Search CVE reports
11 – 20 of 21 results
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a...
7 affected packages
kvm, qemu, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
Some fixes available 1 of 18
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which...
7 affected packages
kvm, qemu, xen-3.0, qemu-kvm, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| xen-3.0 | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a...
9 affected packages
kvm, linux, linux-source-2.6.15, linux-source-2.6.22, qemu...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| linux | — | — | — | — |
| linux-source-2.6.15 | — | — | — | — |
| linux-source-2.6.22 | — | — | — | — |
| qemu | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
Some fixes available 1 of 14
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
7 affected packages
qemu, kvm, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | — | — |
| kvm | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.
3 affected packages
xen-3.0, xen, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen | — | — | — | — |
| xen-3.1 | — | — | — | — |
Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
4 affected packages
xen-3.0, xen-3.1, xen-3.2, xen-3.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
3 affected packages
xen-3.0, xen-3.1, xen
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen | — | — | — | — |
Some fixes available 2 of 3
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents...
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
Some fixes available 2 of 3
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU...
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |