Search CVE reports
11 – 20 of 21 results
CVE-2008-1943
Medium priorityBuffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a...
7 affected packages
kvm, qemu, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2008-2004
Medium prioritySome fixes available 1 of 18
The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which...
7 affected packages
kvm, qemu, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2007-5498
Low priorityThe Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with a 32-bit paravirtualized guest, allows local privileged users in the guest OS to cause a denial of service (host OS crash) via a...
9 affected packages
kvm, linux, linux-source-2.6.15, linux-source-2.6.22, qemu...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| linux | — | — | — | — | — |
| linux-source-2.6.15 | — | — | — | — | — |
| linux-source-2.6.22 | — | — | — | — | — |
| qemu | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2008-0928
Medium prioritySome fixes available 1 of 14
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
7 affected packages
kvm, qemu, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2007-6416
Negligible priorityThe copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations.
3 affected packages
xen, xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
CVE-2007-5907
Low priorityXen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash).
4 affected packages
xen-3.0, xen-3.1, xen-3.2, xen-3.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2007-5906
Low priorityXen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
CVE-2007-3919
Low priority(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
3 affected packages
xen, xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen | — | — | — | — | — |
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
CVE-2007-4993
Medium prioritySome fixes available 2 of 3
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents...
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
CVE-2007-0998
Unknown prioritySome fixes available 2 of 3
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU...
2 affected packages
xen-3.0, xen-3.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xen-3.0 | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |