The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219.
CVSS Score
9.0
EPSS Score
0.005
Published
2017-07-05
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
CVSS Score
9.1
EPSS Score
0.008
Published
2017-07-05
Xen through 4.8.x does not validate memory allocations during certain P2M operations, which allows guest OS users to obtain privileged host OS access, aka XSA-222.
CVSS Score
10.0
EPSS Score
0.017
Published
2017-07-05
Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service (hypervisor crash), aka XSA-223.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-07-05
The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 1.
CVSS Score
10.0
EPSS Score
0.011
Published
2017-07-05
The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2.
CVSS Score
10.0
EPSS Score
0.011
Published
2017-07-05
The grant-table feature in Xen through 4.8.x mishandles MMIO region grant references, which allows guest OS users to cause a denial of service (loss of grant trackability), aka XSA-224 bug 3.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-07-05
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-01-26
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
CVSS Score
6.0
EPSS Score
0.001
Published
2017-01-26
CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-01-26