Shodan
Vulnerabilities
Vulnerable Software
Xen:  >> Xen  >> 4.4.1  Security Vulnerabilities
CVE-2014-9030
The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x does not properly manage page references, which allows remote domains to cause a denial of service by leveraging control over an HVM guest and a crafted MMU_MACHPHYS_UPDATE.
CVSS Score
7.1
EPSS Score
0.023
Published
2014-11-24
CVE-2014-5148
Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process.
CVSS Score
4.6
EPSS Score
0.002
Published
2014-10-26
CVE-2014-7154
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.009
Published
2014-10-02
CVE-2014-7156
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors.
CVSS Score
3.3
EPSS Score
0.008
Published
2014-10-02
CVE-2014-7188
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors.
CVSS Score
8.3
EPSS Score
0.025
Published
2014-10-02
CVE-2011-1763
The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port.
CVSS Score
7.7
EPSS Score
0.001
Published
2014-01-07
CVE-2007-5730
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the individual net socket listen vulnerability.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-10-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved