The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via certain traffic, as demonstrated using an FTP stress test tool.
Max CVSS
4.3
EPSS Score
0.66%
Published
2008-04-02
Updated
2017-09-29
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_to_rr, which allows a VTi domain to read memory of other domains.
Max CVSS
2.1
EPSS Score
0.06%
Published
2007-12-04
Updated
2017-09-29
Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
Max CVSS
4.7
EPSS Score
0.06%
Published
2007-11-09
Updated
2017-09-29
Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
Max CVSS
4.7
EPSS Score
0.06%
Published
2007-11-09
Updated
2008-09-05
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-09-27
Updated
2018-10-15
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
Max CVSS
6.0
EPSS Score
0.04%
Published
2007-10-28
Updated
2017-09-29
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!