Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Vulnerable Source Files (1)
/common/grant_table.c
Vulnerabilities
| CVE |
Severity |
 CVSS |
Dependency |
Type |
Fixed in (xenRELEASE version) |
Remediation Possible** |
Reachability |
| CVE-2020-29481 |
 Critical |
9.3 |
xenRELEASE-4.0.0 |
Direct |
N/A |
❌ |
|
| CVE-2019-19578 |
Critical |
9.3 |
detected in multiple dependencies |
Direct |
RELEASE-4.12.2 |
❌ |
|
| CVE-2020-27671 |
 High |
8.8 |
xenRELEASE-4.0.0 |
Direct |
All Xen users should upgrade to the latest version # emerge --sync |
|
|
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-27670 | High | 8.8 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-15565 | High | 8.8 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.3-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.12.3-r2 >= | ❌| |
| CVE-2020-11741 | High | 8.8 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.12.2-r1 >= | ❌| |
| CVE-2018-7541 | High | 8.8 | detected in multiple dependencies | Direct | xen-libs-32bit - 4.15.1_01-1.2;xen-tools - 4.15.1_01-1.2,4.10.1_04-1.4;xen - 4.15.1_01-1.2,4.10.1_04-1.4;xen-tools-xendomains-wait-disk - 4.15.1_01-1.2;xen-libs - 4.15.1_01-1.2;xen-doc-html - 4.15.1_01-1.2;xen-tools-domU - 4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2;xen-devel - 4.10.1_04-1.4,4.15.1_01-1.2 | ❌| |
| CVE-2018-10982 | High | 8.8 | detected in multiple dependencies | Direct | 4.10.1-r2 | ❌| |
| CVE-2017-17563 | High | 8.8 | detected in multiple dependencies | Direct | 4.9.2 | ❌| |
| CVE-2017-10917 | High | 8.8 | xenRELEASE-4.0.0 | Direct | The vendor has issued a fix (xsa221.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-221.html | ❌| |
| CVE-2017-15597 | High | 8.7 | xenRELEASE-4.0.0 | Direct | The vendor has issued a fix (xsa236-4.5.patch, xsa236-4.9.patch, and xsa236.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-236.html | ❌| |
| CVE-2018-19966 | High | 8.6 | detected in multiple dependencies | Direct | 4.12-rc2 | ❌| |
| CVE-2015-8338 | High | 8.6 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
| CVE-2014-8173 | High | 8.6 | xenRELEASE-4.0.0 | Direct | 3.13 | ❌| |
| CVE-2020-25603 | High | 8.5 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-25595 | High | 8.5 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-29483 | High | 8.2 | xenRELEASE-4.0.0 | Direct | N/A | ❌| |
| CVE-2020-25597 | High | 8.2 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2015-4104 | High | 8.2 | xenRELEASE-4.0.0 | Direct | RELEASE-4.6.0 | ❌| |
| CVE-2014-9030 | High | 8.2 | xenRELEASE-4.0.0 | Direct | 4.3.4-rc1,4.4.2-rc1 | ❌| |
| CVE-2020-29484 | High | 8.1 | xenRELEASE-4.0.0 | Direct | N/A | ❌| |
| CVE-2018-19962 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.12-rc2 | ❌| |
| CVE-2018-19961 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.12-rc2 | ❌| |
| CVE-2017-17566 | High | 7.5 | detected in multiple dependencies | Direct | 4.9.2 | ❌| |
| CVE-2016-6258 | High | 7.5 | xenRELEASE-4.0.0 | Direct | xen-system-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xenstore-utils - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-common - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxenstore3.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1 | ❌| |
| CVE-2016-3960 | High | 7.5 | detected in multiple dependencies | Direct | 6.38,7.43,8.0.4 | ❌| |
| CVE-2013-6375 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.4.0 | ❌| |
| CVE-2013-2211 | High | 7.5 | detected in multiple dependencies | Direct | 4.3.0 | ❌| |
| CVE-2013-2196 | High | 7.5 | detected in multiple dependencies | Direct | 4.3.0 | ❌| |
| CVE-2013-2195 | High | 7.5 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version >= xen-4.2.2-r1
All Xen-tools users should upgrade to the latest version >= xen-tools-4.2.2-r3
All Xen-pvgrub users should upgrade to the latest version >= xen-pvgrub-4.2.2-r1
| ❌| |
| CVE-2013-2194 | High | 7.5 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version >= xen-4.2.2-r1
All Xen-tools users should upgrade to the latest version >= xen-tools-4.2.2-r3
All Xen-pvgrub users should upgrade to the latest version >= xen-pvgrub-4.2.2-r1
| ❌| |
| CVE-2013-2072 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1 | ❌| |
| CVE-2013-1920 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1 | ❌| |
| CVE-2012-5513 | High | 7.5 | detected in multiple dependencies | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2012-3516 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched | ❌| |
| CVE-2011-1898 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched,RELEASE-4.2.0 | ❌| |
| CVE-2011-1583 | High | 7.5 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched,RELEASE-4.2.0 | ❌| |
| CVE-2020-25599 | High | 7.3 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2019-18420 | High | 7.1 | xenRELEASE-4.0.0 | Direct | 4.13.0-rc2 | ❌| |
| CVE-2015-8555 | 
Medium | 6.9 | xenRELEASE-4.0.0 | Direct | xen-system-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xenstore-utils - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-common - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxenstore3.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1 | ❌| |
| CVE-2015-7969 | Medium | 6.9 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
| CVE-2014-8867 | Medium | 6.9 | detected in multiple dependencies | Direct | 4.5.0-rc3 | ❌| |
| CVE-2012-5510 | Medium | 6.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2020-25601 | Medium | 6.8 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-25600 | Medium | 6.8 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-11743 | Medium | 6.8 | xenRELEASE-4.0.0 | Direct | 4.14.0-rc1 | ❌| |
| CVE-2020-11742 | Medium | 6.8 | xenRELEASE-4.0.0 | Direct | 4.14.0-rc1 | ❌| |
| CVE-2020-11740 | Medium | 6.8 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.12.2-r1 >= | ❌| |
| CVE-2017-17565 | Medium | 6.8 | xenRELEASE-4.0.0 | Direct | 4.9.2 | ❌| |
| CVE-2016-2270 | Medium | 6.8 | detected in multiple dependencies | Direct | xen-system-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xenstore-utils - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.6-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.1-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-4.6 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-utils-common - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxen-ocaml-dev - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-amd64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-arm64 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-system-armhf - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;libxenstore3.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.0 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-docs-4.1 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1;xen-hypervisor-4.0-i386 - 4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1,4.8.0rc3-1 | ❌| |
| CVE-2016-10025 | Medium | 6.8 | xenRELEASE-4.0.0 | Direct | libxen-ocaml-dev - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-system-amd64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-system-arm64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-system-armhf - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;libxenstore3.0 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-docs-4.0 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-docs-4.1 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.0-i386 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-system-i386 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xenstore-utils - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.0-amd64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.1-i386 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.6-amd64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.6-arm64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.6-armhf - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-hypervisor-4.1-amd64 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;libxen-4.1 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;libxen-4.6 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;libxen-dev - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;libxen-ocaml - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-utils-4.0 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-utils-4.1 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-utils-4.6 - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1;xen-utils-common - 4.8.0-1,4.8.0-1,4.8.0-1,4.8.0-1 | ❌| |
| CVE-2017-10913 | Medium | 6.3 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version >= xen-4.7.3
All Xen pvgrub users should upgrade to the latest version >= xen-pvgrub-4.7.3
All Xen Tools users should upgrade to the latest version >= xen-tools-4.7.3
| ❌| |
| CVE-2021-28690 | Medium | 6.0 | xenRELEASE-4.0.0 | Direct | All Xen 4.14.x users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.14.2-r1
All Xen 4.15.x users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.15.0-r1 >= | ❌| |
| CVE-2013-2077 | Medium | 6.0 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc4 | ❌| |
| CVE-2018-19964 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.12-rc2 | ❌| |
| CVE-2015-8340 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
| CVE-2015-8339 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | All Xen 4.5 users should upgrade to the latest version >= xen-4.5.2-r5
All Xen 4.6 users should upgrade to the latest version >= xen-4.6.0-r9
All Xen tools 4.5 users should upgrade to the latest version >= xen-tools-4.5.2-r5
All Xen tools 4.6 users should upgrade to the latest version >= xen-tools-4.6.0-r9
All Xen pvgrub users should upgrade to the latest version >= xen-pvgrub-4.6.0
| ❌| |
| CVE-2015-7972 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.7.0-rc1 | ❌| |
| CVE-2015-7970 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.7.0-rc1 | ❌| |
| CVE-2015-2752 | Medium | 5.9 | detected in multiple dependencies | Direct | All Xen 4.4 users should upgrade to the latest version >= xen-4.4.2-r1
All Xen 4.2 users should upgrade to the latest version >= xen-4.2.5-r8
| ❌| |
| CVE-2014-7154 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.5.0-rc1 | ❌| |
| CVE-2014-1895 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.4.0-rc4 | ❌| |
| CVE-2014-1894 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
| CVE-2014-1893 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
| CVE-2014-1892 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
| CVE-2014-1891 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
| CVE-2013-4553 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | All Xen 4.3 users should upgrade to the latest version >= xen-4.3.2-r2
All Xen 4.2 users should upgrade to the latest version >= xen-4.2.4-r2
All xen-tools 4.3 users should upgrade to the latest version >= xen-tools-4.3.2-r2
All xen-tools 4.2 users should upgrade to the latest version >= xen-tools-4.2.4-r2
All Xen PVGRUB 4.3 users should upgrade to the latest version >= xen-pvgrub-4.3.2
All Xen PVGRUB 4.2 users should upgrade to the latest version >= xen-pvgrub-4.2.4
| ❌| |
| CVE-2013-4494 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | kernel-xen-debuginfo - 2.6.18,2.6.18,2.6.18;kernel-debuginfo-common - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-headers - 2.6.18,2.6.18;kernel-PAE - 2.6.18;kernel-doc - 2.6.18;kernel-xen - 2.6.18,2.6.18;kernel-PAE-devel - 2.6.18;kernel-PAE-debuginfo - 2.6.18;kernel-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug-devel - 2.6.18,2.6.18;kernel-kdump-debuginfo - 2.6.18,2.6.18;kernel-debug-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug - 2.6.18,2.6.18;kernel-devel - 2.6.18,2.6.18;kernel - 2.6.18,2.6.18,2.6.18;kernel-xen-devel - 2.6.18,2.6.18 | ❌| |
| CVE-2013-4416 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0 | ❌| |
| CVE-2013-1952 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1 | ❌| |
| CVE-2013-1919 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.3.0-rc1 | ❌| |
| CVE-2013-0153 | Medium | 5.9 | detected in multiple dependencies | Direct | 4.2.2 | ❌| |
| CVE-2013-0152 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.1 | ❌| |
| CVE-2012-5515 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2012-4539 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2012-3498 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched,RELEASE-4.2.0 | ❌| |
| CVE-2012-3494 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched | ❌| |
| CVE-2012-2373 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 3.4.5 | ❌| |
| CVE-2012-1179 | Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 3.3.1 | ❌| |
| CVE-2020-25604 | Medium | 5.7 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2020-25598 | Medium | 5.7 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
=app-emulation/xen-tools-4.13.1-r5 >= | ❌| |
| CVE-2012-3432 | Medium | 5.7 | xenRELEASE-4.0.0 | Direct | xenstore-utils - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;xen-hypervisor-4.0-amd64 - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;libxen-dev - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;xen-utils-4.0 - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;libxenstore3.0 - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;xen-docs-4.0 - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1;xen-hypervisor-4.0-i386 - 4.1.3-1,4.1.3-1,4.1.3-1,4.1.3-1 | ❌| |
| CVE-2019-18424 | Medium | 5.4 | detected in multiple dependencies | Direct | 4.13.0-rc2 | ❌| |
| CVE-2017-12135 | Medium | 5.1 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version >= xen-4.9.1-r1
All Xen tools users should upgrade to the latest version >= xen-tools-4.9.1-r1
| ❌| |
| CVE-2012-4544 | Medium | 5.1 | detected in multiple dependencies | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2012-4537 | Medium | 5.1 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2016-3158 | Medium | 4.8 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
| CVE-2020-29480 | Medium | 4.6 | xenRELEASE-4.0.0 | Direct | N/A | ❌| |
| CVE-2015-2044 | 
Low | 2.3 | xenRELEASE-4.0.0 | Direct | All Xen 4.4 users should upgrade to the latest version >= xen-4.4.2-r1
All Xen 4.2 users should upgrade to the latest version >= xen-4.2.5-r8
| ❌| |
| CVE-2016-7777 | Low | 2.1 | xenRELEASE-4.0.0 | Direct | RELEASE-4.7.1, 4.8.0-rc2 | ❌| |
| CVE-2012-4535 | Low | 2.1 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
| CVE-2013-4355 | Low | 2.0 | detected in multiple dependencies | Direct | kernel-xen-debuginfo - 2.6.18,2.6.18,2.6.18;kernel-debuginfo-common - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-headers - 2.6.18,2.6.18;kernel-PAE - 2.6.18;kernel-doc - 2.6.18;kernel-xen - 2.6.18,2.6.18;kernel-PAE-devel - 2.6.18;kernel-PAE-debuginfo - 2.6.18;kernel-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug-devel - 2.6.18,2.6.18;kernel-kdump-debuginfo - 2.6.18,2.6.18;kernel-debug-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug - 2.6.18,2.6.18;kernel-devel - 2.6.18,2.6.18;kernel - 2.6.18,2.6.18,2.6.18;kernel-xen-devel - 2.6.18,2.6.18 | ❌| |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Partial details (13 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
CVE-2020-29481
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
/tools/xenstore/xenstored_core.c
Vulnerability Details
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. Because all Xenstore entries of a guest below /local/domain/ are being deleted by Xen tools when a guest is destroyed, only Xenstore entries of other guests still running are affected. For example, a newly created guest domain might be able to read sensitive information that had belonged to a previously existing guest domain. Both Xenstore implementations (C and Ocaml) are vulnerable.
Publish Date: 2020-12-15
URL: CVE-2020-29481
CVSS 4 Score Details (9.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
CVE-2019-19578
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either point to other pages of the same level, or be pointed to by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.
Publish Date: 2019-12-11
URL: CVE-2019-19578
CVSS 4 Score Details (9.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/
Release Date: 2020-08-24
Fix Resolution: RELEASE-4.12.2
CVE-2020-27671
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
Publish Date: 2020-10-22
URL: CVE-2020-27671
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202011-06
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose
>=app-emulation/xen-tools-4.13.1-r5 >=
CVE-2020-27670
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
Publish Date: 2020-10-22
URL: CVE-2020-27670
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202011-06
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose
>=app-emulation/xen-tools-4.13.1-r5 >=
CVE-2020-15565
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
/drivers/passthrough/vtd/iommu.c
Vulnerability Details
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.
Publish Date: 2020-07-07
URL: CVE-2020-15565
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202007-02
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.3-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose
>=app-emulation/xen-tools-4.12.3-r2 >=
CVE-2020-11741
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.
Publish Date: 2020-04-14
URL: CVE-2020-11741
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202005-08
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
# emerge --ask --oneshot --verbose
>=app-emulation/xen-tools-4.12.2-r1 >=
CVE-2018-7541
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
Publish Date: 2018-02-27
URL: CVE-2018-7541
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-7541
Release Date: 2018-02-27
Fix Resolution: xen-libs-32bit - 4.15.1_01-1.2;xen-tools - 4.15.1_01-1.2,4.10.1_04-1.4;xen - 4.15.1_01-1.2,4.10.1_04-1.4;xen-tools-xendomains-wait-disk - 4.15.1_01-1.2;xen-libs - 4.15.1_01-1.2;xen-doc-html - 4.15.1_01-1.2;xen-tools-domU - 4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2;xen-devel - 4.10.1_04-1.4,4.15.1_01-1.2
CVE-2018-10982
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
Publish Date: 2018-05-10
URL: CVE-2018-10982
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/8884
Release Date: 2018-05-10
Fix Resolution: 4.10.1-r2
CVE-2017-17563
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
Publish Date: 2017-12-12
URL: CVE-2017-17563
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17563
Release Date: 2017-12-12
Fix Resolution: 4.9.2
CVE-2017-10917
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Publish Date: 2017-07-05
URL: CVE-2017-10917
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: http://www.securitytracker.com/id/1038731
Release Date: 2017-12-31
Fix Resolution: The vendor has issued a fix (xsa221.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-221.html
CVE-2017-15597
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
/common/grant_table.c
Vulnerability Details
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
Publish Date: 2017-10-30
URL: CVE-2017-15597
CVSS 4 Score Details (8.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: http://www.securitytracker.com/id/1039653
Release Date: 2017-12-31
Fix Resolution: The vendor has issued a fix (xsa236-4.5.patch, xsa236-4.9.patch, and xsa236.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-236.html
CVE-2018-19966
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.
Publish Date: 2018-12-08
URL: CVE-2018-19966
CVSS 4 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19966
Release Date: 2018-12-08
Fix Resolution: 4.12-rc2
CVE-2015-8338
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.
Publish Date: 2015-12-17
URL: CVE-2015-8338
CVSS 4 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8338
Release Date: 2015-12-17
Fix Resolution: 4.7.0-rc1
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Vulnerabilities
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.3-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-221.html | ❌| |
High | 8.7 | xenRELEASE-4.0.0 | Direct | The vendor has issued a fix (xsa236-4.5.patch, xsa236-4.9.patch, and xsa236.patch).
| CVE-2017-15597 |
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-236.html | ❌| |
High | 8.6 | detected in multiple dependencies | Direct | 4.12-rc2 | ❌| |
High | 8.6 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
High | 8.6 | xenRELEASE-4.0.0 | Direct | 3.13 | ❌| |
High | 8.5 | xenRELEASE-4.0.0 | Direct | All Xen users should upgrade to the latest version # emerge --sync
| CVE-2018-19966 |
| CVE-2015-8338 |
| CVE-2014-8173 |
| CVE-2020-25603 |
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.14.2-r1
All Xen 4.15.x users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose >=app-emulation/xen-4.15.0-r1 >= | ❌| |
| CVE-2013-2077 |
Medium | 6.0 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc4 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.12-rc2 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.7.0-rc1 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | All Xen 4.5 users should upgrade to the latest version >= xen-4.5.2-r5
Medium | 5.9 | detected in multiple dependencies | Direct | 4.7.0-rc1 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.7.0-rc1 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | All Xen 4.4 users should upgrade to the latest version >= xen-4.4.2-r1
Medium | 5.9 | detected in multiple dependencies | Direct | 4.5.0-rc1 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.4.0-rc4 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0-rc4 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | All Xen 4.3 users should upgrade to the latest version >= xen-4.3.2-r2
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | kernel-xen-debuginfo - 2.6.18,2.6.18,2.6.18;kernel-debuginfo-common - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-headers - 2.6.18,2.6.18;kernel-PAE - 2.6.18;kernel-doc - 2.6.18;kernel-xen - 2.6.18,2.6.18;kernel-PAE-devel - 2.6.18;kernel-PAE-debuginfo - 2.6.18;kernel-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug-devel - 2.6.18,2.6.18;kernel-kdump-debuginfo - 2.6.18,2.6.18;kernel-debug-debuginfo - 2.6.18,2.6.18,2.6.18,2.6.18,2.6.18;kernel-debug - 2.6.18,2.6.18;kernel-devel - 2.6.18,2.6.18;kernel - 2.6.18,2.6.18,2.6.18;kernel-xen-devel - 2.6.18,2.6.18 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.4.0 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.3.0-rc1 | ❌| |
Medium | 5.9 | detected in multiple dependencies | Direct | 4.2.2 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.1 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.3.0-rc1,RELEASE-4.3.0 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched,RELEASE-4.2.0 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 4.2.0-branched | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 3.4.5 | ❌| |
Medium | 5.9 | xenRELEASE-4.0.0 | Direct | 3.3.1 | ❌| |
Medium | 5.7 | detected in multiple dependencies | Direct | All Xen users should upgrade to the latest version # emerge --sync
| CVE-2018-19964 |
| CVE-2015-8340 |
| CVE-2015-8339 |
All Xen 4.6 users should upgrade to the latest version >= xen-4.6.0-r9
All Xen tools 4.5 users should upgrade to the latest version >= xen-tools-4.5.2-r5
All Xen tools 4.6 users should upgrade to the latest version >= xen-tools-4.6.0-r9
All Xen pvgrub users should upgrade to the latest version >= xen-pvgrub-4.6.0
| ❌| |
| CVE-2015-7972 |
| CVE-2015-7970 |
| CVE-2015-2752 |
All Xen 4.2 users should upgrade to the latest version >= xen-4.2.5-r8
| ❌| |
| CVE-2014-7154 |
| CVE-2014-1895 |
| CVE-2014-1894 |
| CVE-2014-1893 |
| CVE-2014-1892 |
| CVE-2014-1891 |
| CVE-2013-4553 |
All Xen 4.2 users should upgrade to the latest version >= xen-4.2.4-r2
All xen-tools 4.3 users should upgrade to the latest version >= xen-tools-4.3.2-r2
All xen-tools 4.2 users should upgrade to the latest version >= xen-tools-4.2.4-r2
All Xen PVGRUB 4.3 users should upgrade to the latest version >= xen-pvgrub-4.3.2
All Xen PVGRUB 4.2 users should upgrade to the latest version >= xen-pvgrub-4.2.4
| ❌| |
| CVE-2013-4494 |
| CVE-2013-4416 |
| CVE-2013-1952 |
| CVE-2013-1919 |
| CVE-2013-0153 |
| CVE-2013-0152 |
| CVE-2012-5515 |
| CVE-2012-4539 |
| CVE-2012-3498 |
| CVE-2012-3494 |
| CVE-2012-2373 |
| CVE-2012-1179 |
| CVE-2020-25604 |
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5
All Xen Tools users should upgrade to the latest version # emerge --sync
emerge --ask --oneshot --verbose
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid will inherit the access rights to Xenstore nodes from the previous domain(s) with the same domid. Because all Xenstore entries of a guest below /local/domain/ are being deleted by Xen tools when a guest is destroyed, only Xenstore entries of other guests still running are affected. For example, a newly created guest domain might be able to read sensitive information that had belonged to a previously existing guest domain. Both Xenstore implementations (C and Ocaml) are vulnerable.
Publish Date: 2020-12-15
URL: CVE-2020-29481
CVSS 4 Score Details (9.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves either pointing a pagetable at itself, or to another pagetable of the same or higher level. Xen has limited support for linear pagetables: A page may either point to itself, or point to another pagetable of the same level (i.e., L2 to L2, L3 to L3, and so on). XSA-240 introduced an additional restriction that limited the "depth" of such chains by allowing pages to either point to other pages of the same level, or be pointed to by other pages of the same level, but not both. To implement this, we keep track of the number of outstanding times a page points to or is pointed to another page table, to prevent both from happening at the same time. Unfortunately, the original commit introducing this reset this count when resuming validation of a partially-validated pagetable, incorrectly dropping some "linear_pt_entry" counts. If an attacker could engineer such a situation to occur, they might be able to make loops or other arbitrary chains of linear pagetables, as described in XSA-240. A malicious or buggy PV guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be excluded. All versions of Xen are vulnerable. Only x86 systems are affected. Arm systems are not affected. Only x86 PV guests can leverage the vulnerability. x86 HVM and PVH guests cannot leverage the vulnerability. Only systems which have enabled linear pagetables are vulnerable. Systems which have disabled linear pagetables, either by selecting CONFIG_PV_LINEAR_PT=n when building the hypervisor, or adding pv-linear-pt=false on the command-line, are not vulnerable.
Publish Date: 2019-12-11
URL: CVE-2019-19578
CVSS 4 Score Details (9.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5R73AYE53QA32KTMHUVKCX6E52CIS43/
Release Date: 2020-08-24
Fix Resolution: RELEASE-4.12.2
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
Publish Date: 2020-10-22
URL: CVE-2020-27671
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202011-06
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5 All Xen Tools users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-tools-4.13.1-r5 >=
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
Publish Date: 2020-10-22
URL: CVE-2020-27670
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202011-06
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-4.13.1-r5 All Xen Tools users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-tools-4.13.1-r5 >=
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible.
Publish Date: 2020-07-07
URL: CVE-2020-15565
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202007-02
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.3-r2 All Xen Tools users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-tools-4.12.3-r2 >=
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profiling was enabled by the administrator, the xenoprof code uses the standard Xen shared ring structure. Unfortunately, this code did not treat the guest as a potential adversary: it trusts the guest not to modify buffer size information or modify head / tail pointers in unexpected ways. This can crash the host (DoS). Privilege escalation cannot be ruled out.
Publish Date: 2020-04-14
URL: CVE-2020-11741
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://security.gentoo.org/glsa/202005-08
Fix Resolution: All Xen users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-4.12.2-r2 All Xen Tools users should upgrade to the latest version # emerge --sync # emerge --ask --oneshot --verbose >=app-emulation/xen-tools-4.12.2-r1 >=
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
Publish Date: 2018-02-27
URL: CVE-2018-7541
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-7541
Release Date: 2018-02-27
Fix Resolution: xen-libs-32bit - 4.15.1_01-1.2;xen-tools - 4.15.1_01-1.2,4.10.1_04-1.4;xen - 4.15.1_01-1.2,4.10.1_04-1.4;xen-tools-xendomains-wait-disk - 4.15.1_01-1.2;xen-libs - 4.15.1_01-1.2;xen-doc-html - 4.15.1_01-1.2;xen-tools-domU - 4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2,4.15.1_01-1.2;xen-devel - 4.10.1_04-1.4,4.15.1_01-1.2
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
Publish Date: 2018-05-10
URL: CVE-2018-10982
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://bugs.alpinelinux.org//issues/8884
Release Date: 2018-05-10
Fix Resolution: 4.10.1-r2
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.
Publish Date: 2017-12-12
URL: CVE-2017-17563
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17563
Release Date: 2017-12-12
Fix Resolution: 4.9.2
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
Xen through 4.8.x does not validate the port numbers of polled event channel ports, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) or possibly obtain sensitive information, aka XSA-221.
Publish Date: 2017-07-05
URL: CVE-2017-10917
CVSS 4 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: http://www.securitytracker.com/id/1038731
Release Date: 2017-12-31
Fix Resolution: The vendor has issued a fix (xsa221.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-221.html
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
An issue was discovered in Xen through 4.9.x. Grant copying code made an implication that any grant pin would be accompanied by a suitable page reference. Other portions of code, however, did not match up with that assumption. When such a grant copy operation is being done on a grant of a dying domain, the assumption turns out wrong. A malicious guest administrator can cause hypervisor memory corruption, most likely resulting in host crash and a Denial of Service. Privilege escalation and information leaks cannot be ruled out.
Publish Date: 2017-10-30
URL: CVE-2017-15597
CVSS 4 Score Details (8.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: http://www.securitytracker.com/id/1039653
Release Date: 2017-12-31
Fix Resolution: The vendor has issued a fix (xsa236-4.5.patch, xsa236-4.9.patch, and xsa236.patch).
The vendor advisory is available at:
https://xenbits.xen.org/xsa/advisory-236.html
Vulnerable Libraries - xenRELEASE-4.0.0, xenRELEASE-4.0.0, xenRELEASE-4.0.0
Vulnerability Details
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow paging. NOTE: this issue exists because of an incorrect fix for CVE-2017-15595.
Publish Date: 2018-12-08
URL: CVE-2018-19966
CVSS 4 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19966
Release Date: 2018-12-08
Fix Resolution: 4.12-rc2
Vulnerable Library - xenRELEASE-4.0.0
Mirror of the Xen Repository (PRs not accepted see: http://wiki.xenproject.org/wiki/Submitting_Xen_Project_Patches)
Library home page: https://github.com/xen-project/xen.git
Found in base branch: master
Vulnerable Source Files (1)
Vulnerability Details
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_memory_op suboperations, which allows ARM guest OS administrators to cause a denial of service (CPU consumption, guest reboot, or watchdog timeout and host reboot) and possibly have unspecified other impact via unknown vectors.
Publish Date: 2015-12-17
URL: CVE-2015-8338
CVSS 4 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: N/A
- Impact Metrics:
- Confidentiality Impact: N/A
- Integrity Impact: N/A
- Availability Impact: N/A
For more information on CVSS4 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8338
Release Date: 2015-12-17
Fix Resolution: 4.7.0-rc1