Max CVSS | 7.2 | Min CVSS | 4.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-6258 | 7.2 |
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
|
01-07-2017 - 01:29 | 02-08-2016 - 16:59 | |
CVE-2015-8338 | 7.2 |
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS ad
|
07-12-2016 - 18:26 | 17-12-2015 - 19:59 | |
CVE-2016-4480 | 7.2 |
The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a c
|
01-12-2016 - 03:10 | 18-05-2016 - 14:59 | |
CVE-2016-5242 | 4.7 |
The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding r
|
28-11-2016 - 20:23 | 07-06-2016 - 14:06 | |
CVE-2016-4962 | 6.8 |
The libxl device-handling in Xen 4.6.x and earlier allows local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled ar
|
28-11-2016 - 20:22 | 07-06-2016 - 14:06 |