VYPR

rpm package

opensuse/xen&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/xen&distro=openSUSE%20Tumbleweed

Vulnerabilities (279)

  • CVE-2013-4494Nov 2, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of service (host deadlock) via unspecified vectors.

  • CVE-2013-4356Oct 9, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash).

  • CVE-2013-4361Oct 1, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction.

  • CVE-2013-4355Oct 1, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory.

  • CVE-2013-1442Sep 30, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes

  • CVE-2013-3495Aug 28, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-

  • CVE-2013-2007May 21, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

  • CVE-2013-1952May 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via

  • CVE-2013-1922May 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted,

  • CVE-2013-1919May 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."

  • CVE-2013-1918May 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."

  • CVE-2013-1917May 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by anothe

  • CVE-2013-0151Mar 7, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not prevent HVM_PARAM_NESTEDHVM (aka nested virtualization) operations, which allows guest OS users to cause a denial of service (long-duration page mappings and host OS crash) by leveraging

  • CVE-2013-0153Feb 14, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.

  • CVE-2012-5634Feb 14, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause a denial of service to other guests by injecting an interrupt.

  • CVE-2013-0152Feb 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memory consumption) by performing nested virtualization in a way that triggers errors that are not properly handled.

  • CVE-2012-6075Feb 13, 2013
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via

  • CVE-2012-5525Dec 13, 2012
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.

  • CVE-2012-5515Dec 13, 2012
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.

  • CVE-2012-5514Dec 13, 2012
    affected < 4.7.0_12-1.3fixed 4.7.0_12-1.3

    The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service (hang) via unspecified vectors.

Page 13 of 14