| Max CVSS | 7.2 | Min CVSS | 1.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-7777 | 3.3 |
Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the h
|
01-07-2017 - 01:30 | 07-10-2016 - 14:59 | |
| CVE-2016-7094 | 1.5 |
Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update.
|
01-07-2017 - 01:30 | 21-09-2016 - 14:25 | |
| CVE-2016-7093 | 7.2 |
Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation.
|
01-07-2017 - 01:30 | 21-09-2016 - 14:25 | |
| CVE-2016-7092 | 6.8 |
The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables.
|
01-07-2017 - 01:30 | 21-09-2016 - 14:25 | |
| CVE-2016-6258 | 7.2 |
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
|
01-07-2017 - 01:29 | 02-08-2016 - 16:59 |