| Max CVSS | 9.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-15597 | 9.0 |
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy
|
03-10-2019 - 00:03 | 30-10-2017 - 14:29 | |
| CVE-2017-15590 | 4.6 |
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because MSI mapping was mishandled.
|
03-10-2019 - 00:03 | 18-10-2017 - 08:29 | |
| CVE-2017-14319 | 7.2 |
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame
|
03-10-2019 - 00:03 | 12-09-2017 - 15:29 | |
| CVE-2017-15593 | 4.9 |
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (memory leak) because reference counts are mishandled.
|
03-10-2019 - 00:03 | 18-10-2017 - 08:29 | |
| CVE-2017-15594 | 4.6 |
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service (hypervisor crash) or gain privileges because IDT settings are mishandled during CPU hotplugging.
|
03-10-2019 - 00:03 | 18-10-2017 - 08:29 | |
| CVE-2017-15592 | 7.2 |
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
|
03-10-2019 - 00:03 | 18-10-2017 - 08:29 | |
| CVE-2017-15595 | 7.2 |
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.
|
30-10-2018 - 10:29 | 18-10-2017 - 08:29 | |
| CVE-2017-14317 | 4.7 |
A domain cleanup issue was discovered in the C xenstore daemon (aka cxenstored) in Xen through 4.9.x. When shutting down a VM with a stubdomain, a race in cxenstored may cause a double-free. The xenstored daemon may crash, resulting in a DoS of any p
|
19-10-2018 - 10:29 | 12-09-2017 - 15:29 | |
| CVE-2017-15588 | 6.9 |
An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry.
|
19-10-2018 - 10:29 | 18-10-2017 - 08:29 | |
| CVE-2017-14316 | 7.2 |
A parameter verification issue was discovered in Xen through 4.9.x. The function `alloc_heap_pages` allows callers to specify the first NUMA node that should be used for allocations through the `memflags` parameter; the node is extracted using the `M
|
19-10-2018 - 10:29 | 12-09-2017 - 15:29 | |
| CVE-2017-15589 | 2.1 |
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to obtain sensitive information from the host OS (or an arbitrary guest OS) because intercepted I/O operations can cause a write of data from uninitialized hypervisor stack
|
19-10-2018 - 10:29 | 18-10-2017 - 08:29 | |
| CVE-2017-14318 | 4.9 |
An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gnttab_cache_flush` handles GNTTABOP_cache_flush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the
|
30-11-2017 - 02:29 | 12-09-2017 - 15:29 |