VYPR

rpm package

opensuse/xen&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweed

Vulnerabilities (279)

  • CVE-2014-3640Nov 7, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.

  • CVE-2014-0222Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.

  • CVE-2013-4540Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.

  • CVE-2013-4539Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.

  • CVE-2013-4538Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and ro

  • CVE-2013-4537Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

  • CVE-2013-4534Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.

  • CVE-2013-4533Nov 4, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.

  • CVE-2014-7188Oct 2, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.

  • CVE-2014-7156Oct 2, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecifi

  • CVE-2014-7155Oct 2, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) H

  • CVE-2014-7154Oct 2, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.

  • CVE-2014-5149Aug 22, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page assigned to a guest, a differen

  • CVE-2014-5146Aug 22, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process ev

  • CVE-2014-3124May 7, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page table translations for unspecifi

  • CVE-2013-4375Jan 19, 2014
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.

  • CVE-2013-4554Dec 24, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.

  • CVE-2013-4553Dec 24, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock).

  • CVE-2013-4551Nov 18, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of service (host crash) via unspecified vectors related to "guest VMX instruction execu

  • CVE-2013-4416Nov 2, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.