| Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7228 | 7.2 |
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory access
|
03-10-2019 - 00:03 | 04-04-2017 - 14:59 | |
| CVE-2016-9932 | 2.1 |
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
|
04-11-2017 - 01:29 | 26-01-2017 - 15:59 | |
| CVE-2016-10013 | 4.6 |
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
|
04-11-2017 - 01:29 | 26-01-2017 - 15:59 | |
| CVE-2016-10024 | 4.9 |
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
|
04-11-2017 - 01:29 | 26-01-2017 - 15:59 |