.10.x.
from 0, < 4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0
CRITICAL9.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] There are…
from 0
CRITICAL9.8An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descrip…
from 0, < 4.11.3+24-g14b62ab3e5-1
CRITICAL9.8The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows ba…
from 0, < 4.8.1-1+deb9u3
CRITICAL9.1Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex…
from 0
CRITICAL9.1An issue was discovered in Xen through 4.9.x.
from 0, < 4.8.2+xsa245-0+deb9u1
CRITICAL9.1Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of servic…
from 0, < 4.8.1-1+deb9u3
CRITICAL9.0The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest…
from 0, < 4.8.1-1+deb9u3
HIGH8.8Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing.
from 0
HIGH8.8Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during…
from 0, < 4.14.5+86-g1c354767d5-1
HIGH8.8xen - security update
from 0, < 4.14.5+86-g1c354767d5-1
HIGH8.8xen - security update
from 0, < 4.14.5+86-g1c354767d5-1
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH8.8PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities co…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH8.8An issue was discovered in Xen through 4.14.x.
from 0, < 4.14.0+88-g1d1d1f5391-1
HIGH8.8xen - security update
from 0, < 4.11.4+57-g41a822c392-2
HIGH8.8xen - security update
from 0, < 4.14.0+88-g1d1d1f5391-1
HIGH8.8An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data…
from 0, < 4.14.0+88-g1d1d1f5391-1
HIGH8.8An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain…
from 0, < 4.11.4+24-gddaaccbbab-1
HIGH8.8An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information…
from 0, < 4.11.4-1
HIGH8.8An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear p…
from 0, < 4.11.3+24-g14b62ab3e5-1
HIGH8.8An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercal…
from 0, < 4.11.3+24-g14b62ab3e5-1
HIGH8.8An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the…
from 0, < 4.11.3+24-g14b62ab3e5-1
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an…
from 0, < 4.11.1+92-g6c33308a8d-1
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-tab…
from 0, < 4.11.1+92-g6c33308a8d-1
HIGH8.8An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain…
from 0, < 4.11.1-1
HIGH8.8An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 platforms, allowing x86 HVM and PVH guests to cause a host OS denial of s…
from 0, < 4.11.1-1
HIGH8.8An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt num…
from 0, < 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
HIGH8.8An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by…
from 0, < 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
HIGH8.8An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, o…
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consum…
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain pri…
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8xen - security update
from 0, < 4.4.4lts3-0+deb8u1
HIGH8.8xen - security update
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain p…
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8A grant unmapping issue was discovered in Xen through 4.9.x.
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8xen - security update
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8xen - security update
from 0, < 4.4.4lts2-0+deb8u1
HIGH8.8xen - security update
from 0, < 4.8.2+xsa245-0+deb9u1
HIGH8.8arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
from 0, < 4.8.1-1+deb9u3
HIGH8.8Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vector…
from 0, < 4.8.1-1+deb9u3
HIGH8.8Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, which might allow PV guest OS users to execute arbitrary code on the…
from 0, < 4.8.0~rc3-1
HIGH8.8Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOP_transfer (aka guest transfer) operations, which mi…
from 0, < 4.8.1-1+deb9u1
HIGH8.8Xen through 4.8.x on 64-bit platforms mishandles page tables after an IRET hypercall, which might allow PV guest OS users to execute arbitr…
from 0, < 4.8.1-1+deb9u1
HIGH8.8Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive info…
from 0, < 4.8.0-1
HIGH8.8The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges b…
from 0, < 4.8.0~rc3-1
HIGH8.8qemu - security update
from 0, < 4.4.0-1
HIGH8.8Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly…
from 0, < 4.8.0~rc3-1
HIGH8.6x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnera…
from 0, < 4.14.5+94-ge49571868d-1
HIGH8.6guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hyperca…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH8.6Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage gues…
from 0, < 4.8.0~rc3-1
HIGH8.5The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive inf…
from 0, < 4.8.0~rc3-1
HIGH8.4The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table…
from 0, < 4.8.0~rc3-1
HIGH8.2xen - security update
from 0, < 4.8.1-1
HIGH8.2xen - security update
from 0, < 4.1.6.lts1-6
HIGH8.2xen - security update
from 0, < 4.4.1-9+deb8u7
HIGH8.2xen - security update
from 0, < 4.1.6.lts1-2
HIGH8.2xen - security update
from 0, < 4.8.0~rc3-1
HIGH8.2Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain…
from 0, < 4.8.0~rc3-1
HIGH8.1The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial o…
from 0, < 4.8.1-1+deb9u3
HIGH7.9xen - security update
from 0, < 4.8.0-1
HIGH7.9xen - security update
from 0, < 4.1.6.lts1-4
HIGH7.8The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a gr…
from 0
HIGH7.8The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple mo…
from 0
HIGH7.8The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices w…
from 0
HIGH7.8[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] libfsimage…
from 0
HIGH7.8For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode.
from 0
HIGH7.8x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted…
from 0, < 4.17.1+2-gb773c48e36-1
HIGH7.8x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Pa…
from 0, < 4.14.5+94-ge49571868d-1
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which as…
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8xen - security update
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8xen - security update
from 0, < 4.14.4+74-gd7b22226b5-1
HIGH7.8issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH7.8issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/…
from 0, < 4.14.3+32-g9de3671772-1~deb11u1
HIGH7.8Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory.
from 0, < 4.14.3-1~deb11u1
HIGH7.8grant table v2 status pages may remain accessible after de-allocation Guest get permitted access to certain Xen-owned pages of memory.
from 0, < 4.14.3-1~deb11u1
HIGH7.8An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM guest OS users to achieve unintended read/write DMA access, and possi…
from 0, < 4.14.0+80-gd101b417b7-1
HIGH7.8An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause…
from 0, < 4.14.0+80-gd101b417b7-1
HIGH7.8xen - security update
from 0, < 4.11.4+57-g41a822c392-1
HIGH7.8xen - security update
from 0, < 4.14.0+80-gd101b417b7-1
HIGH7.8An issue was discovered in Xen through 4.14.x.
from 0, < 4.14.0+80-gd101b417b7-1
HIGH7.8xen - security update
from 0, < 4.11.4+37-g3263f257ca-1
HIGH7.8xen - security update
from 0, < 4.14.0+80-gd101b417b7-1
HIGH7.8An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non…
from 0, < 4.11.4+24-gddaaccbbab-1