|
221981
|
7.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incom…
|
CWE-20
Improper Input Validation
|
CVE-2019-17347
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221982
|
8.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers (PCID) a…
|
CWE-20
Improper Input Validation
|
CVE-2019-17346
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221983
|
6.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV guest OS users to cause a denial of service because mishandling of failed IOMMU operations causes a bug check during the cleanup of…
|
NVD-CWE-noinfo
|
CVE-2019-17345
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221984
|
6.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service by leveraging a long-running operation that exists to support restartability of PTE updates.
|
CWE-662
Improper Synchronization
|
CVE-2019-17344
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221985
|
6.8 |
MEDIUM
Physics
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging incorrect use of the HVM physmap concept for PV domains.
|
CWE-667
Improper Locking
|
CVE-2019-17343
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221986
|
7.0 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a race condition that arose when XENMEM_exchange was introdu…
|
CWE-362
Race Condition
|
CVE-2019-17342
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221987
|
7.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passe…
|
CWE-362
Race Condition
|
CVE-2019-17341
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221988
|
8.8 |
HIGH
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-17340
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221989
|
6.5 |
MEDIUM
Local
|
xen
linux
|
xen
linux_kernel
|
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-17351
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221990
|
5.5 |
MEDIUM
Local
|
xen
debian
|
xen
debian_linux
|
An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-17350
|
2024-11-21 13:32 |
2019-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
