| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-45819 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | |
| CVE-2024-45818 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | |
| CVE-2024-45817 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | In x86's APIC (Advanced Programmable Interrupt Controller) architectur ... |
| CVE-2024-31146 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | When multiple devices share resources and one of them is to be passed ... |
| CVE-2024-31145 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Certain PCI devices in a system might be assigned Reserved Memory Regi ... |
| CVE-2024-31143 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | An optional feature of PCI MSI called "Multiple Message" allows a devi ... |
| CVE-2024-31142 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Because of a logical error in XSA-407 (Branch Type Confusion), the mit ... |
| CVE-2024-2201 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Native Branch History Injection |
| CVE-2024-2193 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | A Speculative Race Condition (SRC) vulnerability that impacts modern C ... |
| CVE-2023-46842 | vulnerable | vulnerable | fixed | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit a ... |
| CVE-2023-46841 | vulnerable | vulnerable | fixed | vulnerable | vulnerable (no DSA, postponed) | fixed | fixed | Recent x86 CPUs offer functionality named Control-flow Enforcement Tec ... |
| CVE-2023-46840 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Incorrect placement of a preprocessor directive in source code results ... |
| CVE-2023-46839 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | PCI devices can make use of a functionality called phantom functions, ... |
| CVE-2023-46837 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | Arm provides multiple helpers to clean & invalidate the cache for a gi ... |
| CVE-2023-46836 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative ... |
| CVE-2023-46835 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | The current setup of the quarantine page tables assumes that the quara ... |
| CVE-2023-34328 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | [This CNA information record relates to multiple CVEs; the text explai ... |
| CVE-2023-34327 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | [This CNA information record relates to multiple CVEs; the text explai ... |
| CVE-2023-34326 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | The caching invalidation guidelines from the AMD-Vi specification (488 ... |
| CVE-2023-34325 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | [This CNA information record relates to multiple CVEs; the text explai ... |
| CVE-2023-34323 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | When a transaction is committed, C Xenstored will first check the quot ... |
| CVE-2023-34322 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | For migration as well as to work around kernels unaware of L1TF (see X ... |
| CVE-2023-34321 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | Arm provides multiple helpers to clean & invalidate the cache for a gi ... |
| CVE-2023-34320 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where ... |
| CVE-2023-28746 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable | Information exposure through microarchitectural state after transient ... |
| CVE-2023-20593 | vulnerable | vulnerable | unknown | unknown | unknown | unknown | unknown | An issue in \u201cZen 2\u201d CPUs, under specific microarchitectural ... |
| CVE-2023-20588 | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | A division-by-zero error on some AMD processors can potentially return ... |
| CVE-2022-42336 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Mishandling of guest SSBD selection on AMD hardware The current logic ... |
| CVE-2022-42335 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | x86 shadow paging arbitrary pointer dereference In environments where ... |
| CVE-2022-42334 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86/HVM pinned cache attributes mis-handling T[his CNA information rec ... |
| CVE-2022-42333 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86/HVM pinned cache attributes mis-handling T[his CNA information rec ... |
| CVE-2022-42332 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86 shadow plus log-dirty mode use-after-free In environments where ho ... |
| CVE-2022-42331 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86: speculative vulnerability in 32bit SYSCALL path Due to an oversig ... |
| CVE-2022-42330 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Guests can cause Xenstore crash via soft reset When a guest issues a " ... |
| CVE-2022-42327 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | x86: unintended memory sharing between guests On Intel systems that su ... |
| CVE-2022-42326 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can create arbitrary number of nodes via transactions ... |
| CVE-2022-42325 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can create arbitrary number of nodes via transactions ... |
| CVE-2022-42324 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are ... |
| CVE-2022-42323 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ... |
| CVE-2022-42322 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ... |
| CVE-2022-42321 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can crash xenstored via exhausting the stack Xenstore ... |
| CVE-2022-42320 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can get access to Xenstore nodes of deleted domains A ... |
| CVE-2022-42319 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can cause Xenstore to not free temporary memory When ... |
| CVE-2022-42318 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42317 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42316 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42315 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42314 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42313 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42312 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42311 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: guests can let run xenstored out of memory T[his CNA informa ... |
| CVE-2022-42310 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can create orphaned Xenstore nodes By creating multip ... |
| CVE-2022-42309 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-11 ... |
| CVE-2022-33748 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | lock order inversion in transitive grant copy handling As part of XSA- ... |
| CVE-2022-33747 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Arm: unbounded memory consumption for 2nd-level page tables Certain ac ... |
| CVE-2022-33746 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | P2M pool freeing may take excessively long The P2M pool backing second ... |
| CVE-2022-33745 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | insufficient TLB flush for x86 PV guests in shadow mode For migration ... |
| CVE-2022-33744 | vulnerable | unknown | unknown | unknown | unknown | unknown | unknown | Arm guests can cause Dom0 DoS via PV devices When mapping pages of gue ... |
| CVE-2022-33743 | vulnerable | unknown | unknown | unknown | unknown | unknown | unknown | network backend may cause Linux netfront to use freed SKBs While addin ... |
| CVE-2022-33742 | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Linux disk/nic frontends data leaks T[his CNA information record relat ... |
| CVE-2022-33741 | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Linux disk/nic frontends data leaks T[his CNA information record relat ... |
| CVE-2022-33740 | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Linux disk/nic frontends data leaks T[his CNA information record relat ... |
| CVE-2022-29900 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Mis-trained branch predictions for return instructions may allow arbit ... |
| CVE-2022-27672 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | When SMT is enabled, certain AMD processors may speculatively execute ... |
| CVE-2022-26365 | vulnerable | vulnerable | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Linux disk/nic frontends data leaks T[his CNA information record relat ... |
| CVE-2022-26364 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86 pv: Insufficient care with non-coherent mappings T[his CNA informa ... |
| CVE-2022-26363 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86 pv: Insufficient care with non-coherent mappings T[his CNA informa ... |
| CVE-2022-26362 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | x86 pv: Race condition in typeref acquisition Xen maintains a type ref ... |
| CVE-2022-26361 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA in ... |
| CVE-2022-26360 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA in ... |
| CVE-2022-26359 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA in ... |
| CVE-2022-26358 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA in ... |
| CVE-2022-26357 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. ... |
| CVE-2022-26356 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Racy interactions between dirty vram tracking and paging log dirty hyp ... |
| CVE-2022-23825 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Aliases in the branch predictor may cause some AMD processors to predi ... |
| CVE-2022-23824 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IBPB may not prevent return branch predictions from being specified by ... |
| CVE-2022-23816 | vulnerable | vulnerable | unknown | unknown | unknown | unknown | unknown | |
| CVE-2022-23035 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Insufficient cleanup of passed-through device IRQs The management of I ... |
| CVE-2022-23034 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | A PV guest could DoS Xen while unmapping a grant To address XSA-380, r ... |
| CVE-2022-23033 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | arm: guest_physmap_remove_page not removing the p2m mappings The funct ... |
| CVE-2022-21166 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Incomplete cleanup in specific special register write operations for s ... |
| CVE-2022-21125 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) ... |
| CVE-2022-21123 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Incomplete cleanup of multi-core shared buffers for some Intel(R) Proc ... |
| CVE-2021-28709 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | issues with partially successful P2M updates on x86 T[his CNA informat ... |
| CVE-2021-28708 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | PoD operations on misaligned GFNs T[his CNA information record relates ... |
| CVE-2021-28707 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | PoD operations on misaligned GFNs T[his CNA information record relates ... |
| CVE-2021-28706 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | guests may exceed their designated memory limit When a guest is permit ... |
| CVE-2021-28705 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | issues with partially successful P2M updates on x86 T[his CNA informat ... |
| CVE-2021-28704 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | PoD operations on misaligned GFNs T[his CNA information record relates ... |
| CVE-2021-28703 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | grant table v2 status pages may remain accessible after de-allocation ... |
| CVE-2021-28702 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | PCI devices with RMRRs not deassigned correctly Certain PCI devices in ... |
| CVE-2021-28701 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Another race in XENMAPSPACE_grant_table handling Guests are permitted ... |
| CVE-2021-28700 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | xen/arm: No memory limit for dom0less domUs The dom0less feature allow ... |
| CVE-2021-28699 | vulnerable | fixed | vulnerable | fixed | fixed | fixed | fixed | inadequate grant-v2 status frames array bounds check The v2 grant tabl ... |
| CVE-2021-28698 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | long running loops in grant table handling In order to properly monito ... |
| CVE-2021-28697 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | grant table v2 status pages may remain accessible after de-allocation ... |
| CVE-2021-28696 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU page mapping issues on x86 T[his CNA information record relates ... |
| CVE-2021-28695 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU page mapping issues on x86 T[his CNA information record relates ... |
| CVE-2021-28694 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | IOMMU page mapping issues on x86 T[his CNA information record relates ... |
| CVE-2021-28693 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | xen/arm: Boot modules are not scrubbed The bootloader will load boot m ... |
| CVE-2021-28692 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | inappropriate x86 IOMMU timeout detection / handling IOMMUs process co ... |
| CVE-2021-28690 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | x86: TSX Async Abort protections not restored after S3 This issue rela ... |
| CVE-2021-28687 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | HVM soft-reset crashes toolstack libxl requires all data structures pa ... |
| CVE-2021-27379 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.11.x, allowing x86 Intel HVM ... |
| CVE-2021-26933 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen 4.9 through 4.14.x. On Arm, a guest is ... |
| CVE-2021-26313 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Potential speculative code store bypass in all supported CPU products, ... |
| CVE-2021-3308 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 throug ... |
| CVE-2021-0089 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Observable response discrepancy in some Intel(R) Processors may allow ... |
| CVE-2020-29571 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. A bounds check common t ... |
| CVE-2020-29570 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Recording of the per-vC ... |
| CVE-2020-29567 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs t ... |
| CVE-2020-29566 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. When they require assis ... |
| CVE-2020-29486 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Nodes in xenstore have ... |
| CVE-2020-29485 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a ... |
| CVE-2020-29484 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. When a Xenstore watch f ... |
| CVE-2020-29483 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Xenstored and guests co ... |
| CVE-2020-29482 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. A guest may access xens ... |
| CVE-2020-29481 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Access rights of Xensto ... |
| CVE-2020-29480 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Neither xenstore implem ... |
| CVE-2020-29479 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored ... |
| CVE-2020-29040 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x allowing x86 HVM guest O ... |
| CVE-2020-28368 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Xen through 4.14.x allows guest OS administrators to obtain sensitive ... |
| CVE-2020-27674 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS ... |
| CVE-2020-27672 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x allowing x86 guest OS us ... |
| CVE-2020-27671 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH ... |
| CVE-2020-27670 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x allowing x86 guest OS us ... |
| CVE-2020-25604 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. There is a race conditi ... |
| CVE-2020-25603 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. There are missing memor ... |
| CVE-2020-25602 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. An x86 PV guest can tri ... |
| CVE-2020-25601 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. There is a lack of pree ... |
| CVE-2020-25600 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. Out of bounds event cha ... |
| CVE-2020-25599 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. There are evtchn_reset( ... |
| CVE-2020-25597 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. There is mishandling of ... |
| CVE-2020-25596 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. x86 PV guest kernels ca ... |
| CVE-2020-25595 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.14.x. The PCI passthrough cod ... |
| CVE-2020-15567 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing Intel guest OS ... |
| CVE-2020-15566 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing guest OS users ... |
| CVE-2020-15565 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM ... |
| CVE-2020-15564 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing Arm guest OS u ... |
| CVE-2020-15563 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest ... |
| CVE-2020-11743 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing guest OS users ... |
| CVE-2020-11742 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing guest OS users ... |
| CVE-2020-11741 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in xenoprof in Xen through 4.13.x, allowing gu ... |
| CVE-2020-11740 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in xenoprof in Xen through 4.13.x, allowing gu ... |
| CVE-2020-11739 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.13.x, allowing guest OS users ... |
| CVE-2019-19583 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH gue ... |
| CVE-2019-19582 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 guest OS us ... |
| CVE-2019-19581 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing 32-bit Arm gues ... |
| CVE-2019-19580 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ... |
| CVE-2019-19579 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing attackers to ga ... |
| CVE-2019-19578 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ... |
| CVE-2019-19577 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM gue ... |
| CVE-2019-18425 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest ... |
| CVE-2019-18424 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing attackers to ga ... |
| CVE-2019-18423 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ... |
| CVE-2019-18422 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ... |
| CVE-2019-18421 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ... |
| CVE-2019-18420 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ... |
| CVE-2019-17350 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing Arm domU attack ... |
| CVE-2019-17349 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.12.x allowing Arm domU attack ... |
| CVE-2019-17347 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17340 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.11.x allowing x86 guest OS us ... |
| CVE-2019-11135 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | TSX Asynchronous Abort condition on some CPUs utilizing speculative ex ... |
| CVE-2019-11091 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheab ... |
| CVE-2018-19965 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest ... |
| CVE-2018-12207 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Improper invalidation for page table updates by a virtual guest operat ... |
| CVE-2018-12130 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on ... |
| CVE-2018-12127 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some ... |
| CVE-2018-12126 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers o ... |
| CVE-2018-3665 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | System software utilizing Lazy FP state restore technique on systems u ... |
| CVE-2018-3646 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Systems with microprocessors utilizing speculative execution and addre ... |
| CVE-2018-3639 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Systems with microprocessors utilizing speculative execution and specu ... |
| CVE-2018-3620 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Systems with microprocessors utilizing speculative execution and addre ... |
| CVE-2017-10919 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Xen through 4.8.x mishandles virtual interrupt injection, which allows ... |
| CVE-2017-5754 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Systems with microprocessors utilizing speculative execution and indir ... |
| CVE-2017-5715 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Systems with microprocessors utilizing speculative execution and indir ... |
| CVE-2016-9818 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Xen through 4.7.x allows local ARM guest OS users to cause a denial of ... |
| CVE-2016-9817 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Xen through 4.7.x allows local ARM guest OS users to cause a denial of ... |
| CVE-2016-9816 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Xen through 4.7.x allows local ARM guest OS users to cause a denial of ... |
| CVE-2016-9815 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | fixed | Xen through 4.7.x allows local ARM guest OS users to cause a denial of ... |
| Bug | Description |
|---|
| TEMP-0860565-9E8C4B | XSA-206: xenstore denial of service via repeated update |
| TEMP-0000000-CE3B44 | XSA-166: ioreq handling possibly susceptible to multiple read issue |
| CVE-2021-28710 | certain VT-d IOMMUs may not work in shared page table mode For efficie ... |
| CVE-2020-25598 | An issue was discovered in Xen 4.14.x. There is a missing unlock in th ... |
| CVE-2019-17348 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17346 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17345 | An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV gu ... |
| CVE-2019-17344 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17343 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17342 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2019-17341 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2018-19967 | An issue was discovered in Xen through 4.11.x on Intel x86 platforms a ... |
| CVE-2018-19966 | An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ... |
| CVE-2018-19964 | An issue was discovered in Xen 4.11.x allowing x86 guest OS users to c ... |
| CVE-2018-19963 | An issue was discovered in Xen 4.11 allowing HVM guest OS users to cau ... |
| CVE-2018-19962 | An issue was discovered in Xen through 4.11.x on AMD x86 platforms, po ... |
| CVE-2018-19961 | An issue was discovered in Xen through 4.11.x on AMD x86 platforms, po ... |
| CVE-2018-18883 | An issue was discovered in Xen 4.9.x through 4.11.x, on Intel x86 plat ... |
| CVE-2018-15470 | An issue was discovered in Xen through 4.11.x. The logic in oxenstored ... |
| CVE-2018-15469 | An issue was discovered in Xen through 4.11.x. ARM never properly impl ... |
| CVE-2018-15468 | An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contai ... |
| CVE-2018-12893 | An issue was discovered in Xen through 4.10.x. One of the fixes in XSA ... |
| CVE-2018-12892 | An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass ... |
| CVE-2018-12891 | An issue was discovered in Xen through 4.10.x. Certain PV MMU operatio ... |
| CVE-2018-10982 | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ... |
| CVE-2018-10981 | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ... |
| CVE-2018-10472 | An issue was discovered in Xen through 4.10.x allowing x86 HVM guest O ... |
| CVE-2018-10471 | An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ... |
| CVE-2018-8897 | A statement in the System Programming Guide of the Intel 64 and IA-32 ... |
| CVE-2018-7542 | An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH g ... |
| CVE-2018-7541 | An issue was discovered in Xen through 4.10.x allowing guest OS users ... |
| CVE-2018-7540 | An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS ... |
| CVE-2018-5244 | In Xen 4.10, new infrastructure was introduced as part of an overhaul ... |
| CVE-2017-17566 | An issue was discovered in Xen through 4.9.x allowing PV guest OS user ... |
| CVE-2017-17565 | An issue was discovered in Xen through 4.9.x allowing PV guest OS user ... |
| CVE-2017-17564 | An issue was discovered in Xen through 4.9.x allowing guest OS users t ... |
| CVE-2017-17563 | An issue was discovered in Xen through 4.9.x allowing guest OS users t ... |
| CVE-2017-17046 | An issue was discovered in Xen through 4.9.x on the ARM platform allow ... |
| CVE-2017-17045 | An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ... |
| CVE-2017-17044 | An issue was discovered in Xen through 4.9.x allowing HVM guest OS use ... |
| CVE-2017-15597 | An issue was discovered in Xen through 4.9.x. Grant copying code made ... |
| CVE-2017-15596 | An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest ... |
| CVE-2017-15595 | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ... |
| CVE-2017-15594 | An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest ... |
| CVE-2017-15593 | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ... |
| CVE-2017-15592 | An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ... |
| CVE-2017-15591 | An issue was discovered in Xen 4.5.x through 4.9.x allowing attackers ... |
| CVE-2017-15590 | An issue was discovered in Xen through 4.9.x allowing x86 guest OS use ... |
| CVE-2017-15589 | An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS ... |
| CVE-2017-15588 | An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS ... |
| CVE-2017-14431 | Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a ... |
| CVE-2017-14319 | A grant unmapping issue was discovered in Xen through 4.9.x. When remo ... |
| CVE-2017-14318 | An issue was discovered in Xen 4.5.x through 4.9.x. The function `__gn ... |
| CVE-2017-14317 | A domain cleanup issue was discovered in the C xenstore daemon (aka cx ... |
| CVE-2017-14316 | A parameter verification issue was discovered in Xen through 4.9.x. Th ... |
| CVE-2017-12855 | Xen maintains the _GTF_{read,writ}ing bits as appropriate, to inform t ... |
| CVE-2017-12137 | arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS pr ... |
| CVE-2017-12136 | Race condition in the grant table code in Xen 4.6.x through 4.9.x allo ... |
| CVE-2017-12135 | Xen allows local OS guest users to cause a denial of service (crash) o ... |
| CVE-2017-10923 | Xen through 4.8.x does not validate a vCPU array index upon the sendin ... |
| CVE-2017-10922 | The grant-table feature in Xen through 4.8.x mishandles MMIO region gr ... |
| CVE-2017-10921 | The grant-table feature in Xen through 4.8.x does not ensure sufficien ... |
| CVE-2017-10920 | The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_devic ... |
| CVE-2017-10918 | Xen through 4.8.x does not validate memory allocations during certain ... |
| CVE-2017-10917 | Xen through 4.8.x does not validate the port numbers of polled event c ... |
| CVE-2017-10916 | The vCPU context-switch implementation in Xen through 4.8.x improperly ... |
| CVE-2017-10915 | The shadow-paging feature in Xen through 4.8.x mismanages page referen ... |
| CVE-2017-10914 | The grant-table feature in Xen through 4.8.x has a race condition lead ... |
| CVE-2017-10913 | The grant-table feature in Xen through 4.8.x provides false mapping in ... |
| CVE-2017-10912 | Xen through 4.8.x mishandles page transfer, which allows guest OS user ... |
| CVE-2017-8905 | Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback, ... |
| CVE-2017-8904 | Xen through 4.8.x mishandles the "contains segment descriptors" proper ... |
| CVE-2017-8903 | Xen through 4.8.x on 64-bit platforms mishandles page tables after an ... |
| CVE-2017-7995 | Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges ... |
| CVE-2017-7228 | An issue (known as XSA-212) was discovered in Xen, with fixes availabl ... |
| CVE-2017-2620 | Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ... |
| CVE-2016-10025 | VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD v ... |
| CVE-2016-10024 | Xen through 4.8.x allows local x86 PV guest OS kernel administrators t ... |
| CVE-2016-10013 | Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain p ... |
| CVE-2016-9932 | CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows l ... |
| CVE-2016-9637 | The (1) ioport_read and (2) ioport_write functions in Xen, when qemu i ... |
| CVE-2016-9603 | A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA e ... |
| CVE-2016-9386 | The x86 emulator in Xen does not properly treat x86 NULL segments as u ... |
| CVE-2016-9385 | The x86 segment base write emulation functionality in Xen 4.4.x throug ... |
| CVE-2016-9384 | Xen 4.7 allows local guest OS users to obtain sensitive host informati ... |
| CVE-2016-9383 | Xen, when running on a 64-bit hypervisor, allows local x86 guest OS us ... |
| CVE-2016-9382 | Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, whic ... |
| CVE-2016-9381 | Race condition in QEMU in Xen allows local x86 HVM guest OS administra ... |
| CVE-2016-9380 | The pygrub boot loader emulator in Xen, when nul-delimited output form ... |
| CVE-2016-9379 | The pygrub boot loader emulator in Xen, when S-expression output forma ... |
| CVE-2016-9378 | Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when ... |
| CVE-2016-9377 | Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when ... |
| CVE-2016-7777 | Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which ... |
| CVE-2016-7154 | Use-after-free vulnerability in the FIFO event channel code in Xen 4.4 ... |
| CVE-2016-7094 | Buffer overflow in Xen 4.7.x and earlier allows local x86 HVM guest OS ... |
| CVE-2016-7093 | Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to ... |
| CVE-2016-7092 | The get_page_from_l3e function in arch/x86/mm.c in Xen allows local 32 ... |
| CVE-2016-6259 | Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Preven ... |
| CVE-2016-6258 | The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows ... |
| CVE-2016-5242 | The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x ... |
| CVE-2016-4963 | The libxl device-handling in Xen through 4.6.x allows local guest OS u ... |
| CVE-2016-4962 | The libxl device-handling in Xen 4.6.x and earlier allows local OS gue ... |
| CVE-2016-4480 | The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6. ... |
| CVE-2016-3960 | Integer overflow in the x86 shadow pagetable code in Xen allows local ... |
| CVE-2016-3712 | Integer overflow in the VGA module in QEMU allows local guest OS users ... |
| CVE-2016-3710 | The VGA module in QEMU improperly performs bounds checking on banked a ... |
| CVE-2016-3159 | The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not proper ... |
| CVE-2016-3158 | The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly ... |
| CVE-2016-2271 | VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows ... |
| CVE-2016-2270 | Xen 4.6.x and earlier allows local guest administrators to cause a den ... |
| CVE-2016-1571 | The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x th ... |
| CVE-2016-1570 | The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, a ... |
| CVE-2015-8615 | The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 doe ... |
| CVE-2015-8555 | Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU ... |
| CVE-2015-8554 | Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using th ... |
| CVE-2015-8550 | Xen, when used on a system providing PV backends, allows local guest O ... |
| CVE-2015-8341 | The libxl toolstack library in Xen 4.1.x through 4.6.x does not proper ... |
| CVE-2015-8340 | The memory_exchange function in common/memory.c in Xen 3.2.x through 4 ... |
| CVE-2015-8339 | The memory_exchange function in common/memory.c in Xen 3.2.x through 4 ... |
| CVE-2015-8338 | Xen 4.6.x and earlier does not properly enforce limits on page order i ... |
| CVE-2015-8104 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x thr ... |
| CVE-2015-7972 | The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2 ... |
| CVE-2015-7971 | Xen 3.2.x through 4.6.x does not limit the number of printk console me ... |
| CVE-2015-7970 | The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3 ... |
| CVE-2015-7969 | Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest admin ... |
| CVE-2015-7835 | The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x do ... |
| CVE-2015-7814 | Race condition in the relinquish_memory function in arch/arm/domain.c ... |
| CVE-2015-7813 | Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk consol ... |
| CVE-2015-7812 | The hypercall_create_continuation function in arch/arm/domain.c in Xen ... |
| CVE-2015-7311 | libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly ... |
| CVE-2015-6654 | The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, ... |
| CVE-2015-5307 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x thr ... |
| CVE-2015-5166 | Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ... |
| CVE-2015-5165 | The C+ mode offload emulation in the RTL8139 network card device model ... |
| CVE-2015-5154 | Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xe ... |
| CVE-2015-4164 | The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way ... |
| CVE-2015-4163 | GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the gran ... |
| CVE-2015-4106 | QEMU does not properly restrict write access to the PCI config space f ... |
| CVE-2015-4105 | Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through err ... |
| CVE-2015-4104 | Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI m ... |
| CVE-2015-4103 | Xen 3.3.x through 4.5.x does not properly restrict write access to the ... |
| CVE-2015-3456 | The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ear ... |
| CVE-2015-3340 | Xen 4.2.x through 4.5.x does not initialize certain fields, which allo ... |
| CVE-2015-3259 | Stack-based buffer overflow in the xl command line utility in Xen 4.1. ... |
| CVE-2015-3214 | The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and Q ... |
| CVE-2015-3209 | Heap-based buffer overflow in the PCNET controller in QEMU allows remo ... |
| CVE-2015-2756 | QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict a ... |
| CVE-2015-2752 | The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, wh ... |
| CVE-2015-2751 | Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allo ... |
| CVE-2015-2152 | Xen 4.5.x and earlier enables certain default backends when emulating ... |
| CVE-2015-2151 | The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore s ... |
| CVE-2015-2045 | The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does n ... |
| CVE-2015-2044 | The emulation routines for unspecified X86 devices in Xen 3.2.x throug ... |
| CVE-2015-1563 | The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows l ... |
| CVE-2015-0361 | Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows rem ... |
| CVE-2015-0268 | The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when r ... |
| CVE-2014-9065 | common/spinlock.c in Xen 4.4.x and earlier does not properly handle re ... |
| CVE-2014-9030 | The do_mmu_update function in arch/x86/mm.c in Xen 3.2.x through 4.4.x ... |
| CVE-2014-8867 | The acceleration support for the "REP MOVS" instruction in Xen 4.4.x, ... |
| CVE-2014-8866 | The compatibility mode hypercall argument translation in Xen 3.3.x thr ... |
| CVE-2014-8595 | arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not ... |
| CVE-2014-8594 | The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x d ... |
| CVE-2014-7188 | The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 t ... |
| CVE-2014-7156 | The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen ... |
| CVE-2014-7155 | The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen ... |
| CVE-2014-7154 | Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x do ... |
| CVE-2014-6268 | The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest u ... |
| CVE-2014-5149 | Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when ... |
| CVE-2014-5148 | Xen 4.4.x, when running on an ARM system and "handling an unknown syst ... |
| CVE-2014-5147 | Xen 4.4.x, when running a 64-bit kernel on an ARM system, does not pro ... |
| CVE-2014-5146 | Certain MMU virtualization operations in Xen 4.2.x through 4.4.x befor ... |
| CVE-2014-4883 | resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in ... |
| CVE-2014-4022 | The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, wh ... |
| CVE-2014-4021 | Xen 3.2.x through 4.4.x does not properly clean memory pages recovered ... |
| CVE-2014-3969 | Xen 4.4.x, when running on an ARM system, does not properly check writ ... |
| CVE-2014-3968 | The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows lo ... |
| CVE-2014-3967 | The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not ... |
| CVE-2014-3717 | Xen 4.4.x does not properly validate the load address for 64-bit ARM g ... |
| CVE-2014-3716 | Xen 4.4.x does not properly check alignment, which allows local users ... |
| CVE-2014-3715 | Buffer overflow in Xen 4.4.x allows local users to read system memory ... |
| CVE-2014-3714 | The ARM image loading functionality in Xen 4.4.x does not properly val ... |
| CVE-2014-3672 | The qemu implementation in libvirt before 1.3.0 and Xen allows local g ... |
| CVE-2014-3125 | Xen 4.4.x, when running on an ARM system, does not properly context sw ... |
| CVE-2014-3124 | The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local g ... |
| CVE-2014-2986 | The vgic_distr_mmio_write function in the virtual guest interrupt cont ... |
| CVE-2014-2915 | Xen 4.4.x, when running on ARM systems, does not properly restrict acc ... |
| CVE-2014-2599 | The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bi ... |
| CVE-2014-1950 | Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen ... |
| CVE-2014-1896 | The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4 ... |
| CVE-2014-1895 | Off-by-one error in the flask_security_avc_cachestats function in xsm/ ... |
| CVE-2014-1894 | Multiple integer overflows in unspecified suboperations in the flask h ... |
| CVE-2014-1893 | Multiple integer overflows in the (1) FLASK_GETBOOL and (2) FLASK_SETB ... |
| CVE-2014-1892 | Xen 3.3 through 4.1, when XSM is enabled, allows local users to cause ... |
| CVE-2014-1891 | Multiple integer overflows in the (1) FLASK_GETBOOL, (2) FLASK_SETBOOL ... |
| CVE-2014-1666 | The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, ... |
| CVE-2014-1642 | The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough an ... |
| CVE-2013-6400 | Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been a ... |
| CVE-2013-6375 | Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does n ... |
| CVE-2013-4554 | Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), an ... |
| CVE-2013-4553 | The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possib ... |
| CVE-2013-4551 | Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not ... |
| CVE-2013-4494 | Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock a ... |
| CVE-2013-4416 | The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, a ... |
| CVE-2013-4375 | The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4. ... |
| CVE-2013-4371 | Use-after-free vulnerability in the libxl_list_cpupool function in the ... |
| CVE-2013-4370 | The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x an ... |
| CVE-2013-4369 | The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and ... |
| CVE-2013-4368 | The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier ... |
| CVE-2013-4361 | The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use ... |
| CVE-2013-4356 | Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when ... |
| CVE-2013-4355 | Xen 4.3.x and earlier does not properly handle certain errors, which a ... |
| CVE-2013-4344 | Buffer overflow in the SCSI implementation in QEMU, as used in Xen, wh ... |
| CVE-2013-4329 | The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is ... |
| CVE-2013-3495 | The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x a ... |
| CVE-2013-2212 | The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling ca ... |
| CVE-2013-2211 | The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2 ... |
| CVE-2013-2196 | Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen ... |
| CVE-2013-2195 | The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest adm ... |
| CVE-2013-2194 | Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and ... |
| CVE-2013-2078 | Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users ... |
| CVE-2013-2077 | Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of ... |
| CVE-2013-2076 | Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only sa ... |
| CVE-2013-2072 | Buffer overflow in the Python bindings for the xc_vcpu_setaffinity cal ... |
| CVE-2013-1964 | Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releas ... |
| CVE-2013-1952 | Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, ... |
| CVE-2013-1922 | qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw ... |
| CVE-2013-1920 | Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under m ... |
| CVE-2013-1919 | Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which a ... |
| CVE-2013-1918 | Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and ea ... |
| CVE-2013-1917 | Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not ... |
| CVE-2013-1442 | Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not pr ... |
| CVE-2013-1432 | Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not prope ... |
| CVE-2013-0215 | oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly ... |
| CVE-2013-0154 | The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debug ... |
| CVE-2013-0153 | The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, wh ... |
| CVE-2013-0152 | Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a ... |
| CVE-2013-0151 | The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x ... |
| CVE-2012-6333 | Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM ... |
| CVE-2012-6075 | Buffer overflow in the e1000_receive function in the e1000 device driv ... |
| CVE-2012-6036 | The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) tm ... |
| CVE-2012-6035 | The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in ... |
| CVE-2012-6034 | The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv funct ... |
| CVE-2012-6033 | The do_tmem_control function in the Transcendent Memory (TMEM) in Xen ... |
| CVE-2012-6032 | Multiple integer overflows in the (1) tmh_copy_from_client and (2) tmh ... |
| CVE-2012-6031 | The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, ... |
| CVE-2012-6030 | The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, ... |
| CVE-2012-5634 | Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, ... |
| CVE-2012-5525 | The get_page_from_gfn hypercall function in Xen 4.2 allows local PV gu ... |
| CVE-2012-5515 | The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and ... |
| CVE-2012-5514 | The guest_physmap_mark_populate_on_demand function in Xen 4.2 and earl ... |
| CVE-2012-5513 | The XENMEM_exchange handler in Xen 4.2 and earlier does not properly c ... |
| CVE-2012-5512 | Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allow ... |
| CVE-2012-5511 | Stack-based buffer overflow in the dirty video RAM tracking functional ... |
| CVE-2012-5510 | Xen 4.x, when downgrading the grant table version, does not properly r ... |
| CVE-2012-4544 | The PV domain builder in Xen 4.2 and earlier does not validate the siz ... |
| CVE-2012-4539 | Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hyper ... |
| CVE-2012-4538 | The HVMOP_pagetable_dying hypercall in Xen 4.0, 4.1, and 4.2 does not ... |
| CVE-2012-4537 | Xen 3.4 through 4.2, and possibly earlier versions, does not properly ... |
| CVE-2012-4536 | The (1) domain_pirq_to_emuirq and (2) physdev_unmap_pirq functions in ... |
| CVE-2012-4535 | Xen 3.4 through 4.2, and possibly earlier versions, allows local guest ... |
| CVE-2012-4411 | The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest ad ... |
| CVE-2012-3516 | The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall ... |
| CVE-2012-3515 | Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulat ... |
| CVE-2012-3498 | PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and e ... |
| CVE-2012-3497 | (1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) T ... |
| CVE-2012-3496 | XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer ... |
| CVE-2012-3495 | The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x ... |
| CVE-2012-3494 | The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4 ... |
| CVE-2012-3433 | Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of ... |
| CVE-2012-3432 | The handle_mmio function in arch/x86/hvm/io.c in the MMIO operations e ... |
| CVE-2012-2934 | Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, ... |
| CVE-2012-2625 | The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1a ... |
| CVE-2012-0218 | Xen 3.4, 4.0, and 4.1, when the guest OS has not registered a handler ... |
| CVE-2012-0217 | The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, ... |
| CVE-2012-0029 | Heap-based buffer overflow in the process_tx_desc function in the e100 ... |
| CVE-2011-4111 | Buffer overflow in the ccid_card_vscard_handle_message function in hw/ ... |
| CVE-2011-3262 | tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow ... |
| CVE-2011-3131 | Xen 4.1.1 and earlier allows local guest OS kernels with control of a ... |
| CVE-2011-2901 | Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows ... |
| CVE-2011-2519 | Xen in the Linux kernel, when running a guest on a host without hardwa ... |
| CVE-2011-1898 | Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough ... |
| CVE-2011-1583 | Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xe ... |
| CVE-2011-1166 | Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a d ... |
| CVE-2010-4255 | The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and ear ... |
| CVE-2010-2938 | arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS ... |