RSS   Vulnerabilities for 'XEN'   RSS

2014-10-26
 
CVE-2014-5148

CWE-119
 

 
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process.

 
2010-06-16
 
CVE-2010-2070

CWE-Other
 

 
arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742.

 
2008-05-14
 
CVE-2008-1944

CWE-119
 

 
Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of messages."

 
 
CVE-2008-1943

CWE-119
 

 
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer.

 

 >>> Vendor: Xensource 2 Products
XEN
Xen para virtualized frame buffer


Copyright 2024, cxsecurity.com

 

Back to Top