Citrix: >> Xenserver >> 6.2.0 Security Vulnerabilities
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
CVSS Score
9.8
EPSS Score
0.365
Published
2017-08-07
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-02-17
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-01-30
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
CVSS Score
4.9
EPSS Score
0.004
Published
2017-01-30
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
CVSS Score
6.0
EPSS Score
0.001
Published
2017-01-26
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-01-26
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.
CVSS Score
7.9
EPSS Score
0.001
Published
2017-01-23
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-01-23
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
CVSS Score
7.5
EPSS Score
0.001
Published
2017-01-23
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-01-23