The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Xen

Linux, Xen: memory leak via Blkback Driver
An attacker, inside a guest system, can create a memory leak via Blkback Driver of Linux with Xen, in order to trigger a denial of service on the host system...
CERTFR-2021-AVI-227, CERTFR-2021-AVI-228, CERTFR-2021-AVI-264, CTX306565, CVE-2021-28688, openSUSE-SU-2021:0532-1, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1177-1, SUSE-SU-2021:1210-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, VIGILANCE-VUL-34966, XSA-371
Xen: information disclosure via Uncleaned ARM Cache
An attacker, inside a guest system, can bypass access restrictions to data via Uncleaned ARM Cache of Xen, in order to obtain sensitive information on the host system...
CERTFR-2021-AVI-123, CVE-2021-26933, DSA-4888-1, FEDORA-2021-47f53a940a, FEDORA-2021-4c819bf1ad, VIGILANCE-VUL-34592, XSA-364
Xen: denial of service via X86 HVM IRQ Vector
An attacker, inside a guest system, can trigger a fatal error via X86 HVM IRQ Vector of Xen, in order to trigger a denial of service on the host system...
CERTFR-2021-AVI-053, CERTFR-2021-AVI-086, CTX291439, CVE-2021-3308, FEDORA-2021-16c9c40d4d, FEDORA-2021-7785f6c616, SUSE-SU-2021:1023-1, SUSE-SU-2021:1028-1, VIGILANCE-VUL-34399, XSA-360
Xen: NULL pointer dereference via FIFO Event Channels Structure
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via FIFO Event Channels Structure of Xen, in order to trigger a denial of service on the host system...
CVE-2020-29571, DSA-4812-1, FEDORA-2020-64859a826b, FEDORA-2020-df772b417b, openSUSE-SU-2020:2313-1, openSUSE-SU-2020:2331-1, SUSE-SU-2020:14578-1, SUSE-SU-2020:3880-1, SUSE-SU-2020:3881-1, SUSE-SU-2020:3913-1, SUSE-SU-2020:3914-1, SUSE-SU-2020:3915-1, SUSE-SU-2020:3916-1, SUSE-SU-2020:3945-1, VIGILANCE-VUL-34123, XSA-359
Xen: denial of service via FIFO Event Channels Block
An attacker, inside a guest system, can trigger a fatal error via FIFO Event Channels of Xen, in order to trigger a denial of service on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CTX286756, CVE-2020-29570, DSA-4812-1, FEDORA-2020-64859a826b, FEDORA-2020-df772b417b, openSUSE-SU-2020:2313-1, openSUSE-SU-2020:2331-1, SUSE-SU-2020:14578-1, SUSE-SU-2020:3880-1, SUSE-SU-2020:3881-1, SUSE-SU-2020:3913-1, SUSE-SU-2020:3914-1, SUSE-SU-2020:3915-1, SUSE-SU-2020:3916-1, SUSE-SU-2020:3945-1, VIGILANCE-VUL-34122, XSA-358
Xen: overload via IRQ Vectors
An attacker, inside a guest system, can trigger an overload via IRQ Vectors of Xen, in order to trigger a denial of service on the host system...
CERTFR-2020-AVI-824, CVE-2020-29567, FEDORA-2020-64859a826b, FEDORA-2020-df772b417b, VIGILANCE-VUL-34121, XSA-356
Xen: denial of service via XAPI Memory Usage
An attacker, inside a guest system, can trigger a fatal error via XAPI Memory Usage of Xen, in order to trigger a denial of service on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CTX286756, CVE-2020-29487, VIGILANCE-VUL-34120, XSA-354
Xen: privilege escalation via Oxenstored Root Node
An attacker, inside a guest system, can bypass restrictions via Oxenstored Root Node of Xen, in order to escalate his privileges on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CTX286756, CVE-2020-29479, DSA-4812-1, FEDORA-2020-64859a826b, FEDORA-2020-df772b417b, VIGILANCE-VUL-34119, XSA-353
Xen: privilege escalation via oxenstored ownership
An attacker, inside a guest system, can bypass restrictions via oxenstored of Xen, in order to escalate his privileges on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CTX286756, CVE-2020-29486, DSA-4812-1, FEDORA-2020-64859a826b, FEDORA-2020-df772b417b, VIGILANCE-VUL-34118, XSA-352
Xen: use after free via Block Frontend
An attacker, inside a guest system, can force the usage of a freed memory area via Block Frontend of Xen, in order to trigger a denial of service, and possibly to run code on the host system...
CERTFR-2020-AVI-824, CERTFR-2020-AVI-825, CERTFR-2021-AVI-077, CERTFR-2021-AVI-111, CERTFR-2021-AVI-120, CERTFR-2021-AVI-138, CERTFR-2021-AVI-149, CERTFR-2021-AVI-191, CERTFR-2021-AVI-200, CTX286756, CVE-2020-29569, DLA-2557-1, DLA-2586-1, DSA-4843-1, openSUSE-SU-2021:0075-1, openSUSE-SU-2021:0241-1, SUSE-SU-2021:0347-1, SUSE-SU-2021:0348-1, SUSE-SU-2021:0353-1, SUSE-SU-2021:0354-1, SUSE-SU-2021:0427-1, SUSE-SU-2021:0433-1, SUSE-SU-2021:0434-1, SUSE-SU-2021:0437-1, SUSE-SU-2021:0438-1, SUSE-SU-2021:0452-1, SUSE-SU-2021:0532-1, USN-4749-1, USN-4750-1, USN-4751-1, USN-4876-1, VIGILANCE-VUL-34117, XSA-350
Our database contains other pages. You can request a free trial to read them.

Display information about Xen: