Vulnerabilites related to citrix - xenserver
Vulnerability from fkie_nvd
Published
2014-07-22 20:55
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD)."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Citrix XenServer 6.2 Service Pack 1 y anteriores permite a atacantes causar una denegaci\u00f3n de servicio y obtener informaci\u00f3n sensible mediante la modificaci\u00f3n del disco duro virtual invitado (VHD)."
}
],
"id": "CVE-2014-4948",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-22T20:55:02.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/60027"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68660"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94632"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94474 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037346 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-195.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-56 | ||
| cve@mitre.org | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94474 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037346 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-195.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-56 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions."
},
{
"lang": "es",
"value": "Xen, cuando se ejecuta en un hipervisor de 64-bit, permite a usuarios locales del SO invitado x86 modificar memoria arbitraria y consecuentemente obtener informaci\u00f3n sensible, provocar una denegaci\u00f3n de servicio (ca\u00edda del host), o ejecutar c\u00f3digo arbitrario en el host aprovechando la emulaci\u00f3n rota de instrucciones de prueba de bits."
}
],
"id": "CVE-2016-9383",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94474"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037346"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-195.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-195.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-08 04:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D0834-FE53-4844-A6C7-0BB2DC64DBA3",
"versionEndIncluding": "4.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "93BE83D6-26D9-46E0-B031-27A03A83537A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49D662D7-33DF-4DB3-946E-E9E410DC96CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1077F43A-22AA-436E-97ED-51CF74E92BA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Xen 4.11.x que permite que usuarios PV invitados del sistema operativo de 64 bits provoquen una denegaci\u00f3n de servicio (cierre inesperado del sistema operativo del host) debido a que puede ocurrir un #GP[0] tras pasar una direcci\u00f3n no can\u00f3nica al c\u00f3digo de vaciado TLB. NOTA: este problema existe debido a una mitigaci\u00f3n incorrecta de CVE-2017-5754 (tambi\u00e9n conocido como Meltdown)."
}
],
"id": "CVE-2018-19965",
"lastModified": "2024-11-21T03:58:54.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-08T04:29:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-279.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-279.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-24 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68A35129-70B0-4EA9-A0A2-51AC277649D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation."
},
{
"lang": "es",
"value": "La funci\u00f3n xen_biovec_phys_mergeable en drivers/xen/biomerge.c en Xen podr\u00eda permitir que usuarios invitados locales del sistema operativo corrompan transmisiones en bloque de datos del sistema y, consecuentemente, obtengan informaci\u00f3n sensible de la memoria, provoquen una denegaci\u00f3n de servicio o consigan privilegios del SO mediante el aprovechamiento del c\u00e1lculo incorrecto de block IO merge-ability."
}
],
"id": "CVE-2017-12134",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-24T14:29:00.193",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100343"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039176"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-229.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3655-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-682"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-08 18:29
Modified
2024-11-21 04:14
Severity ?
Summary
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| redhat | enterprise_virtualization_manager | 3.0 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| citrix | xenserver | 7.1 | |
| citrix | xenserver | 7.2 | |
| citrix | xenserver | 7.3 | |
| citrix | xenserver | 7.4 | |
| synology | skynas | - | |
| synology | diskstation_manager | 5.2 | |
| synology | diskstation_manager | 6.0 | |
| synology | diskstation_manager | 6.1 | |
| apple | mac_os_x | * | |
| xen | xen | - | |
| freebsd | freebsd | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46DFC288-53F5-4D8E-BD2F-4E828735F915",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68A35129-70B0-4EA9-A0A2-51AC277649D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55FD399E-959A-4FB6-B049-AA73F0DFF9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "49422CA5-DF4B-4FE4-B408-81B637BE1287",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C997777-BE79-4F77-90D7-E1A71D474D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01527614-8A68-48DC-B0A0-F4AA99489221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65372FA7-B54B-4298-99BF-483E9FEBA253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D04EA1A-F8E0-415B-8786-1C8C0F08E132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D053772A-D0AE-474A-AE49-26A251C4B5D4",
"versionEndExcluding": "10.13.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "BAB3DD44-8D3F-493C-936C-E0D6C63685C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "702C5136-33B6-4F0F-8FF7-C2BE3668DE70",
"versionEndExcluding": "11.1",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs."
},
{
"lang": "es",
"value": "Una declaraci\u00f3n en la gu\u00eda de programaci\u00f3n de sistemas del Manual del desarrollador de software (SDM) de las arquitecturas Intel 64 e IA-32 se manej\u00f3 incorrectamente en el desarrollo de algunos o todos los n\u00facleos del sistema operativo, lo que provoc\u00f3 un comportamiento inesperado para las excepciones #DB que son diferidas por MOV SS o POP SS, tal y como queda demostrado con (por ejemplo) el escalado de privilegios en Windows, macOS, algunas configuraciones Xen o FreeBSD, o un fallo del kernel de Linux. Las instrucciones de MOV a SS y POP SS inhiben interrupciones (incluyendo NMI), puntos de interrupci\u00f3n de datos y excepciones de trampas de un paso hasta los l\u00edmites de la instrucci\u00f3n que siguen a la siguiente instrucci\u00f3n (SDM Vol. 3A; secci\u00f3n 6.8.3). (Los puntos de interrupci\u00f3n de datos inhibidos son aquellos en la memoria a los que accede a la propia instrucci\u00f3n MOV a SS o POP a SS). Tenga en cuenta que las excepciones de depuraci\u00f3n no est\u00e1n inhibidas por el indicador del sistema de habilitaci\u00f3n de interrupciones (EFLAGS.IF) (SDM Vol. 3A; secci\u00f3n 2.3). Si la instrucci\u00f3n que sigue a la instrucci\u00f3n MOV a SS o POP a SS es una instrucci\u00f3n como SYSCALL, SYSENTER, INT 3, etc. que transfiere el control al sistema operativo a CPL \u003c 3, la excepci\u00f3n de depuraci\u00f3n se entrega despu\u00e9s de que la transferencia a CPL \u003c 3 se haya completado. Es posible que los kernels del sistema operativo no esperen este orden de eventos y, por lo tanto, puedan experimentar un comportamiento inesperado cuando ocurra."
}
],
"id": "CVE-2018-8897",
"lastModified": "2024-11-21T04:14:33.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-08T18:29:00.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104071"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040744"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040849"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040861"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040866"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040882"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1318"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1345"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1346"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1347"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1348"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1349"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1350"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1351"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1352"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1353"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1354"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/can1357/CVE-2018-8897/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"source": "cve@mitre.org",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208742"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX234679"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc"
},
{
"source": "cve@mitre.org",
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_21"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/can1357/CVE-2018-8897/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX234679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-23 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location."
},
{
"lang": "es",
"value": "La sub-operaci\u00f3n GNTTABOP_swap_grant_ref en el \"grant table hypercall\" en Xen v4.2 y Citrix XenServer v6.0.2 permite a los kernels locales de invitado o administradores causar una denegaci\u00f3n de servicio (ca\u00edda del host) y, posiblemente, obtener privilegios a trav\u00e9s de una referencia manipulada que genera una escritura en una ubicaci\u00f3n en memoria del hipervisor"
}
],
"id": "CVE-2012-3516",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-23T20:55:03.650",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/11"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55411"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file."
},
{
"lang": "es",
"value": "El emulador de cargador de arranque pygrub en Xen, cuando se solicita el formato de salida de la expresi\u00f3n S, permite a administradores locales del SO invitado que utilizan pygrub leer o eliminar archivos arbitrarios en el host a trav\u00e9s de citas de cadenas y expresiones S en el archivo de configuraci\u00f3n del gestor de arranque."
}
],
"id": "CVE-2016-9379",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.707",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-03 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| citrix | xenserver | 6.0 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.1.0 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19E6775C-BA58-4D7E-96AB-9283C99D9641",
"versionEndIncluding": "2.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*",
"matchCriteriaId": "67960FB9-13D1-4DEE-8158-31BF31BCBE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AF3F78-AA0C-473E-8B90-AC77B4CF3667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F31DB577-72CD-49CC-8AF5-23098503939E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3CC06F6C-6C15-444F-B159-235D347E5929",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors."
},
{
"lang": "es",
"value": "QEMU no restringe correctamente el acceso a escritura al espacio PCI config para ciertos dispositivos PCI pass-through, lo que podr\u00eda permitir a invitados x86 HVM locales obtener privilegios, causar una denegaci\u00f3n de servicio (ca\u00edda de host), obtener informaci\u00f3n sensible o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-4106",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-03T20:59:09.573",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201145"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74949"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032467"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-131.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX206006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX201145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-131.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX206006"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-13 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F30B5EF5-0AE8-420B-A103-B1B25A372F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F784EF07-DBEC-492A-A0F4-F9F7B2551A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75615D84-9CA1-456C-816D-768E37B074A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB87384-A1F8-4136-A242-441C655D9364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD7C4F-DE4C-4508-B20D-46A94B616C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3374F1FB-70F9-4EBC-837B-0D42282E3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors."
},
{
"lang": "es",
"value": "Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x y versiones anteriores no inicializa registros de memoria de pila x86 FPU y XMM cuando XSAVE/XRSTOR no se utilizan para gestionar el estado del registro extendido de invitado, lo que permite a dominios de invitado local obtener informaci\u00f3n sensible de otros dominios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-8555",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-13T15:59:08.290",
"references": [
{
"source": "cve@mitre.org",
"url": "http://support.citrix.com/article/CTX203879"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/79543"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034477"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-165.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX203879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/79543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-165.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-12 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | * | |
| illumos | illumos | * | |
| joyent | smartos | * | |
| xen | xen | * | |
| xen | xen | 4.0.0 | |
| xen | xen | 4.0.1 | |
| xen | xen | 4.0.2 | |
| xen | xen | 4.0.3 | |
| xen | xen | 4.0.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| microsoft | windows_7 | * | |
| microsoft | windows_7 | * | |
| microsoft | windows_server_2003 | * | |
| microsoft | windows_server_2008 | r2 | |
| microsoft | windows_xp | * | |
| citrix | xenserver | * | |
| citrix | xenserver | 6.0 | |
| netbsd | netbsd | * | |
| sun | sunos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7B2CC9-2907-49AF-8497-CE60554123F4",
"versionEndIncluding": "9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:illumos:illumos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F4D46A-B031-4639-AA94-5E44091F4B92",
"versionEndIncluding": "r13723",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:joyent:smartos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F2DF32E-26A0-4463-85DD-6E63C125E606",
"versionEndIncluding": "20120614",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5037783-1819-4FC5-B7A7-EB80F6A98E1F",
"versionEndIncluding": "4.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CE381783-027E-4B6D-B801-59873E5EA483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:sp1:x64:*:*:*:*:*",
"matchCriteriaId": "4FA15D65-7C32-4C7A-9915-746AB3F454EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*",
"matchCriteriaId": "95DC297F-06DB-4FB3-BFB6-7312C059E047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2AF9820-F982-4804-9580-78CDD4273C6B",
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696972CD-A690-4DDC-A852-1253062AE874",
"versionEndIncluding": "5.11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
},
{
"lang": "es",
"value": "El modo de usuario Scheduler en el n\u00facleo en Microsoft Windows Server v2008 R2 y R2 SP1 y Windows v7 Gold y SP1 sobre la plataforma x64 no maneja adecuadamente solicitudes del sistema, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicaci\u00f3n modificada, tambi\u00e9n conocida como \"vulnerabilidad de corrupci\u00f3n de memoria de modo de usuario Scheduler\"."
}
],
"evaluatorImpact": "Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-042\n\n\u0027This vulnerability only affects Intel x64-based versions of Windows 7 and Windows Server 2008 R2. Systems with AMD or ARM-based CPUs are not affected by this vulnerability.\u0027",
"id": "CVE-2012-0217",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-12T22:55:01.343",
"references": [
{
"source": "security@debian.org",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"source": "security@debian.org",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"source": "security@debian.org",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"source": "security@debian.org",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"source": "security@debian.org",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "security@debian.org",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
},
{
"source": "security@debian.org",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "security@debian.org",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"source": "security@debian.org",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"source": "security@debian.org",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "security@debian.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "security@debian.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"source": "security@debian.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"source": "security@debian.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"source": "security@debian.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"source": "security@debian.org",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"source": "security@debian.org",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"source": "security@debian.org",
"url": "https://www.illumos.org/issues/2873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.illumos.org/issues/2873"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-15 18:29
Modified
2024-11-21 03:48
Severity ?
Summary
Citrix XenServer 7.1 and newer allows Directory Traversal.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/105110 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-271.html | Third Party Advisory | |
| cve@mitre.org | https://support.citrix.com/article/CTX236548 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105110 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-271.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX236548 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "49422CA5-DF4B-4FE4-B408-81B637BE1287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49D662D7-33DF-4DB3-946E-E9E410DC96CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 7.1 and newer allows Directory Traversal."
},
{
"lang": "es",
"value": "Citrix XenServer en versiones 7.1 y posteriores permite un salto de directorio."
}
],
"id": "CVE-2018-14007",
"lastModified": "2024-11-21T03:48:26.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-15T18:29:00.450",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105110"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-271.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.citrix.com/article/CTX236548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.citrix.com/article/CTX236548"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-23 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:-:*:*:*:*:x64:*",
"matchCriteriaId": "2FB5F3E5-D607-4BF5-9BB5-187D2F683F18",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:-:*:*:*:*:x86:*",
"matchCriteriaId": "CE28A81B-5201-4D49-888C-0160EF78D5F9",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:-:*:*:*:*:x64:*",
"matchCriteriaId": "A5B2BADE-24F0-45A0-BB36-5B0D76D93F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:-:*:*:*:*:x86:*",
"matchCriteriaId": "E5CCBFE1-4C48-4F64-8DDC-4A29EC5EBEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:-:*:*:*:*:x64:*",
"matchCriteriaId": "16FAE1DD-5E59-407A-857C-244814475212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:-:*:*:*:*:x86:*",
"matchCriteriaId": "855FD6AA-3288-49C4-BA09-D3685F5928E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:-:*:*:*:*:x64:*",
"matchCriteriaId": "93206518-71F7-47A6-B980-06D8B0D3B5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:-:*:*:*:*:x86:*",
"matchCriteriaId": "D66B1908-FEEF-455E-8C26-65139BF59900",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register."
},
{
"lang": "es",
"value": "La hiperllamada et_debugreg en include/asm-x86/debugreg.h en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando se ejecuta sobre systemas x86-64, permite a usuarios locales del SO invitado generar una denegaci\u00f3n de servicio (ca\u00edda del host) mediante la escritura de ciertos bits reservados para el registro de control DR"
}
],
"id": "CVE-2012-3494",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-23T20:55:03.057",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/85197"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2544"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55400"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027479"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/85197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-12 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4B6F9EB9-FE95-4858-A0D7-5B7949B62289",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "642BB495-D395-4951-A863-00B52A6BBE83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Citrix XenServer v5.0 Update 3 y anteriores, y v5.5, permite a usuarios locales evitar la autenticaci\u00f3n y ejecutar llamadas API (XAPI) sin especificar a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2010-0633",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-12T22:30:00.457",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38431"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.citrix.com/article/CTX123193"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX123456"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.citrix.com/article/CTX123460"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023530"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.citrix.com/article/CTX123193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX123456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.citrix.com/article/CTX123460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0290"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94476 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037344 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-197.html | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-56 | Third Party Advisory | |
| cve@mitre.org | https://support.citrix.com/article/CTX218775 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037344 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-197.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-56 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX218775 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F83E2010-6463-407A-928D-DB71A705A04C",
"versionEndIncluding": "2.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.8.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "58947AD5-A971-4E22-8D8A-634E2ED5DECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en QEMU en Xen permite a administradores locales del SO invitado x86 HVM obtener privilegios cambiando ciertos datos en anillos compartidos, vulnerabilidad tambi\u00e9n conocida como \"doble recuperaci\u00f3n\"."
}
],
"id": "CVE-2016-9381",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94476"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037344"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-197.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-197.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-03 01:29
Modified
2024-11-21 03:23
Severity ?
5.5 (Medium) - CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| citrix | xenserver | 7.1 | |
| redhat | openstack | 5.0 | |
| redhat | openstack | 6.0 | |
| redhat | openstack | 7.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| xen | xen | * | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B256D13F-3021-486C-B9BD-A5F97F716FA7",
"versionEndIncluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DBCF6643-ACDE-4DDB-8B01-D952DDF8951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E26BFEBF-36AE-4956-918E-0F3745F67103",
"versionEndIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "28DC6689-C725-4A0D-B18F-F06C63F43AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "BDDCD905-A9D3-4BF7-BC92-35886465241E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "ADCF1B40-C3A8-4505-B8C9-2F2C7753BFC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "E37280FF-ADAF-4829-9193-E1C203E1BE42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host."
},
{
"lang": "es",
"value": "Quick emulator (QEMU) con soporte integrado para el emulador Cirrus CLGD 54xx VGA es vulnerable a un problema de acceso fuera de l\u00edmites. Podr\u00eda ocurrir mientras se copian datos VGA mediante la copia bitblt en modo backward. Un usuario privilegiado en un invitado podr\u00eda emplear este error para provocar el cierre inesperado del proceso QEMU, lo que resulta en una denegaci\u00f3n de servicio (DoS) o en la potencial ejecuci\u00f3n de c\u00f3digo arbitrario en el host con los privilegios del proceso QEMU en el host."
}
],
"id": "CVE-2017-2615",
"lastModified": "2024-11-21T03:23:50.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.7,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-03T01:29:00.393",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/6"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95990"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037804"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-27"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-28"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220771"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-08 04:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D0834-FE53-4844-A6C7-0BB2DC64DBA3",
"versionEndIncluding": "4.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "93BE83D6-26D9-46E0-B031-27A03A83537A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49D662D7-33DF-4DB3-946E-E9E410DC96CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1077F43A-22AA-436E-97ED-51CF74E92BA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Xen hasta las versiones 4.11.x en plataformas AMD x86, que podr\u00eda permitir que usuarios invitados del sistema operativo obtengan privilegios del host del sistema operativo. Esto se debe a que los mapeos de IOMMU peque\u00f1os se combinan de forma insegura con mapeos m\u00e1s grandes."
}
],
"id": "CVE-2018-19962",
"lastModified": "2024-11-21T03:58:53.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-08T04:29:00.297",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-24 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68A35129-70B0-4EA9-A0A2-51AC277649D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants."
},
{
"lang": "es",
"value": "Xen permite que usuarios locales invitados del sistema operativo provoquen una denegaci\u00f3n de servicio (bloqueo) o que tengan la posibilidad de obtener informaci\u00f3n sensible u obtener privilegios mediante vectores relacionados con concesiones transitivas."
}
],
"id": "CVE-2017-12135",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-24T14:29:00.257",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/17/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2020/04/14/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100344"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039178"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-226.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/17/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2020/04/14/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-226.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-682"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-17 02:59
Modified
2025-04-20 01:37
Severity ?
Summary
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DBCF6643-ACDE-4DDB-8B01-D952DDF8951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access."
},
{
"lang": "es",
"value": "Las funciones (1) ioport_read y (2) ioport_write en Xen, cuando qemu es utilizado como un modelo de dispositivo dentro de Xen, podr\u00eda permitir a administradores locales del SO invitado x86 HVM obtener privilegios del proceso qemu a trav\u00e9s de vectores que involucran un acceso ioport fuera de rango."
}
],
"id": "CVE-2016-9637",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-17T02:59:13.967",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/94699"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1037397"
},
{
"source": "cve@mitre.org",
"url": "http://xenbits.xen.org/xsa/advisory-199.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"url": "https://support.citrix.com/article/CTX219136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xenbits.xen.org/xsa/advisory-199.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.citrix.com/article/CTX219136"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94470 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037341 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-192.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-56 | ||
| cve@mitre.org | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94470 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037341 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-192.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-56 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 4.0.0 | |
| xen | xen | 4.0.1 | |
| xen | xen | 4.0.2 | |
| xen | xen | 4.0.3 | |
| xen | xen | 4.0.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| xen | xen | 4.1.2 | |
| xen | xen | 4.1.3 | |
| xen | xen | 4.1.4 | |
| xen | xen | 4.1.5 | |
| xen | xen | 4.1.6.1 | |
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.2.4 | |
| xen | xen | 4.2.5 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.3.2 | |
| xen | xen | 4.3.3 | |
| xen | xen | 4.3.4 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.4.2 | |
| xen | xen | 4.4.3 | |
| xen | xen | 4.4.4 | |
| xen | xen | 4.5.0 | |
| xen | xen | 4.5.1 | |
| xen | xen | 4.5.2 | |
| xen | xen | 4.5.3 | |
| xen | xen | 4.5.5 | |
| xen | xen | 4.6.0 | |
| xen | xen | 4.6.1 | |
| xen | xen | 4.6.3 | |
| xen | xen | 4.6.4 | |
| xen | xen | 4.7.0 | |
| xen | xen | 4.7.1 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62CEC1BF-1922-410D-BCBA-C58199F574C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "219597E2-E2D7-4647-8A7C-688B96300158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65E55950-EACA-4209-B2A1-E09026FC6006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37148A72-BE20-45C5-8589-2309ED84D08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB736B4C-325A-4B27-8C8A-15E60B8A8C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F30B5EF5-0AE8-420B-A103-B1B25A372F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F784EF07-DBEC-492A-A0F4-F9F7B2551A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75615D84-9CA1-456C-816D-768E37B074A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB87384-A1F8-4136-A242-441C655D9364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD7C4F-DE4C-4508-B20D-46A94B616C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3374F1FB-70F9-4EBC-837B-0D42282E3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA3D28-EAE7-4EC9-977C-444A46CBD9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB7BAFE-9CB4-40D2-908C-55307728116F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDFDDA0-51D2-4995-9B4D-48047C940FC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode."
},
{
"lang": "es",
"value": "Xen 4.0.x hasta la versi\u00f3n 4.7.x administra mal los conmutadores de tareas x86 para el modo VM86, lo que permite a usuarios locales del SO invitado x86 HVM de 32-bit obtener privilegios o provocar una denegaci\u00f3n de servicio (ca\u00edda del SO invitado) aprovechando un sistema operativo invitado que utiliza conmutaci\u00f3n de tareas de hardware y permite iniciar una una nueva tarea en modo VM86."
}
],
"id": "CVE-2016-9382",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94470"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037341"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-192.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-192.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-23 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57F938EB-46B0-4D82-98D3-1FCB22C02F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "642BB495-D395-4951-A863-00B52A6BBE83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0185CA86-C2BE-4445-A053-0FBDC670ED88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:fp1:*:*:*:*:*:*",
"matchCriteriaId": "6444BE32-E02D-49E3-BC2F-DE0593ADAF88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DB215BC8-3376-42B8-98E3-7484715AB93F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "La hypercall physdev_get_free_pirq en arch/x86/physdev.c en Xen v4.1.x y Citrix XenServer v6.0.2 y anteriores utiliza el valor devuelto por la funci\u00f3n get_free_pirq como un \u00edndice de la matriz sin comprobar que el valor de retorno indica un error, permitiendo a los hu\u00e9spedes del OS invitado causar una denegaci\u00f3n de servicio (escritura de memoria no v\u00e1lidas y ca\u00edda del host) y, posiblemente, obtener privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2012-3495",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-23T20:55:03.150",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55406"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027480"
},
{
"source": "secalert@redhat.com",
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-27 21:29
Modified
2024-11-21 03:01
Severity ?
5.5 (Medium) - CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| citrix | xenserver | 7.1 | |
| redhat | openstack | 5.0 | |
| redhat | openstack | 6.0 | |
| redhat | openstack | 7.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "296F09E2-48CC-4B5F-BE4F-04760D389E39",
"versionEndExcluding": "2.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DBCF6643-ACDE-4DDB-8B01-D952DDF8951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow flaw was found in QEMU\u0027s Cirrus CLGD 54xx VGA emulator\u0027s VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad de desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en el soporte del controlador de pantalla VNC del emulador Cirrus CLGD 54xx VGA de QEMU en versiones anteriores a la 2.9. El problema pod\u00eda ocurrir cuando un cliente VNC intentaba actualizar su pantalla despu\u00e9s de que un invitado realizara una operaci\u00f3n VGA. Un usuario/proceso privilegiado dentro de un guest podr\u00eda usar esta vulnerabilidad para provocar que el proceso de QEMU se cierre inesperadamente o, potencialmente, ejecutar c\u00f3digo arbitrario en el host con privilegios del proceso de QEMU."
}
],
"id": "CVE-2016-9603",
"lastModified": "2024-11-21T03:01:29.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.7,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-27T21:29:00.290",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96893"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038023"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0983"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0984"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0985"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0987"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0988"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1206"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1441"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX221578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX221578"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-24 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68A35129-70B0-4EA9-A0A2-51AC277649D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref."
},
{
"lang": "es",
"value": "arch/x86/mm.c en Xen permite que usuarios locales PV del sistema operativo obtengan privilegios SO del host mediante vectores relacionados con map_grant_ref."
}
],
"id": "CVE-2017-12137",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-24T14:29:00.350",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100342"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039174"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-227.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-227.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-30 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Linux Foundation xapi en Citrix XenServer hasta la versi\u00f3n 7.0. Un administrador autenticado de s\u00f3lo lectura puede cancelar las tareas de otros administradores."
}
],
"id": "CVE-2017-5573",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-30T16:59:00.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95796"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1037716"
},
{
"source": "cve@mitre.org",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.citrix.com/article/CTX220112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-07 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C240BAAB-8C12-4501-9DC6-FB877304E908",
"versionEndExcluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79494F07-6081-497D-8A2D-B05486599EAE",
"versionEndExcluding": "4.3.77",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EEA51D83-5841-4335-AF07-7A43C118CAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
"matchCriteriaId": "49ADE0C3-F75C-4EC0-8805-56013F0EB92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
"matchCriteriaId": "D8FF625A-EFA3-43D1-8698-4A37AE31A07C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
"matchCriteriaId": "E3B99BBD-97FE-4615-905A-A614592226F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
"matchCriteriaId": "E7A9AD3A-F030-4331-B52A-518BD963AB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
"matchCriteriaId": "C293B8BE-6691-4944-BCD6-25EB98CABC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEA650F8-2576-494A-A861-61572CA319D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
"matchCriteriaId": "4ED21EE8-7CBF-4BC5-BFC3-185D41296238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "C76A0B44-13DE-4173-8D05-DA54F6A71759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
"matchCriteriaId": "1450241C-2F6D-4122-B33C-D78D065BA403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
"matchCriteriaId": "721AFD22-91D3-488E-A5E6-DD84C86E412B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
"matchCriteriaId": "8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "41E44E9F-6383-4E12-AEDC-B653FEA77A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
"matchCriteriaId": "466D9A37-2658-4695-9429-0C6BF4A631C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
"matchCriteriaId": "99774181-5F12-446C-AC2C-DB1C52295EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
"matchCriteriaId": "4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED6CAE-D97F-49E0-9D00-1642A3A427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "392A1364-2739-450D-9E19-DFF93081C2C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "45010D45-2FF2-4B04-B115-6B6FE606D598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E3368-8980-45D2-AD3F-5BF385ABA693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:enterprise_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E05BFFB-218A-4B91-880F-F7F321485153",
"versionEndExcluding": "10.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:enterprise_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5995933D-6186-46E1-9835-1760CEA6389D",
"versionEndExcluding": "11.2.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F31DB577-72CD-49CC-8AF5-23098503939E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3CC06F6C-6C15-444F-B159-235D347E5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages."
},
{
"lang": "es",
"value": "El cliente ntpd en NTP 4.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio empleando una serie de mensajes \"KOD\" manipulados."
}
],
"id": "CVE-2015-7704",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T20:29:00.683",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1930.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2520.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77280"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "cve@mitre.org",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1930.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2520.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-07-02 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:update_2:*:*:*:*:*:*",
"matchCriteriaId": "AEE63675-8AA2-439E-966A-2BFD84F8CC50",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:update1:*:*:*:*:*:*",
"matchCriteriaId": "0AF9DAEE-B27E-4BEF-BF8D-8FD984DB7937",
"versionEndIncluding": "5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger \"incorrectly set flags.\""
},
{
"lang": "es",
"value": "Citrix XenServer v5.0 Update 2 y anteriores, y v5.5 Update 1 y anteriores, cuando se utiliza un kernel pvops, permite causar una denegaci\u00f3n de servicio a los usuarios invitados en el host a trav\u00e9s de vectores no especificados que se generan \"banderas con valores incorrectos\"."
}
],
"id": "CVE-2010-2619",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-07-02T20:30:01.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40282"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX125319"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX125319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-13 06:15
Modified
2024-11-21 09:48
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| citrix | xenserver | 8.0 | |
| citrix | hypervisor | 8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3AD5783A-5653-4F2F-9F70-092A58205DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:citrix:hypervisor:8.2:cumulative_update1:*:*:long_term_service:*:*:*",
"matchCriteriaId": "86717C8A-A380-4208-BA14-906B9EAFC3BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive."
},
{
"lang": "es",
"value": "Se ha identificado un problema tanto en XenServer 8 como en Citrix Hypervisor 8.2 CU1 LTSR que puede permitir que un administrador malintencionado de una m\u00e1quina virtual invitada haga que el host se vuelva lento o no responda."
}
],
"id": "CVE-2024-5661",
"lastModified": "2024-11-21T09:48:06.673",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-06-13T06:15:12.487",
"references": [
{
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661"
}
],
"sourceIdentifier": "secure@citrix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-27 19:29
Modified
2024-11-21 03:23
Severity ?
5.5 (Medium) - CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qemu | qemu | * | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| citrix | xenserver | 7.1 | |
| redhat | openstack | 5.0 | |
| redhat | openstack | 6.0 | |
| redhat | openstack | 7.0 | |
| redhat | openstack | 8 | |
| redhat | openstack | 9 | |
| redhat | openstack | 10 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| xen | xen | * | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10EE7DD6-EC30-4385-A028-E579F232BEFA",
"versionEndExcluding": "2.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DBCF6643-ACDE-4DDB-8B01-D952DDF8951E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
"matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
"matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E26BFEBF-36AE-4956-918E-0F3745F67103",
"versionEndIncluding": "4.7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "28DC6689-C725-4A0D-B18F-F06C63F43AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "BDDCD905-A9D3-4BF7-BC92-35886465241E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "ADCF1B40-C3A8-4505-B8C9-2F2C7753BFC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r4:*:*:*:*:*:*",
"matchCriteriaId": "E37280FF-ADAF-4829-9193-E1C203E1BE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r5:*:*:*:*:*:*",
"matchCriteriaId": "A0619169-9642-47F9-8F15-C5497E790CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r6:*:*:*:*:*:*",
"matchCriteriaId": "A4ECE000-A99A-4ED4-B5E3-5162EC48CFB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:r7:*:*:*:*:*:*",
"matchCriteriaId": "CF50E3A9-19A3-4015-BF56-070833B5D2CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process."
},
{
"lang": "es",
"value": "Quick emulator (QEMU) en versiones anteriores a la 2.8 construido con el soporte del emulador Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de acceso fuera de l\u00edmites. El problema puede ocurrir al copiar datos VGA en cirrus_bitblt_cputovideo. Un usuario privilegiado dentro de guest podr\u00eda usar esta vulnerabilidad para bloquear el proceso de QEMU o potencialmente ejecutar c\u00f3digo arbitrario en el host con privilegios del proceso de QEMU."
}
],
"id": "CVE-2017-2620",
"lastModified": "2024-11-21T03:23:50.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.7,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-27T19:29:00.330",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0351.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0352.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96378"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037870"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201703-07"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201704-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220771"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0351.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0352.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201703-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201704-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-209.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-08 04:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D0834-FE53-4844-A6C7-0BB2DC64DBA3",
"versionEndIncluding": "4.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:cu1:*:*:ltsr:*:*:*",
"matchCriteriaId": "93BE83D6-26D9-46E0-B031-27A03A83537A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49D662D7-33DF-4DB3-946E-E9E410DC96CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1077F43A-22AA-436E-97ED-51CF74E92BA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Xen hasta las versiones 4.11.x en plataformas AMD x86, que podr\u00eda permitir que usuarios invitados del sistema operativo obtengan privilegios del host del sistema operativo. Esto se debe a que los vaciados TLB no siempre ocurren tras cambios en el mapeo de IOMMU."
}
],
"id": "CVE-2018-19961",
"lastModified": "2024-11-21T03:58:53.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-08T04:29:00.247",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-459"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-26 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/95026 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037518 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-203.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://support.citrix.com/article/CTX219378 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95026 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037518 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-203.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX219378 | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB7BAFE-9CB4-40D2-908C-55307728116F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDFDDA0-51D2-4995-9B4D-48047C940FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4447FA6-EDE7-4915-8238-2EA4CE782E96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check."
},
{
"lang": "es",
"value": "Emulaci\u00f3n VMFUNC en Xen 4.6.x hasta la versi\u00f3n 4.8.x en sistemas x86 que usan extensiones de virtualizaci\u00f3n AMD (tambi\u00e9n conocidas como SVM) permite a usuarios locales HVM invitados del SO provocar una denegaci\u00f3n de servicio (bloqueo del hipervisor) aprovechando una verificaci\u00f3n perdida del puntero NULL."
}
],
"id": "CVE-2016-10025",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-26T15:59:00.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95026"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037518"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX219378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX219378"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-02 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD7C4F-DE4C-4508-B20D-46A94B616C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3374F1FB-70F9-4EBC-837B-0D42282E3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "082A4559-2E75-4B84-8E50-304015DB9C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "674E9825-655A-4860-8FD1-7F022090922F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check."
},
{
"lang": "es",
"value": "Xen 4.5.x hasta la version 4.7.x no implementa listas blancas Supervisor Mode Access Prevencion (SMAP) en excepci\u00f3n 32 bits y entrega de eventos, lo que permite a kernels 32-bit PV locales del SO invitado provocar una denegaci\u00f3n de servicio (hipervisor y caida VM) mediante la activaci\u00f3n de un control de seguridad."
}
],
"id": "CVE-2016-6259",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-02T16:59:09.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92130"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1036447"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/advisory-183.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa183-4.6.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa183-unstable.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1036447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/advisory-183.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa183-4.6.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa183-unstable.patch"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94472 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037342 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-193.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-56 | ||
| cve@mitre.org | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94472 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037342 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-193.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-56 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.4.2 | |
| xen | xen | 4.4.3 | |
| xen | xen | 4.4.4 | |
| xen | xen | 4.5.0 | |
| xen | xen | 4.5.1 | |
| xen | xen | 4.5.2 | |
| xen | xen | 4.5.3 | |
| xen | xen | 4.5.5 | |
| xen | xen | 4.6.0 | |
| xen | xen | 4.6.1 | |
| xen | xen | 4.6.3 | |
| xen | xen | 4.6.4 | |
| xen | xen | 4.7.0 | |
| xen | xen | 4.7.1 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75615D84-9CA1-456C-816D-768E37B074A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB87384-A1F8-4136-A242-441C655D9364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD7C4F-DE4C-4508-B20D-46A94B616C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3374F1FB-70F9-4EBC-837B-0D42282E3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "37DA3D28-EAE7-4EC9-977C-444A46CBD9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB7BAFE-9CB4-40D2-908C-55307728116F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDFDDA0-51D2-4995-9B4D-48047C940FC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks."
},
{
"lang": "es",
"value": "La funcionalidad de emulaci\u00f3n de escritura de base de segmento x86 en Xen 4.4.x hasta la versi\u00f3n 4.7.x permite a administradores locales del SO invitado x86 PV provocar una denegaci\u00f3n de servicio (ca\u00edda del host) aprovechando la falta de verificaci\u00f3n de direcciones can\u00f3nicas."
}
],
"id": "CVE-2016-9385",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.907",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94472"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037342"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-193.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-193.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file."
},
{
"lang": "es",
"value": "El emulador de cargador de arranque pygrub en Xen, cuando se solicita el formato de salida delimitado por nulos, permite a administradores locales del SO invitado que utilizan pygrub leer o eliminar archivos arbitrarios en el host a trav\u00e9s de bytes NUL en el archivo de configuraci\u00f3n del gestor de arranque."
}
],
"id": "CVE-2016-9380",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-23 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map-\u003eindex."
},
{
"lang": "es",
"value": "PHYSDEVOP_map_pirq en Xen v4.1 y v4.2 y Citrix XenServer v6.0.2 y anteriores permite a un kernel OS HVM invitado causar una denegaci\u00f3n de servicio (ca\u00edda del host) y posiblemente leer hipervisor o memoria mediante vectores relacionados con una falta de comproebaci\u00f3n de map-\u003eindex."
}
],
"id": "CVE-2012-3498",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-23T20:55:03.413",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/85198"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1027483"
},
{
"source": "secalert@redhat.com",
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55414"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/85198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1027483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-02 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 3.4.0 | |
| xen | xen | 3.4.2 | |
| xen | xen | 3.4.3 | |
| xen | xen | 3.4.4 | |
| xen | xen | 4.0.0 | |
| xen | xen | 4.0.1 | |
| xen | xen | 4.0.3 | |
| xen | xen | 4.0.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| xen | xen | 4.1.2 | |
| xen | xen | 4.1.3 | |
| xen | xen | 4.1.4 | |
| xen | xen | 4.1.5 | |
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.5.0 | |
| xen | xen | 4.6.0 | |
| xen | xen | 4.6.1 | |
| xen | xen | 4.6.3 | |
| xen | xen | 4.7.0 | |
| citrix | xenserver | 6.0 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.1 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5.0 | |
| citrix | xenserver | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D1B7E-C30F-430F-832D-2A405DA1F2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCD1F05-9F96-40DD-B506-750E87306325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "60BADA43-94D5-4E80-B5C8-D01A0249F13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC734D58-96E5-4DD2-8781-F8E0ADB96462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "923F2C2B-4A65-4823-B511-D0FEB7C7FAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A24DED-B2EC-4D9C-9FA4-DD37EF3E3BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "219597E2-E2D7-4647-8A7C-688B96300158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "082A4559-2E75-4B84-8E50-304015DB9C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "674E9825-655A-4860-8FD1-7F022090922F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries."
},
{
"lang": "es",
"value": "El c\u00f3digo de tabla de p\u00e1gina PV en arch/x86/mm.c en Xen 4.7.x y versiones anteriores permite a administradores 32-bit PV locales del SO invitado obtener privilegios de administrador del SO mediante el aprovechamiento de fast_paths para la actualizaci\u00f3n de las entradas de la tabla de p\u00e1gina."
}
],
"id": "CVE-2016-6258",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-02T16:59:08.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1036446"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-182.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.5.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.6.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-unstable.patch"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/92131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1036446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-182.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.5.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.6.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://xenbits.xen.org/xsa/xsa182-unstable.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-09"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-22 20:55
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "878949E0-D656-4E0E-858A-C6AD948A2A2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el soporte de la consola de gr\u00e1ficos HVM en Citrix XenServer 6.2 Service Pack 1 y anteriores tiene impacto y vectores de ataque no especificados."
}
],
"id": "CVE-2014-4947",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-22T20:55:02.123",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/60027"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/68659"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94631"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-21 20:29
Modified
2024-11-21 04:05
Severity ?
Summary
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*",
"matchCriteriaId": "A4229DB2-8BBC-49F8-87A8-2E7D56EFD310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBA7322-4D95-4E70-B6A5-E0D8F1B5D7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E91F46-D950-4894-BACF-05A70C7C6F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*",
"matchCriteriaId": "0E12B40B-5221-48A6-B2A6-D44CD5636BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCB77C9-ABE3-44A0-B377-7D7035E8A11F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*",
"matchCriteriaId": "D06639F5-5EE8-44F4-B48A-5694383154DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9662C9-59D3-4B3E-A4DA-4F1EE16FC94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*",
"matchCriteriaId": "637C3687-FBCC-41A0-BFE6-823BAE45FB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*",
"matchCriteriaId": "2350A197-193F-4B22-80E8-3275C97C78EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*",
"matchCriteriaId": "734C7A7E-ACCA-4B34-BF38-0FAED988CC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9ABAFC-B3B5-449D-A48E-2E978563EDE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*",
"matchCriteriaId": "99019EA0-6576-4CE7-B60A-975D418AA917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E846AEF-751D-40AD-84B5-EFDC9CF23E2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*",
"matchCriteriaId": "EB9DD909-B2AC-46BA-B057-D239D0773CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*",
"matchCriteriaId": "54F5C355-FDFC-4E71-93AA-218389EF10E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A1CA1E-971D-4F67-864E-2E772C1E736B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5F8391-D974-49AC-8550-ADB3FA6C0535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*",
"matchCriteriaId": "8302BF58-9E54-40DA-BCFE-59CA52C460D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*",
"matchCriteriaId": "ECCDE9EF-037B-4650-8131-4D57BE141277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*",
"matchCriteriaId": "47BA9DA8-F690-4E3C-AEF6-6A5C7BAA6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*",
"matchCriteriaId": "DB8253DA-9A04-40D6-84C1-C682B4023D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF6D175-85C3-4C72-AD9F-31B47EF43154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5FC594-2092-4240-9538-235BBE236DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*",
"matchCriteriaId": "87D95F00-EA89-4FDE-991C-56636B8E0331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*",
"matchCriteriaId": "32C40D38-F7F2-4A48-ADAA-6A8BBD6A1A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*",
"matchCriteriaId": "4158561F-8270-42D1-91D8-E063CE7F5505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*",
"matchCriteriaId": "FF0DEA96-0202-41EB-BDC3-24E2FC4415B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*",
"matchCriteriaId": "F8BACE1C-5D66-4FBC-8F86-30215A623A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*",
"matchCriteriaId": "CF707146-0D64-4F3A-AE22-956EA1CB32B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*",
"matchCriteriaId": "8118C3F9-0853-4E87-9E65-86E1398B2780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*",
"matchCriteriaId": "1A298501-C4D7-48D4-90F9-15AFA59DED48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*",
"matchCriteriaId": "FEE1B07B-3D92-4D2D-8667-D902F002277F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*",
"matchCriteriaId": "8F05CB19-1059-4C4D-BFD7-9F51A22A4F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*",
"matchCriteriaId": "5588732F-7F1A-4C24-B35F-30532107FFDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*",
"matchCriteriaId": "A127DD5D-426D-4F24-A8C5-DC9DAC94B91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*",
"matchCriteriaId": "26EE0BBD-3982-4B0F-82F6-D58E077C75DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEEC918-EA25-4B38-B5C3-85899D3EBE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*",
"matchCriteriaId": "813965F4-3BDA-4478-8E6A-0FD52723B764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5EA2F4-F3EF-4305-B1A1-92F636ED688F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*",
"matchCriteriaId": "04384319-EE8C-45B4-8BDD-414502E7C02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*",
"matchCriteriaId": "C52528CE-4F31-4E5F-8255-E576B20F3043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C3F422-F865-4160-AA24-1DAFAE63729C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*",
"matchCriteriaId": "5D034E7F-4D17-49D7-BDB2-90CB4C709B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*",
"matchCriteriaId": "3C18E6B4-E947-403B-80FB-7095420D482B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*",
"matchCriteriaId": "2814CC9F-E027-4C5A-93AF-84EA445E6C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*",
"matchCriteriaId": "24A470C3-AAAA-4A6E-B738-FEB69DB78B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*",
"matchCriteriaId": "A1236944-4942-40E4-9BA1-029FEAE94BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*",
"matchCriteriaId": "086CAB4B-A10A-4165-BC33-33CADCD23C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A6A1EB-B3AB-4CB4-827E-CCAAD783F8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFB6B30-BFB0-4397-9E16-37D1A772E639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCB9D7B-7D0A-435D-8499-C16BE09E19FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*",
"matchCriteriaId": "64277594-9713-436B-8056-542CFA9F4CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*",
"matchCriteriaId": "589BB170-7CBA-4F28-99E3-9242B62E2918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*",
"matchCriteriaId": "91B9C4D9-DA09-4377-9DCD-225857BD9FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*",
"matchCriteriaId": "03D0265F-840B-45A1-90BD-9ED8846A9F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*",
"matchCriteriaId": "74BAC0EC-2B38-4553-A399-4BD5483C4753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*",
"matchCriteriaId": "4477EBA6-F0A7-452B-96E8-BA788370CCA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*",
"matchCriteriaId": "1285D817-B5B8-4940-925D-FCDD24810AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*",
"matchCriteriaId": "D289F7B4-27CD-4433-BB45-06AF98A59B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*",
"matchCriteriaId": "00168903-6012-4414-87D1-2EE52AA6D78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8D524-577E-4994-8A4B-D15022C84D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*",
"matchCriteriaId": "75977B0B-C44D-43BC-8D7A-AF966CDB1901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7F5D52-9F41-49A4-B941-E0D777203FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*",
"matchCriteriaId": "52B5B3FD-5BEA-4DE8-B010-55FED1547167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*",
"matchCriteriaId": "167B1B04-5823-4038-A019-3975A3B447C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*",
"matchCriteriaId": "F6C7A4EA-0B5E-47CD-8924-3B1B60EB4BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA096E0-5480-47CB-822B-D11D7E20F69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*",
"matchCriteriaId": "30357469-0B8F-4385-A282-2F50181EA442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE70772-7796-4594-880A-6AAD046E4D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9E2F8D-2974-4833-9EC2-233CEE257C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*",
"matchCriteriaId": "17EE3078-454F-48F8-B201-3847DB40D5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*",
"matchCriteriaId": "EE32C500-55C2-41A7-8621-14EBF793BF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*",
"matchCriteriaId": "52D3DF52-501A-4656-98F1-8DD51D04F31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA603AD-6CF1-44B2-876D-6F1C0B7EF2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*",
"matchCriteriaId": "09578301-CF39-4C24-951A-535743E277EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*",
"matchCriteriaId": "1F4D14AA-7DBF-4B73-BDEF-6248EF5C0F7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*",
"matchCriteriaId": "5A65F303-96C8-4884-8D6F-F439B86BA30C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*",
"matchCriteriaId": "1E046105-9DF5-425F-A97E-16081D54613C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*",
"matchCriteriaId": "B2987BCF-39E6-49B6-8DEE-963A38F12B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*",
"matchCriteriaId": "7AEDE2B7-9AA2-4A14-8A02-9A2BFF0DDCBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD92AD8-033A-4AAD-91E5-CB446CCE9732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*",
"matchCriteriaId": "77E0E73A-F1B4-4E70-B9F1-EE97785B8891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*",
"matchCriteriaId": "61D6E3CC-79B1-4995-9A76-41683C7F254A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CEB2B1-BD1A-4B89-8E03-4F90F04A0F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE5773D-3CD1-4E63-8983-E0105C46D185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7C307A-6576-4A0A-8F4E-0981C9EE2901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*",
"matchCriteriaId": "18B3A53B-902C-46A5-8CE7-B55102703278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*",
"matchCriteriaId": "AB843479-729A-4E58-8027-0FC586F051AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF5A233-1E77-49FD-AC2C-60D185481E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*",
"matchCriteriaId": "18519CF2-B0DA-42DD-8A3E-9084298C210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*",
"matchCriteriaId": "329D5FCF-7EC5-4471-906B-3619A180BD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD43EAA-F3A5-4748-9187-A6E6707ACD11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F3C14D-4BFC-4205-8781-95E6B28C83C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*",
"matchCriteriaId": "20942AD8-ADB7-4A50-BDBE-DB36249F4F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC6ED02-134B-4322-AB72-75A0AB22701E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA74EEE-54CC-4F80-B1D3-99F7771335ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*",
"matchCriteriaId": "AAC76F31-00A5-4719-AA50-92F773919B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*",
"matchCriteriaId": "49996F5A-51B2-4D4E-AE04-E98E093A76CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8406B0-D1E5-4633-B17E-53DC99FE7622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*",
"matchCriteriaId": "3D49435C-7C33-454B-9F43-9C10F28A28A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*",
"matchCriteriaId": "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*",
"matchCriteriaId": "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*",
"matchCriteriaId": "ED44A404-8548-4EDC-8928-4094D05A6A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AAD8F0-0D31-4806-8A88-A30E5BE43630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*",
"matchCriteriaId": "8164EE5F-6ABA-4365-8718-2F98C2E57A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*",
"matchCriteriaId": "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*",
"matchCriteriaId": "2A06696D-37F0-427D-BFC5-1606E7441C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*",
"matchCriteriaId": "68A76015-0A05-4EC7-B136-DC13B55D881F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*",
"matchCriteriaId": "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*",
"matchCriteriaId": "54464F6C-9B2D-46BA-AC44-506389F3EE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA11017-EA58-45EE-8408-FCCCF7183643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5098A5-E4E8-47E4-8CD0-F607FF0C0C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*",
"matchCriteriaId": "442AD778-D56F-4C30-BBF8-749D6AAC4737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7D3F31-AF4D-4C50-8590-A763AAC7AF07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*",
"matchCriteriaId": "445BFC2E-38FA-4130-8550-0866EC4EDA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DC2746-CE41-40C9-8CFA-23231BBCAE77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3A8976-5E4D-490A-A87D-A47D1B2B903C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8535E6-220E-4747-8992-45B6EAFC555C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*",
"matchCriteriaId": "C7479B49-F484-4DF2-86CB-E52EE89FA238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D68512-746D-4E95-857B-13A0B6313C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*",
"matchCriteriaId": "4312BA84-F9A0-4BD4-8438-058E1E7D6C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*",
"matchCriteriaId": "60E52DF5-C713-4BC4-B587-FF6BDA8509CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*",
"matchCriteriaId": "304ADCAC-9E49-42BD-BC92-58D9B2AD52E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB02172-B9A7-4801-88F2-98BF5843184A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*",
"matchCriteriaId": "5141380E-BD18-47C1-A84C-384BA821773D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE6C49E-2359-4E44-9979-7D34F8460E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*",
"matchCriteriaId": "C004B75F-37AF-4E61-98F3-1B09A7062DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*",
"matchCriteriaId": "F7126D19-C6D9-43CB-8809-647B1A20E7DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*",
"matchCriteriaId": "9CC98503-A80A-4114-8BF2-E016659BE84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*",
"matchCriteriaId": "01E6F4A7-24BE-4AA0-9CDD-84FBC56FE9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*",
"matchCriteriaId": "3821412D-B010-49C4-A7B4-6C5FB6C603B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*",
"matchCriteriaId": "A34CA5CC-9EB1-4063-8B9D-3F566C1EFF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*",
"matchCriteriaId": "5CEB5D2D-FF54-4BDB-9E9C-8C1B2719FC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD5B51A-AEA0-4DA2-BA60-94A2D5605352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*",
"matchCriteriaId": "F96C6CA0-434D-428F-B629-A971C2937628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*",
"matchCriteriaId": "301AB72A-A6F2-42C8-A931-94EF2271443F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*",
"matchCriteriaId": "59414B5A-05B8-49AF-A197-2A31729DDB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFDD380-692F-41D7-996F-F97FC74DC7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*",
"matchCriteriaId": "49602828-2BFC-4571-9F05-6210FD263DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*",
"matchCriteriaId": "87E03978-E16D-4A9B-8AE7-9F4F1171C14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*",
"matchCriteriaId": "03096A9A-5758-47E6-81E2-BCFE847C41F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*",
"matchCriteriaId": "150CC865-7975-45EC-BFF7-A94146442BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*",
"matchCriteriaId": "C8FA1308-589B-432B-80F9-9A499D083ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED2453E-30E1-4620-BEC5-21B0083449E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE8DD05-D700-4F89-9B01-D489029DF7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*",
"matchCriteriaId": "050957CA-6191-4F9F-9D07-48B342B3B1B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*",
"matchCriteriaId": "DACBF998-8B11-45C7-9017-486AED4FAE6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F2F3C4-FC94-414A-A208-913A43D57D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*",
"matchCriteriaId": "641152EC-F4B4-4E5E-B396-AC4CAAB805BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*",
"matchCriteriaId": "4911E332-B8BA-4336-A448-3F70D2BBB147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*",
"matchCriteriaId": "330EC403-3174-4543-9BBE-CEC0ABC1575D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF585D0-507E-491E-9C3B-78EE26F2F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*",
"matchCriteriaId": "DD00F7C6-6762-4DC9-9F6C-5EAC4ACB1C54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5D885A-85C4-4A11-B061-61EFF6B6E329",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*",
"matchCriteriaId": "0502B59F-933C-4E25-A2EC-9296B197E139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*",
"matchCriteriaId": "99D9C0A9-2DFF-4760-8FED-AC2DA7968E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A1BAEC-18BF-4607-BFB7-48102E75186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*",
"matchCriteriaId": "D49ED138-F42D-4451-A350-0B2DD5AB9444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED91472-90FC-4AC8-96D5-1550A8502411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*",
"matchCriteriaId": "57CEEFA6-CEED-4CA3-8DDC-B6601D69FB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD25ECD-0605-4CD7-9DC5-294ACD7EF1B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*",
"matchCriteriaId": "2784E2AF-A5E5-4960-830C-B3EFB84043D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*",
"matchCriteriaId": "9112FA50-5527-4B20-80F5-2DE9E66D09F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*",
"matchCriteriaId": "73CE4E2E-B2BF-409E-B18C-D67DA810FE9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B84D67-0B1D-4B74-BC85-AF8F933D8429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA05A18-1523-4EED-9D2E-0A258A33F24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*",
"matchCriteriaId": "C34E70EB-92F0-43F6-8883-FE422BE1A3FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*",
"matchCriteriaId": "78D301F1-20C2-4756-9A90-37F14835CE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EEC8B5-1CAB-4FBE-BBA2-D2FFA3EF9489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*",
"matchCriteriaId": "BA63B803-4D48-42E8-A793-F92ABCB8BFC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*",
"matchCriteriaId": "129DB9CB-E878-4856-A954-15FFE1428636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*",
"matchCriteriaId": "730DB4AA-FD7D-40C6-8D7F-19937832EF9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*",
"matchCriteriaId": "07E86978-4820-422A-8C7C-FF0697DAED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*",
"matchCriteriaId": "8A7A9DB5-F544-4FD8-A9CC-0BD6257516AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*",
"matchCriteriaId": "AF813AD9-D296-4915-861C-8DE929E45FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*",
"matchCriteriaId": "04A65469-083F-40B5-86C5-A2EAE5B2F00A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1AA82E-BD86-40F5-B417-71DF6AF53A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*",
"matchCriteriaId": "B71A6DB0-5EB0-4712-8480-CF427F521D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*",
"matchCriteriaId": "8223D5A1-ADF1-43C6-AF91-EE5C413BCB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD69605-F52B-4623-921A-983A5A408ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D5685F-6FFE-4A6A-9FF8-940C8DA36499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*",
"matchCriteriaId": "B94062D9-8DDA-4B4A-B3B5-07F71F5B97E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*",
"matchCriteriaId": "3832D0A6-419D-4876-B5C4-920578F713F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AA5C8A-83A8-4F96-9D7C-7A50ADDB2341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*",
"matchCriteriaId": "404E38E6-9EB3-41D0-97A7-DC579688BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*",
"matchCriteriaId": "40E4A921-AB28-47B7-B5A3-EB82193D15BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*",
"matchCriteriaId": "B0357E48-2300-47B4-B9E5-9FE813A2FC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*",
"matchCriteriaId": "96CC28B6-57D1-4919-AA55-A262CC16AFE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB4C54D-1265-425A-B507-E1099844875A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*",
"matchCriteriaId": "97362147-3A71-430D-9064-4435D45C3B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*",
"matchCriteriaId": "89212CF3-4E99-4389-94CE-F4211DDCA01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEA4DA3-0AFB-4FCE-92DB-5B316775BB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*",
"matchCriteriaId": "611C0A0A-1FA3-42F9-82E8-BFCB71A077DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*",
"matchCriteriaId": "36F027D9-DCB4-4A3D-8987-41F2941DBD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*",
"matchCriteriaId": "E23BCEC9-2BFB-4B41-9A7A-18B1347C6202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*",
"matchCriteriaId": "4924CE39-A846-4DB4-9547-6322FC5AD6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*",
"matchCriteriaId": "6C9E2C9A-94A1-456B-90D5-54932DF64C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*",
"matchCriteriaId": "AC04C652-B2D8-4002-A50E-8AFE83204A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*",
"matchCriteriaId": "10D413F0-CDBC-4A63-B9A7-9E7725BA1E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*",
"matchCriteriaId": "754A8826-59F7-4A71-B74B-737BE9C7DE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*",
"matchCriteriaId": "FADB6BDA-6825-489B-AB39-7729BA45DFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*",
"matchCriteriaId": "7913F57E-E600-4767-AF51-D045E1898E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3783F4-5A05-45AA-9791-A681011FD78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*",
"matchCriteriaId": "01E3114D-31D2-4DBF-A664-F4049D8B6266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EE6578-981D-470C-BB24-4960B3CB1478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*",
"matchCriteriaId": "E3320D50-C5C9-4D75-BF1A-5BB7BCBFE2BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE59839-8EB9-47FE-88E2-F0D54BE787A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*",
"matchCriteriaId": "75694A3D-080A-4AA7-97DF-5A5833C9D9F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*",
"matchCriteriaId": "19C5E27D-BBAB-4395-8FC6-8E3D4FB9A1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*",
"matchCriteriaId": "6E996176-3DEA-46E6-93B7-9C0DF32B59D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*",
"matchCriteriaId": "4417007D-126A-478B-87EA-039D088A4515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*",
"matchCriteriaId": "F78C2825-F6A3-4188-9D25-59EAEC8A7B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*",
"matchCriteriaId": "EF2FA85D-B117-410D-B247-8C5A3479319A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*",
"matchCriteriaId": "3A041D27-132C-4B15-976F-1750C039A89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*",
"matchCriteriaId": "5D495E06-BF2B-4C5A-881D-94C93CD2BA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*",
"matchCriteriaId": "7C31DFB8-8D8C-47D6-AAFF-BAE829A3D965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*",
"matchCriteriaId": "088BC395-06D5-4156-85EB-63C4A9552898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*",
"matchCriteriaId": "33A220A2-A6D2-46A7-B168-607400EEDCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*",
"matchCriteriaId": "1E79232F-7196-440B-82D4-165885251232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*",
"matchCriteriaId": "ED866954-77AB-4CA8-8AED-4252C595FC4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*",
"matchCriteriaId": "28A1F516-B180-45D4-8EB1-754B7497CB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*",
"matchCriteriaId": "36758A04-64D3-4150-A004-CF042FA31CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*",
"matchCriteriaId": "1E01752E-F1DD-400A-A917-216CAF15B0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*",
"matchCriteriaId": "AD47EC58-F776-4F59-8F15-4B208904CF4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3781F4-2123-4FA1-8AF5-D0D1E6C1A5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*",
"matchCriteriaId": "94565E35-8A58-4CB6-A489-C796DCB97FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*",
"matchCriteriaId": "49964D35-5323-4412-BD54-661630F9A8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A37E7D-1BF6-4A2A-BF52-5F0EC4B4F341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F66468-87D0-41FC-934B-5924BE2956CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0F93E1-4607-4DF4-AC6E-4B7254D4A8DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*",
"matchCriteriaId": "45C0D99E-443E-4AB1-A07A-900A09FE177E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D0FD76-C1FB-43D0-8511-FC0BA6DA7960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DAEE52-09C3-4A09-9958-9D6807B2700B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*",
"matchCriteriaId": "B97690D4-E814-4D40-B170-BE56D7AE2C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*",
"matchCriteriaId": "89804F2C-D32D-4444-ABEA-5B241153D096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*",
"matchCriteriaId": "2AAAAF9C-B29B-4020-BAFF-C87B1A08294A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE60E1E-AB8D-46E4-A779-A54F2D20B5D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*",
"matchCriteriaId": "EB958A28-7C9A-4BD0-B002-4E1A65CDB0A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27B318-2AC1-423D-B0C8-583BB1800D5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*",
"matchCriteriaId": "9E58E3D0-1154-4B13-BA16-67CE67DF0637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*",
"matchCriteriaId": "32D2ACB3-B906-4944-A021-03C4645965BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*",
"matchCriteriaId": "8FFF834A-D7F0-4E48-AD3D-DD0BCE6DEC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*",
"matchCriteriaId": "8E1A41BA-A1D6-484A-BAD2-68DF85598354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*",
"matchCriteriaId": "11260C9D-69A9-4D81-9CCF-2E116DD75F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*",
"matchCriteriaId": "1C020F06-FD27-46E3-A48F-3F60F33BB969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*",
"matchCriteriaId": "03C74F10-6A7F-4F68-8A34-E981E1760DE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*",
"matchCriteriaId": "24741B98-8D0E-4307-AAEF-A14B2531DCA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4FA4BA-4304-4A70-9F86-120F2A3D8148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*",
"matchCriteriaId": "367FC8BA-F046-4264-A049-49E933E7698F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9B68D3-1DFB-4468-85C4-AC13E6CBC111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*",
"matchCriteriaId": "C966A016-B650-44D9-B8C4-1ED50AB318DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*",
"matchCriteriaId": "DC448FF0-6D3F-4609-864B-4191905EE2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*",
"matchCriteriaId": "758A14DB-1BAF-442A-BA7C-5E9C67847BEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*",
"matchCriteriaId": "61309100-CFA7-4607-A236-8910838AA057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*",
"matchCriteriaId": "82D76265-7BD0-4C51-AE77-22B22524DE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DE38B195-BB8D-4747-881D-E8033760B4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA8BE76-168D-48A3-8DF6-E91F44600408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*",
"matchCriteriaId": "3B656975-5D71-4712-9820-BDB7BC248AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*",
"matchCriteriaId": "FA045267-114D-4587-B6D7-E273C28DC9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*",
"matchCriteriaId": "77018415-E122-406E-896D-1BC6CF790BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*",
"matchCriteriaId": "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E1C012-3E05-44DB-B6D2-BFD619C034B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*",
"matchCriteriaId": "15D689D6-8594-42F2-8EEF-DCAEBA885A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*",
"matchCriteriaId": "A6446000-0494-4DC5-ABAA-F20A44546068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*",
"matchCriteriaId": "99B94EEC-6690-45D0-B086-F4A5B25C25CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*",
"matchCriteriaId": "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*",
"matchCriteriaId": "832AB3CD-E3A1-4CCB-A210-287973563D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*",
"matchCriteriaId": "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*",
"matchCriteriaId": "99C4221A-9994-43B3-9C7A-E13815A50A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*",
"matchCriteriaId": "20070B1D-B91C-40BA-A9D8-E80170A2933F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*",
"matchCriteriaId": "A70129C9-371F-4542-A388-C095869E593A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4DE25F-168A-4C67-8B66-09F61F072BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*",
"matchCriteriaId": "58157F24-D89E-4552-8CE6-2F01E98BD1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*",
"matchCriteriaId": "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A5EC79-1B21-4BB3-8791-73507BC8D4DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB4AFC3-FE30-4F46-ADC1-D03EB14E757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0387587-AAB6-4284-8516-4DA3E3582D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*",
"matchCriteriaId": "A238C975-9196-449F-9C15-ABB2E9FD1D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*",
"matchCriteriaId": "6F17F4A5-120B-4E00-97C8-8A85841ACBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*",
"matchCriteriaId": "2537F047-64C9-4E73-B82C-310253184183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A55857C-649D-46CE-AEDA-6E553E554FC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA4892D-AFDF-4441-821E-5EBF7F64C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*",
"matchCriteriaId": "327E06A3-7F0E-4498-8811-10C8D15398FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*",
"matchCriteriaId": "1624E6D6-858E-4085-B0B9-362B819EFD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*",
"matchCriteriaId": "50D61F4A-40F0-477C-8326-7359D3626E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*",
"matchCriteriaId": "1455B4DE-7F1C-4CF2-AE02-2EDD20025D62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*",
"matchCriteriaId": "5B215788-860B-46CD-9A08-43AFF98FAEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "2B92FAD5-CA6E-48F7-9613-3A4CE90F5F54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EB132B-000C-4A17-AFB3-19F40A73D2CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4815AE-B635-4545-83C2-5EC4E0128337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C0046C06-E3E6-4674-A4D1-332DD29D9552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*",
"matchCriteriaId": "2C191851-3DC3-41C7-AD89-81F091CCC83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*",
"matchCriteriaId": "21126922-8E81-47F4-82D4-CBCDDACEC4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*",
"matchCriteriaId": "209E18B0-BBB5-4C65-B336-44340F7740DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*",
"matchCriteriaId": "C867C0B8-91A4-482A-B7DD-54AB9599AE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*",
"matchCriteriaId": "30F03843-8A51-4CE1-BE6C-994BDE3A8F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*",
"matchCriteriaId": "09854948-2657-4261-A32A-0523058F072E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*",
"matchCriteriaId": "D13904A5-266D-481C-A42A-734C3823A238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*",
"matchCriteriaId": "ACC82FCB-0541-45C4-8B7E-CB612D7F702A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*",
"matchCriteriaId": "6C18BD84-5E9C-4C9E-B0AA-2CEB0D7A58C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*",
"matchCriteriaId": "0F5ABC7E-C4E0-4850-A1E6-07EBCF4A87D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*",
"matchCriteriaId": "501E9355-0CDD-4951-BCC3-47962788BCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D976D9-62F0-43C3-8359-E51E26B6CD87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*",
"matchCriteriaId": "02AFBCD0-9B4B-4CA3-8FA9-D8B6ECB24894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*",
"matchCriteriaId": "64ADE9AF-196F-4E0B-BC66-7DE0183F9032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*",
"matchCriteriaId": "C90CCA48-1705-4564-AAF9-271201BD5113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*",
"matchCriteriaId": "0B82BAFF-17F5-465C-8032-67D5ECAB2921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*",
"matchCriteriaId": "1F694FEC-B97D-4BDA-ADFA-751E8BFB7CD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*",
"matchCriteriaId": "F831371E-7437-48D7-8281-1F406215041B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*",
"matchCriteriaId": "BC4F06B5-615A-464A-A0C4-7AABEE8530CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*",
"matchCriteriaId": "92AF503A-A2B1-4FC3-858B-264049ADF0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*",
"matchCriteriaId": "E702C7EC-B1D9-4BDF-B334-2004CD76B52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*",
"matchCriteriaId": "E39F31D6-DC4B-46FE-BE5D-EA612D915A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*",
"matchCriteriaId": "51CB8036-5F36-4CD4-9B3E-D2401F2E64F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*",
"matchCriteriaId": "F9849BA3-3990-4E30-B99B-ADD043314CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*",
"matchCriteriaId": "A20FB18A-D3DA-4DE9-BEFF-75B7AB9B9A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*",
"matchCriteriaId": "7A67CD6F-5E4F-4E69-A2A9-A4033DCE08EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*",
"matchCriteriaId": "A0A22E92-1EA7-45D9-AC86-EC3D9664C294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FA2911-6561-47BF-BEE8-DDA31642C346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA6CA23-6F2B-44D5-B2DA-4F142BA3E48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*",
"matchCriteriaId": "0F829DED-4D92-401A-BD80-C070DE57FC7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*",
"matchCriteriaId": "F560575C-FD8E-485D-B50A-572604BBE903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*",
"matchCriteriaId": "6ED8C51B-AE59-46DC-85F9-6D3B2891CB3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*",
"matchCriteriaId": "1A38D00A-B9DC-44DF-8247-70355FF9A6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*",
"matchCriteriaId": "381EFC43-D5D9-4D10-90BE-4C333A9BA074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*",
"matchCriteriaId": "CBEDED18-2755-4C55-A1A1-04B4D5F40276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*",
"matchCriteriaId": "F04B57EC-0731-40C8-939F-1C686A65A0FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB301FB-EB3E-4F5F-868D-5B66CC7E1E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1D28F9-B135-441B-A9BF-792DD356E374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*",
"matchCriteriaId": "4D01CE3E-5C89-4FC0-9097-CAC483ACD441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDD55C4-AFCD-4DF2-921C-DDC1D7556DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*",
"matchCriteriaId": "8F52334F-BE6A-4FD4-9F63-AE9BB017115B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C9BCC3-B9A6-4195-BF2F-E7BBCE8DC269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4DFFA7-AA0E-4D7E-97B8-13389FD47D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*",
"matchCriteriaId": "707F6671-57AC-4DF4-8024-444502E5C92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1FCE07-F9E8-4B14-95CE-01784D472128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*",
"matchCriteriaId": "C208711F-FC06-46C8-8849-27054DC1B264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB8041-F201-4BB3-AAD9-199B06697DF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*",
"matchCriteriaId": "D75C474C-D5EF-42D6-9B2A-A504BEFCB982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*",
"matchCriteriaId": "1F566CD3-3649-492B-B0AB-A107E51675B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9F3D74-AE72-4FC5-83E9-890781AF3093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8EA6A7-4AB8-487E-B5DD-9989CC5F1CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*",
"matchCriteriaId": "DF63DDC8-A0C1-482B-92F2-CF6135E8C2A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C69918C6-7AAD-4AA5-AB72-C275367B1008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*",
"matchCriteriaId": "06155B0B-A5AD-4A82-8C02-D264981687A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*",
"matchCriteriaId": "F76C19A4-FA26-432A-9443-9F92B2A946EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*",
"matchCriteriaId": "99BEE9BE-E49A-489B-B333-95D0993F8FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*",
"matchCriteriaId": "7427A678-EC47-4030-B905-619DD95F5A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*",
"matchCriteriaId": "86749716-1C9F-4C2A-B2A7-E62DEC10EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*",
"matchCriteriaId": "FD000B53-06DA-4ED4-B0EE-9CB201B75C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*",
"matchCriteriaId": "A8424463-C329-4BAA-8AA1-25CD8B63292E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*",
"matchCriteriaId": "52727E62-0048-4C56-BC8C-B3450D257B21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8223AA-F077-45FD-A7E3-3C2C1A8F6E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA34B50-2330-4D77-BF1A-6F05F3EF222C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*",
"matchCriteriaId": "F6421F69-1076-43D2-B273-DE80FB2D5F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EDA9E2-CFE7-4917-BE48-A83208BDF0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*",
"matchCriteriaId": "9A34E7FC-93A4-45F2-A7B6-4A8ABFCAB0F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*",
"matchCriteriaId": "7E611EDD-D44C-4311-B681-431D7C574528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E1B6AA-2F9A-43A8-9147-2BD9474E54C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*",
"matchCriteriaId": "1886D007-85B6-4E5A-968D-A1FD476A08A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDDCB65-4404-49BC-9515-ECECD58A667F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8D3E00-64C3-407A-9B00-8B6E383F73FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1B00A1-9C15-47C2-9F57-66586DEACC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5BF932-459F-4DD2-B160-5FE0371C7D83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*",
"matchCriteriaId": "A58ACE96-F1BE-4261-8F94-FC3C6E7C7561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*",
"matchCriteriaId": "783D6EA7-C016-4314-A87B-4FED1DC7114B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0176F-FFAE-4A85-9327-CE72FE059E90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*",
"matchCriteriaId": "A56970C7-F8D3-41B2-A78B-0C7F4A2A4E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*",
"matchCriteriaId": "26D4CE1F-86C8-4E48-9146-9DB57BF540FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7F9D65-5537-4C25-B02B-2393F60D1299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*",
"matchCriteriaId": "F09C8A92-820D-4572-A797-180E17A7DEB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7D77A2-0D9A-4D0D-B0DC-152757917BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*",
"matchCriteriaId": "A07D3F1A-16CE-461F-A2F4-80FE5F841CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04557A-C508-4FAD-A535-1C0AEFF08075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFAE489-6679-4705-BF9C-BB6D385A1DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*",
"matchCriteriaId": "429A99C8-BC55-4887-893C-7124C1A5DB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A2B709-CC19-4116-A5BE-5DB5C8B45A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D79DAC74-1F28-4EC8-B417-3FAFFB74C4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1F1377-6220-43FB-BEF9-BAA7B0158147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*",
"matchCriteriaId": "18422CA8-3000-46B1-9065-2369E6B0BE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*",
"matchCriteriaId": "5D558C66-E80E-4FC7-A0DF-485466390C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*",
"matchCriteriaId": "E23EA9AE-9E70-47B5-AD9B-0DF13A0939E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*",
"matchCriteriaId": "860F22F6-4C87-47C5-965E-02A1AFF41A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*",
"matchCriteriaId": "19A2CA86-BFA8-4C78-987D-AD26F32622F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF64E0A-CDB0-427E-A96F-095EFEBA0A3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*",
"matchCriteriaId": "425F6D34-EE60-464B-8EA6-8116EDAA1219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB9F657-1239-4424-A2E8-F8BD98C0095E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*",
"matchCriteriaId": "F631403C-0A67-42CB-815C-133EB87E0C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4A5A57-B1A2-4BBA-AC36-7EA7DF9CDE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*",
"matchCriteriaId": "0453C0EA-BA67-49D5-964F-35493F97D905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4D237E-ACB7-4382-AF5B-D27E634BF867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*",
"matchCriteriaId": "B5461EB2-2958-4923-86AF-C74D449120B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*",
"matchCriteriaId": "45C22141-E698-4E38-AF50-9CE04C1168FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*",
"matchCriteriaId": "49D0E470-427D-4A68-AFD2-982A4F7CE2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*",
"matchCriteriaId": "43AB50F3-14AC-44BD-B7F0-A683C5FD1A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*",
"matchCriteriaId": "713C4B7A-C38A-4818-A258-D07DEDEC906E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*",
"matchCriteriaId": "C59740BE-FC30-4400-B978-1DB41282971C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*",
"matchCriteriaId": "839728F0-5F23-462F-B493-C37EE4C874F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1B47DA-BA53-4D7A-9B5B-582238D5E99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*",
"matchCriteriaId": "D452F1BF-1FA5-463C-8F13-6357509FB5D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*",
"matchCriteriaId": "EF6D1F4C-B396-468C-BA32-9367A68C95DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*",
"matchCriteriaId": "B76A812F-D77A-49C8-B7A5-0C08258D4BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*",
"matchCriteriaId": "6E001AAB-07EC-47BF-BDE9-BB927872781D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DF11F5-61E8-4A98-86C8-49D6B3224FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*",
"matchCriteriaId": "AED153E7-99A2-4C02-B81B-C3DDF8FAE1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*",
"matchCriteriaId": "D024802A-EA60-4D9B-B04C-027A0703EABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*",
"matchCriteriaId": "BA731F3C-1F04-4EE2-83EC-9486F5032903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*",
"matchCriteriaId": "544A59F6-E731-43C8-8455-69256933E71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*",
"matchCriteriaId": "624258EE-7FFF-4432-9B6D-4D60AA73CD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*",
"matchCriteriaId": "69A2701A-35A8-4268-B9CF-40BA3219373B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*",
"matchCriteriaId": "15E671F6-8DED-4735-BE97-58A60E5B5C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC68B2A-8570-4311-BB60-49DBBDAF7430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*",
"matchCriteriaId": "9826FA02-937E-4323-B9D5-8AE059ADBE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8630BB-48AA-4688-A6F0-212C1BB4D14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC98D35-D7D5-4C24-B47E-EDE2A80B2B9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F8ABCB-12C3-4C45-844E-B07F77DA2DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*",
"matchCriteriaId": "326105AC-3926-437E-8AFF-916960107050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "866E1275-7541-4B80-8FDF-53246A204C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*",
"matchCriteriaId": "E190929D-D3CC-46E1-A903-0848829061DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*",
"matchCriteriaId": "81E4EBCB-B660-4F6A-AD73-81B9D8964162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*",
"matchCriteriaId": "55D58CC5-CB46-464D-93B8-6AD5A19AF097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*",
"matchCriteriaId": "16541D3E-EBBD-4D92-96D8-F169733377AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*",
"matchCriteriaId": "3F08D257-F570-4D39-A6E8-0F60E55472E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*",
"matchCriteriaId": "C20ED667-2BFB-41C7-82BA-9F0C0044DA08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*",
"matchCriteriaId": "6158ED8A-007E-48B7-99BF-8BA03BF584BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA7096A-F321-49A0-911A-F9683ABE6E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*",
"matchCriteriaId": "6A471395-7F8F-4BA5-962D-4D8F271FAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*",
"matchCriteriaId": "B9484380-92B9-44DB-8E20-DC8DE02D1CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*",
"matchCriteriaId": "8010808D-805D-4CA3-9EA2-55EB1E57964C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*",
"matchCriteriaId": "9716FE9F-A056-42A3-A241-F2FE37A6386A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*",
"matchCriteriaId": "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*",
"matchCriteriaId": "7A96A5AF-C9EF-4DED-AE25-4540A2B02915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*",
"matchCriteriaId": "D5115B12-053A-4866-A833-D6EC88D8F93E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*",
"matchCriteriaId": "C5619D4D-9685-4595-8A5F-A18273FE4213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*",
"matchCriteriaId": "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3457E-7E1A-4878-9752-79382E954A66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*",
"matchCriteriaId": "68630C63-4457-4E12-B7BD-AD456B237FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FB5695-2950-4CEC-81B4-FD280F835330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*",
"matchCriteriaId": "9F340AF8-508F-449D-9AFA-4E55F069B4F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*",
"matchCriteriaId": "E944410E-D674-4141-B50C-9F55090325FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*",
"matchCriteriaId": "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*",
"matchCriteriaId": "5079AA70-C864-4AE2-809C-52B50632F2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*",
"matchCriteriaId": "5D124BCB-D8C3-49F5-B05C-E09B3CEBEBCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*",
"matchCriteriaId": "6A86291B-C986-4320-BCEF-9F5AD8B309D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*",
"matchCriteriaId": "1227659F-1393-4189-978B-CC3DC53BF407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2DB843-638F-41EF-B486-409318AA2DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*",
"matchCriteriaId": "A0004D8A-A186-4DA2-A7AB-18A6456438FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*",
"matchCriteriaId": "75B6BE9F-F113-4976-951D-53F2E183A95A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB005F1-9719-4985-B9D9-2140C962ADD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*",
"matchCriteriaId": "A94D0C1B-F30F-4724-915E-192C53FAE58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*",
"matchCriteriaId": "3F247860-1D2C-415C-AFBD-26BD875AAF02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*",
"matchCriteriaId": "9697EDCD-A742-4AC6-876E-1080AD684207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*",
"matchCriteriaId": "6E73924A-875B-44D0-8F7C-A822B0488126",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*",
"matchCriteriaId": "03751B92-EE07-4F16-A476-BD25561810BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55FD399E-959A-4FB6-B049-AA73F0DFF9CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "49422CA5-DF4B-4FE4-B408-81B637BE1287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49D662D7-33DF-4DB3-946E-E9E410DC96CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53E56F4F-B418-44DD-9C97-7276A4C58F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F5288B41-ED07-487E-BECD-59978D0F0686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*",
"matchCriteriaId": "AE8DED75-8C97-476F-805B-7A2F17B6BC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*",
"matchCriteriaId": "B061040C-AB62-4ED6-8F4A-A49DA6753C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
},
{
"lang": "es",
"value": "El software de sistema que emplea la t\u00e9cnica de restauraci\u00f3n de estado Lazy FP en los sistemas que emplean microprocesadores de Intel Core podr\u00edan permitir que un proceso local infiera datos de otro proceso mediante un canal lateral de ejecuci\u00f3n especulativa."
}
],
"id": "CVE-2018-3665",
"lastModified": "2024-11-21T04:05:51.690",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-21T20:29:00.373",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104460"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041124"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041125"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1852"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1944"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2165"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-3665"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX235745"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3696-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3696-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4232"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-3665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX235745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3696-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3696-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_31"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*",
"matchCriteriaId": "868DBD6C-E2FB-4710-969A-AC8C5A63B62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*",
"matchCriteriaId": "846F21C6-3D7F-4092-9C68-D5BEAFF7916F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26A04769-0D4E-4B7B-B54C-C686FB69D85A",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "544B3E62-7AE7-4925-9E50-CAFDAD5A3851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B8C11472-2B2A-4110-A04B-5CFBA0763432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "ECD3B63B-1388-4C24-B9B9-043C04FE1F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B10C154A-F559-4BE1-94AE-8619D4634564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7126355-4164-4E54-BCC3-D3D6D1E5AF81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE91B02A-0F07-437D-8AFC-38541C5A04AD",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el m\u00f3dulo VGA en QEMU permite a usuarios de SO invitado locales provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites y ca\u00edda de proceso QEMU) editando registros VGA en modo VBE."
}
],
"evaluatorComment": "CWE-190: Integer Overflow or Wraparound",
"id": "CVE-2016-3712",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T21:59:02.063",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0621.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0621.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-24 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xen | xen | 4.6.0 | |
| xen | xen | 4.6.1 | |
| xen | xen | 4.6.3 | |
| xen | xen | 4.6.4 | |
| xen | xen | 4.6.5 | |
| xen | xen | 4.6.6 | |
| xen | xen | 4.7.0 | |
| xen | xen | 4.7.1 | |
| xen | xen | 4.7.2 | |
| xen | xen | 4.7.3 | |
| xen | xen | 4.8.0 | |
| xen | xen | 4.8.1 | |
| xen | xen | 4.9.0 | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| citrix | xenserver | 7.1 | |
| citrix | xenserver | 7.2 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B814C381-4991-495A-B530-7543F977B346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14442705-D243-4250-A486-E70989946D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB7BAFE-9CB4-40D2-908C-55307728116F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD42E21-EA9E-41EB-AC7E-478CCEEEBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D58EAB-3FEB-4D5A-B998-D77EC90FDFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DD0255-9127-4C7F-9C02-42198820363E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDFDDA0-51D2-4995-9B4D-48047C940FC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6E971A9F-18CB-4264-AF71-CCB32B7325B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "03D52712-AD95-459D-943C-936F90B828B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4447FA6-EDE7-4915-8238-2EA4CE782E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB6804DA-1A77-47BF-803A-30AC602F8A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDCF3F8-86AB-4BCD-A4E0-9C751E8BF8EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68A35129-70B0-4EA9-A0A2-51AC277649D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling."
},
{
"lang": "es",
"value": "Una condici\u00f3n de carrera en el c\u00f3digo de tabla de concesiones en Xen 4.6.x a 4.9.x permite que administradores invitados locales del sistema operativo provoquen una denegaci\u00f3n de servicio (corrupci\u00f3n de lista libre y bloqueo del host) o que obtengan beneficios en el host mediante vectores que impliquen la gesti\u00f3n de lista libre de maptrack."
}
],
"id": "CVE-2017-12136",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-24T14:29:00.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100346"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039175"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-228.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX225941"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D566AF-D1DE-4EAD-B881-DC40D1DE780C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81BED703-422A-4937-8BF0-F83C248188F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A241BABC-E6A8-43B1-BED6-77FC38E337BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:helion_openstack:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DBE8AEFE-C74B-4E24-8EBA-35207DE756E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26A04769-0D4E-4B7B-B54C-C686FB69D85A",
"versionEndIncluding": "2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "544B3E62-7AE7-4925-9E50-CAFDAD5A3851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B8C11472-2B2A-4110-A04B-5CFBA0763432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "ECD3B63B-1388-4C24-B9B9-043C04FE1F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B10C154A-F559-4BE1-94AE-8619D4634564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qemu:qemu:2.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F7126355-4164-4E54-BCC3-D3D6D1E5AF81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:vm_server:3.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "FC9E8528-0FB8-4BF0-A9EF-6CC84A2631A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*",
"matchCriteriaId": "8663D0AF-825D-48FC-8AED-498434A0AA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*",
"matchCriteriaId": "457955E5-41E5-4E17-8435-AA0F6F757A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE91B02A-0F07-437D-8AFC-38541C5A04AD",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D86166F9-BBF0-4650-8CCD-0F9C97104D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the \"Dark Portal\" issue."
},
{
"lang": "es",
"value": "El m\u00f3dulo VGA en QEMU lleva a cabo incorrectamente comprobaciones de l\u00edmites sobre acceso almacenado a la memoria de v\u00eddeo, lo que permite a administradores locales de SO invitado ejecutar c\u00f3digo arbitrario sobre el anfitri\u00f3n cambiando los modos de acceso despu\u00e9s de establecer el banco de registros, tambi\u00e9n conocido como el problema \"Dark Portal\"."
}
],
"id": "CVE-2016-3710",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T21:59:01.077",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0724.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0725.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0997.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0999.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1019.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1943.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90316"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1224"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0724.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0725.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0997.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0999.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1943.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-26 22:29
Modified
2024-11-21 03:42
Severity ?
Summary
Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security_alert@emc.com | http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en | Patch, Vendor Advisory | |
| security_alert@emc.com | http://www.securityfocus.com/bid/104567 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104567 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dell | emc_idrac_service_module | 3.0.1 | |
| dell | emc_idrac_service_module | 3.0.2 | |
| dell | emc_idrac_service_module | 3.1.0 | |
| dell | emc_idrac_service_module | 3.2.0 | |
| citrix | xenserver | 7.1 | |
| redhat | enterprise_linux | 6.9 | |
| redhat | enterprise_linux | 7.4 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:emc_idrac_service_module:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61FA8A18-C839-49C4-8050-099A55C5D498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:emc_idrac_service_module:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2055E74-38B9-4644-AF50-8416519AAB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:emc_idrac_service_module:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F997EF-B3DB-4A63-8352-D425EB37186D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dell:emc_idrac_service_module:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "427082ED-AFC1-4D82-9F9D-AC056706D3AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5647AEA-DCE6-4950-A7EB-05465ECDDE16",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "39A7795D-CFD3-4643-A7A1-7AD7629B5511",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "41E76620-EC14-4D2B-828F-53F26DEA5DDC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CEF98D6C-3C80-4A42-B14B-22D69BC1F4C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content."
},
{
"lang": "es",
"value": "El m\u00f3dulo de servicio Dell EMC iDRAC para todas las versiones de Linux compatibles y las versiones v3.0.1, v3.0.2, v3.1.0 y v3.2.0 de XenServer, cuando se inicia, cambia el permiso de archivo por defecto de los archivos hosts del sistema operativo anfitri\u00f3n (/etc/hosts) para que sea modificable por cualquier usuario. Un proceso o usuario del sistema operativo con bajos privilegios podr\u00eda modificar el archivo host y poder redirigir el tr\u00e1fico desde el destino original a sitios que albergan contenido malicioso o no deseado."
}
],
"id": "CVE-2018-11053",
"lastModified": "2024-11-21T03:42:34.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.3,
"source": "security_alert@emc.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-26T22:29:00.210",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en"
},
{
"source": "security_alert@emc.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104567"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-23 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24FCA867-7158-459C-9D6C-75A39263F00A",
"versionEndIncluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "550223A9-B9F1-440A-8C25-9F0F76AF7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand."
},
{
"lang": "es",
"value": "XENMEM_populate_physmap en Xen v4.0, v4.1, y v4.2, y Citrix XenServer v6.0.2 y anteriores, cuando el modo de traducci\u00f3n de p\u00e1gina no se utiliza, permite a los kernels locales PV del SO invitado causar una denegaci\u00f3n de servicio (ca\u00edda del host) a trav\u00e9s flags inv\u00e1lidos como MEMF_populate_on_demand."
}
],
"id": "CVE-2012-3496",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-23T20:55:03.257",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1027481"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "secalert@redhat.com",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2544"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/85200"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55412"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1027481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/85200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201604-03"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-30 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Linux Foundation xapi en Citrix XenServer hasta la versi\u00f3n 7.0. Un administrador autenticado de solo lectura puede corromper la base de datos del host."
}
],
"id": "CVE-2017-5572",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-30T16:59:00.147",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95801"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1037716"
},
{
"source": "cve@mitre.org",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.citrix.com/article/CTX220112"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 22:15
Modified
2024-11-21 01:43
Severity ?
Summary
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/55432 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/55432 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC776FD-F889-4999-A109-3D1B62D7765E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57F938EB-46B0-4D82-98D3-1FCB22C02F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "5F9C0D34-7A68-4CBC-876A-75C9A9AB495A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "642BB495-D395-4951-A863-00B52A6BBE83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0185CA86-C2BE-4445-A053-0FBDC670ED88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:common_criteria:*:*:*:*:*:*",
"matchCriteriaId": "3B79BFD0-6E4C-41FD-8F7E-318119B412F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:fp1:*:*:*:*:*:*",
"matchCriteriaId": "6444BE32-E02D-49E3-BC2F-DE0593ADAF88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:5.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DB215BC8-3376-42B8-98E3-7484715AB93F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges."
},
{
"lang": "es",
"value": "Citrix XenServer versiones 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0 y 5.0 Update 3, contiene una vulnerabilidad de Escalada de Privilegios Locales que podr\u00eda permitir a usuarios locales con acceso a un sistema operativo invitado alcanzar privilegios elevados."
}
],
"id": "CVE-2012-4606",
"lastModified": "2024-11-21T01:43:14.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T22:15:09.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55432"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-11 20:15
Modified
2024-11-21 02:08
Severity ?
Summary
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/58455 | Permissions Required, Third Party Advisory | |
| cve@mitre.org | http://support.citrix.com/article/CTX140814 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/67693 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1030304 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/58455 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.citrix.com/article/CTX140814 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/67693 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030304 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C1D10B8-202D-44A4-A872-88D7C11488D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66AF3F78-AA0C-473E-8B90-AC77B4CF3667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame."
},
{
"lang": "es",
"value": "Las Herramientas para Invitados de Windows en Citrix XenServer versi\u00f3n 6.2 SP1 y anteriores, permiten a los atacantes remotos causar una denegaci\u00f3n de servicio (fallo del Sistema Operativo invitado) por medio de una trama de Ethernet especialmente dise\u00f1ada."
}
],
"id": "CVE-2014-3798",
"lastModified": "2024-11-21T02:08:52.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-11T20:15:10.977",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58455"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140814"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67693"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/58455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX140814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030304"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-26 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "099FC9FA-B2B0-48FC-8E1A-07784D9A2D67",
"versionEndIncluding": "4.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations."
},
{
"lang": "es",
"value": "Xen hasta la versi\u00f3n 4.8.x permite a administradores del kernel locales x86 PV invitados del SO provocar una denegaci\u00f3n de servicio (cuelgue del anfitri\u00f3n o ca\u00edda) modificando el flujo de instrucciones asincr\u00f3nicamente mientras se llevan a cabo ciertas operaciones del kernel."
}
],
"id": "CVE-2016-10024",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-26T15:59:00.190",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3847"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95021"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037517"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-202.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX219378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-202.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX219378"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/94471 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1037340 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://xenbits.xen.org/xsa/advisory-191.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201612-56 | ||
| cve@mitre.org | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94471 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037340 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xenbits.xen.org/xsa/advisory-191.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201612-56 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.citrix.com/article/CTX218775 | Patch, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEA97B9-A443-4F87-81B4-B3F0E94AC18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56434D13-7A7B-495C-A135-2688C706A065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B9CCC2-BAC5-4A65-B8D4-4B71EBBA0C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving \"unexpected\" base/limit values."
},
{
"lang": "es",
"value": "El emulador x86 en Xen no trata adecuadamente los segmentos NULL de x86 como inutilizable el acceso a memoria, lo que podr\u00eda permitir a usuarios locales del HVM invitado obtener privilegios a trav\u00e9s de vectores que implican valores de base/l\u00edmite \"inesperados\"."
}
],
"id": "CVE-2016-9386",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:02.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94471"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037340"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-191.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-191.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE91B02A-0F07-437D-8AFC-38541C5A04AD",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to \"compromise\" a host by leveraging credentials for an Active Directory account."
},
{
"lang": "es",
"value": "Citrix XenServer 7.0 en versiones anteriores a Hotfix XS70E003, cuando un despliegue se ha actualizado desde una versi\u00f3n anterior, podr\u00eda permitir a atacantes remotos en la red de gesti\u00f3n \"comprometer\" un host aprovechando las credenciales para una cuenta Active Directory."
}
],
"id": "CVE-2016-5302",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-13T14:59:10.323",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX213549"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036082"
},
{
"source": "cve@mitre.org",
"url": "https://support.citrix.com/article/CTX213769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX213549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.citrix.com/article/CTX213769"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-07 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ntp | ntp | * | |
| ntp | ntp | * | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| netapp | oncommand_performance_manager | - | |
| netapp | oncommand_unified_manager | - | |
| netapp | clustered_data_ontap | - | |
| netapp | data_ontap | - | |
| citrix | xenserver | 6.0.2 | |
| citrix | xenserver | 6.2.0 | |
| citrix | xenserver | 6.5 | |
| citrix | xenserver | 7.0 | |
| siemens | tim_4r-ie_firmware | * | |
| siemens | tim_4r-ie | - | |
| siemens | tim_4r-ie_dnp3_firmware | * | |
| siemens | tim_4r-ie_dnp3 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C240BAAB-8C12-4501-9DC6-FB877304E908",
"versionEndExcluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79494F07-6081-497D-8A2D-B05486599EAE",
"versionEndExcluding": "4.3.77",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EEA51D83-5841-4335-AF07-7A43C118CAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
"matchCriteriaId": "49ADE0C3-F75C-4EC0-8805-56013F0EB92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
"matchCriteriaId": "D8FF625A-EFA3-43D1-8698-4A37AE31A07C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
"matchCriteriaId": "E3B99BBD-97FE-4615-905A-A614592226F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
"matchCriteriaId": "E7A9AD3A-F030-4331-B52A-518BD963AB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
"matchCriteriaId": "C293B8BE-6691-4944-BCD6-25EB98CABC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEA650F8-2576-494A-A861-61572CA319D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
"matchCriteriaId": "4ED21EE8-7CBF-4BC5-BFC3-185D41296238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "C76A0B44-13DE-4173-8D05-DA54F6A71759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
"matchCriteriaId": "1450241C-2F6D-4122-B33C-D78D065BA403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
"matchCriteriaId": "721AFD22-91D3-488E-A5E6-DD84C86E412B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
"matchCriteriaId": "8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "41E44E9F-6383-4E12-AEDC-B653FEA77A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
"matchCriteriaId": "466D9A37-2658-4695-9429-0C6BF4A631C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
"matchCriteriaId": "99774181-5F12-446C-AC2C-DB1C52295EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
"matchCriteriaId": "4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED6CAE-D97F-49E0-9D00-1642A3A427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "392A1364-2739-450D-9E19-DFF93081C2C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCF191B-971A-4945-AB14-08091689BE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F31DB577-72CD-49CC-8AF5-23098503939E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3CC06F6C-6C15-444F-B159-235D347E5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "405F950F-0772-41A3-8B72-B67151CC1376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0730ED6-676B-4200-BC07-C0B4531B242C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:tim_4r-ie:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B87B16C-9E9F-448B-9255-B2BB2B8CAD63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:tim_4r-ie_dnp3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16E82E3-9A85-41A4-8A33-12AE45A1B584",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:tim_4r-ie_dnp3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE27728D-D37B-43FC-BA8A-0E930DDBD10B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests."
},
{
"lang": "es",
"value": "La funcionalidad de limitaci\u00f3n de velocidad en NTP 4.x en versiones anteriores a la 4.2.8p4 y 4.3.x en versiones anteriores a la 4.3.77 permite que atacantes remotos provoquen errores sin especificar empleando un gran n\u00famero de peticiones manipuladas."
}
],
"id": "CVE-2015-7705",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T20:29:00.730",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"source": "cve@mitre.org",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77284"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"source": "cve@mitre.org",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"source": "cve@mitre.org",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"source": "cve@mitre.org",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-13 11:53
Modified
2025-04-11 00:51
Severity ?
Summary
Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8A5E02-029D-426E-BC1D-F4D080A3D0FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "Un error \u00edndice de matriz en el controlador de HVMOP_set_mem_access en Xen v4.1 permite causar una denegaci\u00f3n de servicio (ca\u00edda del S.O.) u obtener informaci\u00f3n sensible a los administradores de sistemas operativos invitados en el HVM local a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2012-5512",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-13T11:53:48.400",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51397"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51486"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51487"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX135777"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/12/03/7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/88132"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/56799"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.citrix.com/article/CTX135777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/12/03/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/88132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80481"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-22 16:41
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "A3527267-1796-4C0F-A163-AA2D940F3B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:enterprise_dell_edition:*:*:*:*:*",
"matchCriteriaId": "003AE52A-6A27-4211-86E8-DC1D7952DEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:enterprise_hp_integrated:*:*:*:*:*",
"matchCriteriaId": "D60CD827-9BFB-4066-9F8F-01F85ACA19F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:express:*:*:*:*:*",
"matchCriteriaId": "578D0F60-A229-43DA-9EA9-C1EDB701D0E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:express_dell_edition:*:*:*:*:*",
"matchCriteriaId": "5A8EBBF2-398F-4354-B8B1-84982FC42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:select_hp_integrated:*:*:*:*:*",
"matchCriteriaId": "797085C1-701F-4922-956F-0C851CDB4799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:citrix:xenserver:4.1.0:*:standard:*:*:*:*:*",
"matchCriteriaId": "39F87F18-348A-40FF-88A2-49111F380864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados en las interfaces XenAPI HTTP en Citrix XenServer Express, Standard, y Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express y Enterprise) 4.1.0; y HP integrated Citrix XenServer (Select y Enterprise) 4.1.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-3253",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-07-22T16:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31133"
},
{
"source": "cve@mitre.org",
"url": "http://support.citrix.com/article/CTX117814"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30265"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020515"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2117/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.citrix.com/article/CTX117814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2117/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-22 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| citrix | xenserver | * | |
| xen | xen | 3.3.0 | |
| xen | xen | 3.3.1 | |
| xen | xen | 3.3.2 | |
| xen | xen | 3.4.0 | |
| xen | xen | 3.4.1 | |
| xen | xen | 3.4.2 | |
| xen | xen | 3.4.3 | |
| xen | xen | 3.4.4 | |
| xen | xen | 4.1.0 | |
| xen | xen | 4.1.1 | |
| xen | xen | 4.1.2 | |
| xen | xen | 4.1.3 | |
| xen | xen | 4.1.4 | |
| xen | xen | 4.1.5 | |
| xen | xen | 4.1.6 | |
| xen | xen | 4.1.6.1 | |
| xen | xen | 4.2.0 | |
| xen | xen | 4.2.1 | |
| xen | xen | 4.2.2 | |
| xen | xen | 4.2.3 | |
| xen | xen | 4.2.4 | |
| xen | xen | 4.2.5 | |
| xen | xen | 4.3.0 | |
| xen | xen | 4.3.1 | |
| xen | xen | 4.3.2 | |
| xen | xen | 4.3.3 | |
| xen | xen | 4.3.4 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.0 | |
| xen | xen | 4.4.1 | |
| xen | xen | 4.4.2 | |
| xen | xen | 4.4.3 | |
| xen | xen | 4.5.0 | |
| xen | xen | 4.5.1 | |
| xen | xen | 4.5.2 | |
| xen | xen | 4.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:xenserver:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "28C047F6-2394-49E3-A2C6-1E0C1C6409D7",
"versionEndIncluding": "6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB157D09-B91B-486A-A9F7-C9BA75AE8823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95119D-EAF1-48D4-AE7C-0C4927D06CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D40E4E4-3FCB-4980-8DD2-49DDABCB398E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D1B7E-C30F-430F-832D-2A405DA1F2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C1D0AD-B804-474C-96A3-988BADA0DAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCD1F05-9F96-40DD-B506-750E87306325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25B6AE42-E1EB-47A8-8FAF-7A93A67EC67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "60BADA43-94D5-4E80-B5C8-D01A0249F13E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D532B60-C8DD-4A2F-9D05-E574D23EB754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D83CA8B-8E49-45FA-8FAB-C15052474542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27537DF5-7E0F-463F-BA87-46E329EE07AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA4F978-9145-4FE6-B4F9-15207E52C40A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "22A995FD-9B7F-4DF0-BECF-4B086E470F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "219597E2-E2D7-4647-8A7C-688B96300158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C59417-493C-493A-9AB2-317F240BF387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65E55950-EACA-4209-B2A1-E09026FC6006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F0AF8EF-6FF6-4E22-B16E-82C9F90C6B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47640819-FC43-49ED-8A77-728C3D7255B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2448537F-87AD-45C1-9FB0-7A49CA31BD76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E36B2265-70E1-413B-A7CF-79D39E9ADCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37148A72-BE20-45C5-8589-2309ED84D08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB736B4C-325A-4B27-8C8A-15E60B8A8C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF948E6A-07BE-4C7D-8A98-002E89D35F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E23B94-1726-4F63-84BB-8D83FAB156D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C76124AB-4E3D-4BE0-AAEA-7FC05868E2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F30B5EF5-0AE8-420B-A103-B1B25A372F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F784EF07-DBEC-492A-A0F4-F9F7B2551A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1044792C-D544-457C-9391-4F3B5BAB978D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CF23B21B-594A-42E2-AF90-D5C4246B39A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD9AD01-50B7-4951-8A73-A6CF4801A487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89AA8FD5-E997-4F0D-AFB6-FFBE0073BA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "75615D84-9CA1-456C-816D-768E37B074A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90CCECD0-C0F9-45A8-8699-64428637EBCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0ED340C-6746-471E-9F2D-19D62D224B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99BD7C4F-DE4C-4508-B20D-46A94B616C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6F7CE9-C409-4D88-9A99-B21420633F45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check."
},
{
"lang": "es",
"value": "La funci\u00f3n paging_invlpg en include/asm-x86/paging.h en Xen 3.3.x hasta la versi\u00f3n 4.6.x, cuando se utiliza paginaci\u00f3n en modo shadow o la virtualizaci\u00f3n anidada est\u00e1 habilitada, permite a usuarios HVM invitados locales provocar una denegaci\u00f3n de servicio (ca\u00edda de host) a trav\u00e9s de una direcci\u00f3n de invitado no can\u00f3nica en una instrucci\u00f3n INVVPID, lo que desencadena una comprobaci\u00f3n de errores de hipervisor."
}
],
"id": "CVE-2016-1571",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-22T15:59:06.867",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX205496"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1034745"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-168.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.citrix.com/article/CTX205496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.securitytracker.com/id/1034745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xenbits.xen.org/xsa/advisory-168.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-7704 (GCVE-0-2015-7704)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:58:59.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"name": "RHSA-2015:1930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1930.html"
},
{
"name": "77280",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77280"
},
{
"name": "VU#718152",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "DSA-3388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"name": "RHSA-2015:2520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2520.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:55:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"name": "RHSA-2015:1930",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1930.html"
},
{
"name": "77280",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77280"
},
{
"name": "VU#718152",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "DSA-3388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"name": "RHSA-2015:2520",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2520.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1271070"
},
{
"name": "RHSA-2015:1930",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1930.html"
},
{
"name": "77280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77280"
},
{
"name": "VU#718152",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"name": "http://bugs.ntp.org/show_bug.cgi?id=2901",
"refsource": "CONFIRM",
"url": "http://bugs.ntp.org/show_bug.cgi?id=2901"
},
{
"name": "https://support.citrix.com/article/CTX220112",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
},
{
"name": "1033951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "DSA-3388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"name": "https://www.cs.bu.edu/~goldbe/NTPattack.html",
"refsource": "MISC",
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"name": "https://eprint.iacr.org/2015/1020.pdf",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"name": "RHSA-2015:2520",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2520.html"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2901",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7704",
"datePublished": "2017-08-07T20:00:00",
"dateReserved": "2015-10-04T00:00:00",
"dateUpdated": "2024-08-06T07:58:59.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3253 (GCVE-0-2008-3253)
Vulnerability from cvelistv5
Published
2008-07-22 16:00
Modified
2024-08-07 09:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:42.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "citrix-xenserver-xenapihttp-xss(43857)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX117814"
},
{
"name": "1020515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020515"
},
{
"name": "30265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30265"
},
{
"name": "31133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31133"
},
{
"name": "ADV-2008-2117",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2117/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "citrix-xenserver-xenapihttp-xss(43857)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX117814"
},
{
"name": "1020515",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020515"
},
{
"name": "30265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30265"
},
{
"name": "31133",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31133"
},
{
"name": "ADV-2008-2117",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2117/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the XenAPI HTTP interfaces in Citrix XenServer Express, Standard, and Enterprise Edition 4.1.0; Citrix XenServer Dell Edition (Express and Enterprise) 4.1.0; and HP integrated Citrix XenServer (Select and Enterprise) 4.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "citrix-xenserver-xenapihttp-xss(43857)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43857"
},
{
"name": "http://support.citrix.com/article/CTX117814",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX117814"
},
{
"name": "1020515",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020515"
},
{
"name": "30265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30265"
},
{
"name": "31133",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31133"
},
{
"name": "ADV-2008-2117",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2117/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3253",
"datePublished": "2008-07-22T16:00:00",
"dateReserved": "2008-07-22T00:00:00",
"dateUpdated": "2024-08-07T09:28:42.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4106 (GCVE-0-2015-4106)
Vulnerability from cvelistv5
Published
2015-06-03 20:00
Modified
2024-08-06 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2630-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX206006"
},
{
"name": "DSA-3286",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"name": "SUSE-SU-2015:1156",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"name": "FEDORA-2015-9466",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"name": "DSA-3284",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"name": "74949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74949"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-131.html"
},
{
"name": "SUSE-SU-2015:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX201145"
},
{
"name": "SUSE-SU-2015:1045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "1032467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032467"
},
{
"name": "FEDORA-2015-9456",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"name": "SUSE-SU-2015:1042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"name": "FEDORA-2015-9965",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2630-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX206006"
},
{
"name": "DSA-3286",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"name": "SUSE-SU-2015:1156",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"name": "FEDORA-2015-9466",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"name": "DSA-3284",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"name": "74949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74949"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-131.html"
},
{
"name": "SUSE-SU-2015:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX201145"
},
{
"name": "SUSE-SU-2015:1045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "1032467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032467"
},
{
"name": "FEDORA-2015-9456",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"name": "SUSE-SU-2015:1042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"name": "FEDORA-2015-9965",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2630-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"name": "https://support.citrix.com/article/CTX206006",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX206006"
},
{
"name": "DSA-3286",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"name": "SUSE-SU-2015:1156",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"name": "FEDORA-2015-9466",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"name": "DSA-3284",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"name": "74949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74949"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-131.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-131.html"
},
{
"name": "SUSE-SU-2015:1157",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"name": "http://support.citrix.com/article/CTX201145",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201145"
},
{
"name": "SUSE-SU-2015:1045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "1032467",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032467"
},
{
"name": "FEDORA-2015-9456",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"name": "SUSE-SU-2015:1042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"name": "FEDORA-2015-9965",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4106",
"datePublished": "2015-06-03T20:00:00",
"dateReserved": "2015-05-27T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5512 (GCVE-0-2012-5512)
Vulnerability from cvelistv5
Published
2012-12-13 11:00
Modified
2024-08-06 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "openSUSE-SU-2013:0133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html"
},
{
"name": "56799",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56799"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX135777"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "51397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51397"
},
{
"name": "[oss-security] 20121203 Xen Security Advisory 28 (CVE-2012-5512) - HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/03/7"
},
{
"name": "openSUSE-SU-2012:1685",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
},
{
"name": "51486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51486"
},
{
"name": "51487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51487"
},
{
"name": "xen-hvmopsetmemaccess-dos(80481)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80481"
},
{
"name": "88132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/88132"
},
{
"name": "openSUSE-SU-2012:1687",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html"
},
{
"name": "SUSE-SU-2012:1615",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in the HVMOP_set_mem_access handler in Xen 4.1 allows local HVM guest OS administrators to cause a denial of service (crash) or obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "openSUSE-SU-2013:0133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00011.html"
},
{
"name": "56799",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56799"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX135777"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "51397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51397"
},
{
"name": "[oss-security] 20121203 Xen Security Advisory 28 (CVE-2012-5512) - HVMOP_get_mem_access crash / HVMOP_set_mem_access information leak",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/03/7"
},
{
"name": "openSUSE-SU-2012:1685",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html"
},
{
"name": "51486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51486"
},
{
"name": "51487",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51487"
},
{
"name": "xen-hvmopsetmemaccess-dos(80481)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80481"
},
{
"name": "88132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/88132"
},
{
"name": "openSUSE-SU-2012:1687",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00019.html"
},
{
"name": "SUSE-SU-2012:1615",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00001.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5512",
"datePublished": "2012-12-13T11:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5573 (GCVE-0-2017-5573)
Vulnerability from cvelistv5
Published
2017-01-30 16:00
Modified
2024-08-05 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:15.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037716"
},
{
"name": "95796",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95796"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037716"
},
{
"name": "95796",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95796"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can cancel tasks of other administrators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX220112",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037716"
},
{
"name": "95796",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95796"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5573",
"datePublished": "2017-01-30T16:00:00",
"dateReserved": "2017-01-23T00:00:00",
"dateUpdated": "2024-08-05T15:04:15.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0217 (GCVE-0-2012-0217)
Vulnerability from cvelistv5
Published
2012-06-12 22:00
Modified
2024-08-06 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-08T10:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2012-0217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "TA12-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"name": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/",
"refsource": "CONFIRM",
"url": "http://blog.xen.org/index.php/2012/06/13/the-intel-sysret-privilege-escalation/"
},
{
"name": "MS12-042",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-042"
},
{
"name": "28718",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/28718/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=813428",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=813428"
},
{
"name": "NetBSD-SA2012-003",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2012-003.txt.asc"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "oval:org.mitre.oval:def:15596",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15596"
},
{
"name": "DSA-2501",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2501"
},
{
"name": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/",
"refsource": "CONFIRM",
"url": "http://blog.illumos.org/2012/06/14/illumos-vulnerability-patched/"
},
{
"name": "https://www.illumos.org/issues/2873",
"refsource": "CONFIRM",
"url": "https://www.illumos.org/issues/2873"
},
{
"name": "[xen-devel] 20120619 Security vulnerability process, and CVE-2012-0217",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-06/msg01072.html"
},
{
"name": "DSA-2508",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2508"
},
{
"name": "[xen-announce] 20120612 Xen Security Advisory 7 (CVE-2012-0217) - PV privilege escalation",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-06/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "http://support.citrix.com/article/CTX133161",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX133161"
},
{
"name": "46508",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46508/"
},
{
"name": "http://smartos.org/2012/06/15/smartos-news-3/",
"refsource": "CONFIRM",
"url": "http://smartos.org/2012/06/15/smartos-news-3/"
},
{
"name": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012",
"refsource": "CONFIRM",
"url": "http://wiki.smartos.org/display/DOC/SmartOS+Change+Log#SmartOSChangeLog-June14%2C2012"
},
{
"name": "VU#649219",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/649219"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "FreeBSD-SA-12:04",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2012-0217",
"datePublished": "2012-06-12T22:00:00",
"dateReserved": "2011-12-14T00:00:00",
"dateUpdated": "2024-08-06T18:16:19.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9385 (GCVE-0-2016-9385)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94472"
},
{
"name": "1037342",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-193.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94472"
},
{
"name": "1037342",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-193.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94472"
},
{
"name": "1037342",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037342"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-193.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-193.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9385",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3516 (GCVE-0-2012-3516)
Vulnerability from cvelistv5
Published
2012-11-23 20:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55411",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55411"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/11"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GNTTABOP_swap_grant_ref sub-operation in the grant table hypercall in Xen 4.2 and Citrix XenServer 6.0.2 allows local guest kernels or administrators to cause a denial of service (host crash) and possibly gain privileges via a crafted grant reference that triggers a write to an arbitrary hypervisor memory location."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-01-29T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55411",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55411"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 18 (CVE-2012-3516) - grant table entry swaps have inadequate bounds checking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/11"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-18_grant_table_entry_swaps_have_inadequate_bounds_checking"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3516",
"datePublished": "2012-11-23T20:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19962 (GCVE-0-2018-19962)
Vulnerability from cvelistv5
Published
2018-12-08 04:00
Modified
2024-08-05 11:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:51:17.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-08T14:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX239432",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106182"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-275.html",
"refsource": "MISC",
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19962",
"datePublished": "2018-12-08T04:00:00",
"dateReserved": "2018-12-07T00:00:00",
"dateUpdated": "2024-08-05T11:51:17.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8897 (GCVE-0-2018-8897)
Vulnerability from cvelistv5
Published
2018-05-08 18:00
Modified
2024-08-05 07:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:46.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"name": "1040849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040849"
},
{
"name": "104071",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104071"
},
{
"name": "RHSA-2018:1350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1350"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX234679"
},
{
"name": "RHSA-2018:1347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1347"
},
{
"name": "44697",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1383-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"name": "1040866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040866"
},
{
"name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name": "[debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT208742"
},
{
"name": "RHSA-2018:1346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1346"
},
{
"name": "RHSA-2018:1348",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1348"
},
{
"name": "RHSA-2018:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1354"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"name": "DSA-4196",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc"
},
{
"name": "1040744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040744"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"name": "RHSA-2018:1351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1351"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
},
{
"name": "RHSA-2018:1319",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"name": "DSA-4201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1355",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"name": "RHSA-2018:1345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1345"
},
{
"name": "45024",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"name": "RHSA-2018:1349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897"
},
{
"name": "RHSA-2018:1352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1352"
},
{
"name": "RHSA-2018:1318",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1318"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"name": "VU#631579",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/can1357/CVE-2018-8897/"
},
{
"name": "RHSA-2018:1524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"name": "1040861",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040861"
},
{
"name": "RHSA-2018:1353",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1353"
},
{
"name": "USN-3641-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_21"
},
{
"name": "1040882",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040882"
},
{
"name": "USN-3641-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-21T08:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"name": "1040849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040849"
},
{
"name": "104071",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104071"
},
{
"name": "RHSA-2018:1350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1350"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX234679"
},
{
"name": "RHSA-2018:1347",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1347"
},
{
"name": "44697",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1383-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"name": "1040866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040866"
},
{
"name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name": "[debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT208742"
},
{
"name": "RHSA-2018:1346",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1346"
},
{
"name": "RHSA-2018:1348",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1348"
},
{
"name": "RHSA-2018:1354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1354"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"name": "DSA-4196",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc"
},
{
"name": "1040744",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040744"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"name": "RHSA-2018:1351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1351"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
},
{
"name": "RHSA-2018:1319",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"name": "DSA-4201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1355",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"name": "RHSA-2018:1345",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1345"
},
{
"name": "45024",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"name": "RHSA-2018:1349",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897"
},
{
"name": "RHSA-2018:1352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1352"
},
{
"name": "RHSA-2018:1318",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1318"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"name": "VU#631579",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/can1357/CVE-2018-8897/"
},
{
"name": "RHSA-2018:1524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"name": "1040861",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040861"
},
{
"name": "RHSA-2018:1353",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1353"
},
{
"name": "USN-3641-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_21"
},
{
"name": "1040882",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040882"
},
{
"name": "USN-3641-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"name": "http://openwall.com/lists/oss-security/2018/05/08/4",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2018/05/08/4"
},
{
"name": "1040849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040849"
},
{
"name": "104071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104071"
},
{
"name": "RHSA-2018:1350",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1350"
},
{
"name": "https://support.citrix.com/article/CTX234679",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX234679"
},
{
"name": "RHSA-2018:1347",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1347"
},
{
"name": "44697",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44697/"
},
{
"name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1383-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00015.html"
},
{
"name": "1040866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040866"
},
{
"name": "[debian-lts-announce] 20181112 [SECURITY] [DLA 1577-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html"
},
{
"name": "[debian-lts-announce] 20180601 [SECURITY] [DLA 1392-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00000.html"
},
{
"name": "https://support.apple.com/HT208742",
"refsource": "MISC",
"url": "https://support.apple.com/HT208742"
},
{
"name": "RHSA-2018:1346",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1346"
},
{
"name": "RHSA-2018:1348",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1348"
},
{
"name": "RHSA-2018:1354",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1354"
},
{
"name": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368",
"refsource": "MISC",
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=333368"
},
{
"name": "DSA-4196",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4196"
},
{
"name": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc",
"refsource": "MISC",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-18:06.debugreg.asc"
},
{
"name": "1040744",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040744"
},
{
"name": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html",
"refsource": "MISC",
"url": "https://www.triplefault.io/2018/05/spurious-db-exceptions-with-pop-ss.html"
},
{
"name": "RHSA-2018:1351",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1351"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-260.html",
"refsource": "MISC",
"url": "https://xenbits.xen.org/xsa/advisory-260.html"
},
{
"name": "RHSA-2018:1319",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"name": "DSA-4201",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4201"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1355",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180927-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180927-0002/"
},
{
"name": "RHSA-2018:1345",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1345"
},
{
"name": "45024",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45024/"
},
{
"name": "RHSA-2018:1349",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1349"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897"
},
{
"name": "RHSA-2018:1352",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1352"
},
{
"name": "RHSA-2018:1318",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1318"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9"
},
{
"name": "https://patchwork.kernel.org/patch/10386677/",
"refsource": "MISC",
"url": "https://patchwork.kernel.org/patch/10386677/"
},
{
"name": "VU#631579",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/631579"
},
{
"name": "https://github.com/can1357/CVE-2018-8897/",
"refsource": "MISC",
"url": "https://github.com/can1357/CVE-2018-8897/"
},
{
"name": "RHSA-2018:1524",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1524"
},
{
"name": "http://openwall.com/lists/oss-security/2018/05/08/1",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2018/05/08/1"
},
{
"name": "1040861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040861"
},
{
"name": "RHSA-2018:1353",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1353"
},
{
"name": "USN-3641-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3641-2/"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_21",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_21"
},
{
"name": "1040882",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040882"
},
{
"name": "USN-3641-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3641-1/"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190921-01-debug-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-8897",
"datePublished": "2018-05-08T18:00:00",
"dateReserved": "2018-03-21T00:00:00",
"dateUpdated": "2024-08-05T07:10:46.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5661 (GCVE-0-2024-5661)
Vulnerability from cvelistv5
Published
2024-06-13 05:58
Modified
2024-10-28 19:54
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ► | Citrix | Citrix Hypervisor |
Version: 8 Version: 8.2 CU1 LTSR |
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-5661",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T20:17:25.710448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T19:54:43.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:18:06.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Citrix Hypervisor",
"vendor": "Citrix",
"versions": [
{
"lessThanOrEqual": "0",
"status": "affected",
"version": "8",
"versionType": "patch"
},
{
"lessThanOrEqual": "XS82ECU1068",
"status": "affected",
"version": "8.2 CU1 LTSR",
"versionType": "hotfix"
}
]
},
{
"defaultStatus": "unaffected",
"product": "XenServer",
"vendor": "Citrix",
"versions": [
{
"lessThanOrEqual": "0",
"status": "affected",
"version": "8",
"versionType": "patch"
},
{
"lessThanOrEqual": "XS82ECU1068",
"status": "affected",
"version": "8.2 CU1 LTSR",
"versionType": "hotfix"
}
]
}
],
"datePublic": "2024-06-12T05:54:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which may allow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T05:58:45.694Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX677100/xenserver-and-citrix-hypervisor-security-update-for-cve20245661"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Potential Denial of Service affecting XenServer and Citrix Hypervisor",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2024-5661",
"datePublished": "2024-06-13T05:58:45.694Z",
"dateReserved": "2024-06-05T17:26:31.502Z",
"dateUpdated": "2024-10-28T19:54:43.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3496 (GCVE-0-2012-3496)
Vulnerability from cvelistv5
Published
2012-11-23 20:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.713Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
},
{
"name": "1027481",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027481"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "xen-xenmempopulatephysmap-dos(78267)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
},
{
"name": "55412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55412"
},
{
"name": "85200",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/85200"
},
{
"name": "SUSE-SU-2012:1162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "openSUSE-SU-2012:1174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "DSA-2544",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
},
{
"name": "1027481",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027481"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "xen-xenmempopulatephysmap-dos(78267)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
},
{
"name": "55412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55412"
},
{
"name": "85200",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/85200"
},
{
"name": "SUSE-SU-2012:1162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "openSUSE-SU-2012:1174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "DSA-2544",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2544"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3496",
"datePublished": "2012-11-23T20:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12135 (GCVE-0-2017-12135)
Vulnerability from cvelistv5
Published
2017-08-24 14:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170817 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/17/6"
},
{
"name": "100344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100344"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-226.html"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/1"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039178"
},
{
"name": "[oss-security] 20200414 Xen Security Advisory 318 v3 (CVE-2020-11742) - Bad continuation handling in GNTTABOP_copy",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/14/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-14T14:06:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170817 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/17/6"
},
{
"name": "100344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100344"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-226.html"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/1"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039178"
},
{
"name": "[oss-security] 20200414 Xen Security Advisory 318 v3 (CVE-2020-11742) - Bad continuation handling in GNTTABOP_copy",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/04/14/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX225941",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170817 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/17/6"
},
{
"name": "100344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100344"
},
{
"name": "DSA-3969",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477655"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-226.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-226.html"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 226 (CVE-2017-12135) - multiple problems with transitive grants",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/1"
},
{
"name": "GLSA-201801-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039178",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039178"
},
{
"name": "[oss-security] 20200414 Xen Security Advisory 318 v3 (CVE-2020-11742) - Bad continuation handling in GNTTABOP_copy",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/04/14/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12135",
"datePublished": "2017-08-24T14:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12134 (GCVE-0-2017-12134)
Vulnerability from cvelistv5
Published
2017-08-24 14:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "1039176",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039176"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-229.html"
},
{
"name": "DSA-3981",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 229 (CVE-2017-12134) - linux: Fix Xen block IO merge-ability calculation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
},
{
"name": "100343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-30T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "1039176",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039176"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-229.html"
},
{
"name": "DSA-3981",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "USN-3655-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "USN-3655-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 229 (CVE-2017-12134) - linux: Fix Xen block IO merge-ability calculation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
},
{
"name": "100343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX225941",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "1039176",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039176"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-229.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-229.html"
},
{
"name": "DSA-3981",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3981"
},
{
"name": "USN-3655-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-1/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477656"
},
{
"name": "GLSA-201801-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "USN-3655-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3655-2/"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 229 (CVE-2017-12134) - linux: Fix Xen block IO merge-ability calculation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/4"
},
{
"name": "100343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12134",
"datePublished": "2017-08-24T14:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9379 (GCVE-0-2016-9379)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/xsa198.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-198.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037347"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9379",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19965 (GCVE-0-2018-19965)
Vulnerability from cvelistv5
Published
2018-12-08 04:00
Modified
2024-08-05 11:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:51:17.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-279.html"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-17T20:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://xenbits.xen.org/xsa/advisory-279.html"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX239432",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-279.html",
"refsource": "MISC",
"url": "https://xenbits.xen.org/xsa/advisory-279.html"
},
{
"name": "DSA-4369",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106182"
},
{
"name": "FEDORA-2019-bce6498890",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19965",
"datePublished": "2018-12-08T04:00:00",
"dateReserved": "2018-12-07T00:00:00",
"dateUpdated": "2024-08-05T11:51:17.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10025 (GCVE-0-2016-10025)
Vulnerability from cvelistv5
Published
2017-01-26 15:00
Modified
2024-08-06 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:32.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95026",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX219378"
},
{
"name": "1037518",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037518"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-26T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95026",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX219378"
},
{
"name": "1037518",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037518"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95026"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-203.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"name": "https://support.citrix.com/article/CTX219378",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX219378"
},
{
"name": "1037518",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037518"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10025",
"datePublished": "2017-01-26T15:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-06T03:07:32.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3798 (GCVE-0-2014-3798)
Vulnerability from cvelistv5
Published
2019-07-11 19:14
Modified
2024-08-06 10:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:17.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030304",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030304"
},
{
"name": "67693",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67693"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140814"
},
{
"name": "58455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58455"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-11T19:14:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1030304",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030304"
},
{
"name": "67693",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67693"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140814"
},
{
"name": "58455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58455"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3798",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Guest Tools in Citrix XenServer 6.2 SP1 and earlier allows remote attackers to cause a denial of service (guest OS crash) via a crafted Ethernet frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030304",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030304"
},
{
"name": "67693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67693"
},
{
"name": "http://support.citrix.com/article/CTX140814",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140814"
},
{
"name": "58455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58455"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3798",
"datePublished": "2019-07-11T19:14:08",
"dateReserved": "2014-05-20T00:00:00",
"dateUpdated": "2024-08-06T10:57:17.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7705 (GCVE-0-2015-7705)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:58:59.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "VU#718152",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"name": "USN-2783-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "77284",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "SUSE-SU-2016:1311",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"name": "SUSE-SU-2016:2094",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "openSUSE-SU-2016:1423",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "openSUSE-SU-2016:1329",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"name": "SUSE-SU-2016:1471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "SUSE-SU-2016:1291",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
},
{
"name": "SUSE-SU-2016:1568",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:2016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "SUSE-SU-2016:1278",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-05T16:56:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2016:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "VU#718152",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"name": "USN-2783-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "77284",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "SUSE-SU-2016:1311",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"name": "SUSE-SU-2016:2094",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "openSUSE-SU-2016:1423",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "openSUSE-SU-2016:1329",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"name": "SUSE-SU-2016:1471",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "SUSE-SU-2016:1291",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
},
{
"name": "SUSE-SU-2016:1568",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:2016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "SUSE-SU-2016:1278",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "VU#718152",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/718152"
},
{
"name": "USN-2783-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "77284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77284"
},
{
"name": "https://support.citrix.com/article/CTX220112",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1033951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
},
{
"name": "SUSE-SU-2016:1311",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"name": "https://www.cs.bu.edu/~goldbe/NTPattack.html",
"refsource": "MISC",
"url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
},
{
"name": "SUSE-SU-2016:2094",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "https://eprint.iacr.org/2015/1020.pdf",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2015/1020.pdf"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2901",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "openSUSE-SU-2016:1423",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "openSUSE-SU-2016:1329",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"name": "SUSE-SU-2016:1471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa103",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "SUSE-SU-2016:1291",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
},
{
"name": "SUSE-SU-2016:1568",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
},
{
"name": "openSUSE-SU-2015:2016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "SUSE-SU-2016:1278",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7705",
"datePublished": "2017-08-07T20:00:00",
"dateReserved": "2015-10-04T00:00:00",
"dateUpdated": "2024-08-06T07:58:59.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3498 (GCVE-0-2012-3498)
Vulnerability from cvelistv5
Published
2012-11-23 20:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map->index.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "55414",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55414"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"name": "85198",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/85198"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "xen-physdevopmappirq-dos(78269)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "1027483",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1027483"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PHYSDEVOP_map_pirq in Xen 4.1 and 4.2 and Citrix XenServer 6.0.2 and earlier allows local HVM guest OS kernels to cause a denial of service (host crash) and possibly read hypervisor or guest memory via vectors related to a missing range check of map-\u003eindex."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "55414",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55414"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"name": "85198",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/85198"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "xen-physdevopmappirq-dos(78269)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "1027483",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1027483"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3498",
"datePublished": "2012-11-23T20:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2615 (GCVE-0-2017-2615)
Vulnerability from cvelistv5
Published
2018-07-02 18:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:06.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"name": "RHSA-2017:0334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615"
},
{
"name": "1037804",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037804"
},
{
"name": "RHSA-2017:0328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "95990",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95990"
},
{
"name": "RHSA-2017:0333",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"name": "GLSA-201702-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-27"
},
{
"name": "[oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/6"
},
{
"name": "RHSA-2017:0454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"name": "[qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html"
},
{
"name": "RHSA-2017:0331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"name": "GLSA-201702-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201702-28"
},
{
"name": "RHSA-2017:0350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"name": "RHSA-2017:0396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"name": "RHSA-2017:0309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html"
},
{
"name": "RHSA-2017:0344",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html"
},
{
"name": "RHSA-2017:0330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"name": "RHSA-2017:0332",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220771"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "display",
"vendor": "qemu",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-07T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"name": "RHSA-2017:0334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615"
},
{
"name": "1037804",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037804"
},
{
"name": "RHSA-2017:0328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "95990",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95990"
},
{
"name": "RHSA-2017:0333",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"name": "GLSA-201702-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-27"
},
{
"name": "[oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/01/6"
},
{
"name": "RHSA-2017:0454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"name": "[qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html"
},
{
"name": "RHSA-2017:0331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"name": "GLSA-201702-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201702-28"
},
{
"name": "RHSA-2017:0350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"name": "RHSA-2017:0396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"name": "RHSA-2017:0309",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html"
},
{
"name": "RHSA-2017:0344",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html"
},
{
"name": "RHSA-2017:0330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"name": "RHSA-2017:0332",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220771"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2615",
"datePublished": "2018-07-02T18:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:06.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9386 (GCVE-0-2016-9386)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94471"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-191.html"
},
{
"name": "1037340",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving \"unexpected\" base/limit values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94471"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-191.html"
},
{
"name": "1037340",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037340"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving \"unexpected\" base/limit values."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94471"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-191.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-191.html"
},
{
"name": "1037340",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9386",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10024 (GCVE-0-2016-10024)
Vulnerability from cvelistv5
Published
2017-01-26 15:00
Modified
2024-08-06 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.968Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-202.html"
},
{
"name": "95021",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95021"
},
{
"name": "DSA-3847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3847"
},
{
"name": "1037517",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX219378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-202.html"
},
{
"name": "95021",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95021"
},
{
"name": "DSA-3847",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3847"
},
{
"name": "1037517",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX219378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-202.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-202.html"
},
{
"name": "95021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95021"
},
{
"name": "DSA-3847",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3847"
},
{
"name": "1037517",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037517"
},
{
"name": "https://support.citrix.com/article/CTX219378",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX219378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10024",
"datePublished": "2017-01-26T15:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6258 (GCVE-0-2016-6258)
Vulnerability from cvelistv5
Published
2016-08-02 16:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-182.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.6.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "GLSA-201611-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-09"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa182-unstable.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.5.patch"
},
{
"name": "DSA-3633",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"name": "1036446",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036446"
},
{
"name": "92131",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92131"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-182.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.6.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "GLSA-201611-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-09"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa182-unstable.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa182-4.5.patch"
},
{
"name": "DSA-3633",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"name": "1036446",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036446"
},
{
"name": "92131",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92131"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for updating pagetable entries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-182.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-182.html"
},
{
"name": "http://xenbits.xen.org/xsa/xsa182-4.6.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa182-4.6.patch"
},
{
"name": "http://support.citrix.com/article/CTX214954",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "GLSA-201611-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-09"
},
{
"name": "http://xenbits.xen.org/xsa/xsa182-unstable.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa182-unstable.patch"
},
{
"name": "http://xenbits.xen.org/xsa/xsa182-4.5.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa182-4.5.patch"
},
{
"name": "DSA-3633",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"name": "1036446",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036446"
},
{
"name": "92131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92131"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6258",
"datePublished": "2016-08-02T16:00:00",
"dateReserved": "2016-07-20T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9382 (GCVE-0-2016-9382)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:36.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94470",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94470"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-192.html"
},
{
"name": "1037341",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94470",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94470"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-192.html"
},
{
"name": "1037341",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94470"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-192.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-192.html"
},
{
"name": "1037341",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037341"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9382",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:36.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3710 (GCVE-0-2016-3710)
Vulnerability from cvelistv5
Published
2016-05-11 21:00
Modified
2024-08-06 00:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "RHSA-2016:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0999.html"
},
{
"name": "90316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90316"
},
{
"name": "RHSA-2016:0725",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0725.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "RHSA-2016:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"name": "RHSA-2016:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1002.html"
},
{
"name": "RHSA-2016:1001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1001.html"
},
{
"name": "RHSA-2016:0997",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0997.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862"
},
{
"name": "1035794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"name": "RHSA-2016:1943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1943.html"
},
{
"name": "RHSA-2016:1019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1019.html"
},
{
"name": "USN-2974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"name": "[oss-security] 20160509 CVE-2016-3710 Qemu: vga: out-of-bounds r/w access issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/3"
},
{
"name": "RHSA-2016:0724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0724.html"
},
{
"name": "[Qemu-devel] 20160509 [PULL 1/5] vga: fix banked access bounds checking (CVE-2016-3710)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html"
},
{
"name": "RHSA-2016:1224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1224"
},
{
"name": "DSA-3573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the \"Dark Portal\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "RHSA-2016:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0999.html"
},
{
"name": "90316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90316"
},
{
"name": "RHSA-2016:0725",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0725.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "RHSA-2016:1000",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"name": "RHSA-2016:1002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1002.html"
},
{
"name": "RHSA-2016:1001",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1001.html"
},
{
"name": "RHSA-2016:0997",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0997.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862"
},
{
"name": "1035794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"name": "RHSA-2016:1943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1943.html"
},
{
"name": "RHSA-2016:1019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1019.html"
},
{
"name": "USN-2974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"name": "[oss-security] 20160509 CVE-2016-3710 Qemu: vga: out-of-bounds r/w access issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/3"
},
{
"name": "RHSA-2016:0724",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0724.html"
},
{
"name": "[Qemu-devel] 20160509 [PULL 1/5] vga: fix banked access bounds checking (CVE-2016-3710)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01197.html"
},
{
"name": "RHSA-2016:1224",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1224"
},
{
"name": "DSA-3573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3710",
"datePublished": "2016-05-11T21:00:00",
"dateReserved": "2016-03-30T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19961 (GCVE-0-2018-19961)
Vulnerability from cvelistv5
Published
2018-12-08 04:00
Modified
2024-08-05 11:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:51:17.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-08T14:06:08",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106182"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX239432",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX239432"
},
{
"name": "DSA-4369",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4369"
},
{
"name": "106182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106182"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-275.html",
"refsource": "MISC",
"url": "https://xenbits.xen.org/xsa/advisory-275.html"
},
{
"name": "FEDORA-2019-bce6498890",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UXC6BME7SXJI2ZIATNXCAH7RGPI4UKTT/"
},
{
"name": "openSUSE-SU-2019:1226",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
},
{
"name": "[debian-lts-announce] 20191008 [SECURITY] [DLA 1949-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00008.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19961",
"datePublished": "2018-12-08T04:00:00",
"dateReserved": "2018-12-07T00:00:00",
"dateUpdated": "2024-08-05T11:51:17.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2620 (GCVE-0-2017-2620)
Vulnerability from cvelistv5
Published
2018-07-27 19:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"name": "RHSA-2017:0334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"name": "1037870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037870"
},
{
"name": "RHSA-2017:0328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "RHSA-2017:0333",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"name": "RHSA-2017:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0351.html"
},
{
"name": "RHSA-2017:0454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://xenbits.xen.org/xsa/advisory-209.html"
},
{
"name": "RHSA-2017:0331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620"
},
{
"name": "[oss-security] 20170221 CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/1"
},
{
"name": "RHSA-2017:0350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"name": "GLSA-201704-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201704-01"
},
{
"name": "[qemu-devel] 20170221 [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html"
},
{
"name": "RHSA-2017:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0352.html"
},
{
"name": "RHSA-2017:0330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"name": "RHSA-2017:0332",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"name": "96378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220771"
},
{
"name": "GLSA-201703-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201703-07"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Qemu:",
"vendor": "QEMU",
"versions": [
{
"status": "affected",
"version": "2.8"
}
]
}
],
"datePublic": "2017-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-07T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"name": "RHSA-2017:0334",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"name": "1037870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037870"
},
{
"name": "RHSA-2017:0328",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "RHSA-2017:0333",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"name": "RHSA-2017:0351",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0351.html"
},
{
"name": "RHSA-2017:0454",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://xenbits.xen.org/xsa/advisory-209.html"
},
{
"name": "RHSA-2017:0331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620"
},
{
"name": "[oss-security] 20170221 CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/1"
},
{
"name": "RHSA-2017:0350",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0396",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"name": "GLSA-201704-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201704-01"
},
{
"name": "[qemu-devel] 20170221 [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html"
},
{
"name": "RHSA-2017:0352",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0352.html"
},
{
"name": "RHSA-2017:0330",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"name": "RHSA-2017:0332",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"name": "96378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220771"
},
{
"name": "GLSA-201703-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201703-07"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-2620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Qemu:",
"version": {
"version_data": [
{
"version_value": "2.8"
}
]
}
}
]
},
"vendor_name": "QEMU"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
],
[
{
"vectorString": "4.9/AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:0329",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html"
},
{
"name": "RHSA-2017:0334",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html"
},
{
"name": "1037870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037870"
},
{
"name": "RHSA-2017:0328",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "RHSA-2017:0333",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html"
},
{
"name": "RHSA-2017:0351",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0351.html"
},
{
"name": "RHSA-2017:0454",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-209.html",
"refsource": "CONFIRM",
"url": "https://xenbits.xen.org/xsa/advisory-209.html"
},
{
"name": "RHSA-2017:0331",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620"
},
{
"name": "[oss-security] 20170221 CVE-2017-2620 Qemu: display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/21/1"
},
{
"name": "RHSA-2017:0350",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0396",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html"
},
{
"name": "GLSA-201704-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201704-01"
},
{
"name": "[qemu-devel] 20170221 [PATCH] cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620)",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html"
},
{
"name": "RHSA-2017:0352",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0352.html"
},
{
"name": "RHSA-2017:0330",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html"
},
{
"name": "RHSA-2017:0332",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html"
},
{
"name": "96378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96378"
},
{
"name": "https://support.citrix.com/article/CTX220771",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX220771"
},
{
"name": "GLSA-201703-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201703-07"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-2620",
"datePublished": "2018-07-27T19:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3495 (GCVE-0-2012-3495)
Vulnerability from cvelistv5
Published
2012-11-23 20:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.705Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "55406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55406"
},
{
"name": "1027480",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027480"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "55406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55406"
},
{
"name": "1027480",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027480"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3495",
"datePublished": "2012-11-23T20:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3712 (GCVE-0-2016-3712)
Vulnerability from cvelistv5
Published
2016-05-11 21:00
Modified
2024-08-06 00:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "RHSA-2017:0621",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0621.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"name": "[Qemu-devel] 20160509 [PULL 5/5] vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html"
},
{
"name": "[oss-security] 20160509 CVE-2016-3712 Qemu: vga: out-of-bounds read and integer overflow issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/4"
},
{
"name": "1035794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"name": "USN-2974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"name": "RHSA-2016:2585",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
},
{
"name": "DSA-3573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"name": "90314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90314"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-179.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "RHSA-2017:0621",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0621.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX212736"
},
{
"name": "[Qemu-devel] 20160509 [PULL 5/5] vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg01196.html"
},
{
"name": "[oss-security] 20160509 CVE-2016-3712 Qemu: vga: out-of-bounds read and integer overflow issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/09/4"
},
{
"name": "1035794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035794"
},
{
"name": "USN-2974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2974-1"
},
{
"name": "RHSA-2016:2585",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
},
{
"name": "DSA-3573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3573"
},
{
"name": "90314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90314"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3712",
"datePublished": "2016-05-11T21:00:00",
"dateReserved": "2016-03-30T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5302 (GCVE-0-2016-5302)
Vulnerability from cvelistv5
Published
2016-06-13 14:00
Modified
2024-08-06 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to "compromise" a host by leveraging credentials for an Active Directory account.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:57.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX213769"
},
{
"name": "1036082",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX213549"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to \"compromise\" a host by leveraging credentials for an Active Directory account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-15T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX213769"
},
{
"name": "1036082",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX213549"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to \"compromise\" a host by leveraging credentials for an Active Directory account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX213769",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX213769"
},
{
"name": "1036082",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036082"
},
{
"name": "http://support.citrix.com/article/CTX213549",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX213549"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5302",
"datePublished": "2016-06-13T14:00:00",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:57.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5572 (GCVE-0-2017-5572)
Vulnerability from cvelistv5
Published
2017-01-30 16:00
Modified
2024-08-05 15:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:04:15.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95801",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95801"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037716"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-14T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95801",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95801"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037716"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An authenticated read-only administrator can corrupt the host database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95801"
},
{
"name": "https://support.citrix.com/article/CTX220112",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX220112"
},
{
"name": "1037716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037716"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5572",
"datePublished": "2017-01-30T16:00:00",
"dateReserved": "2017-01-23T00:00:00",
"dateUpdated": "2024-08-05T15:04:15.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2619 (GCVE-0-2010-2619)
Vulnerability from cvelistv5
Published
2010-07-02 20:00
Modified
2024-09-17 01:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags."
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX125319"
},
{
"name": "40282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40282"
},
{
"name": "1024157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024157"
},
{
"name": "ADV-2010-1613",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger \"incorrectly set flags.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-07-02T20:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX125319"
},
{
"name": "40282",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40282"
},
{
"name": "1024157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024157"
},
{
"name": "ADV-2010-1613",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger \"incorrectly set flags.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/CTX125319",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX125319"
},
{
"name": "40282",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40282"
},
{
"name": "1024157",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024157"
},
{
"name": "ADV-2010-1613",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2619",
"datePublished": "2010-07-02T20:00:00Z",
"dateReserved": "2010-07-02T00:00:00Z",
"dateUpdated": "2024-09-17T01:21:13.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4606 (GCVE-0-2012-4606)
Vulnerability from cvelistv5
Published
2020-01-23 21:39
Modified
2024-08-06 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55432",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T21:39:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55432",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4606",
"datePublished": "2020-01-23T21:39:51",
"dateReserved": "2012-08-23T00:00:00",
"dateUpdated": "2024-08-06T20:42:54.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0633 (GCVE-0-2010-0633)
Vulnerability from cvelistv5
Published
2010-02-12 22:00
Modified
2024-09-16 17:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:52:19.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX123456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX123193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX123460"
},
{
"name": "38431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38431"
},
{
"name": "ADV-2010-0290",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0290"
},
{
"name": "1023530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023530"
},
{
"name": "38052",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-02-12T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX123456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX123193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX123460"
},
{
"name": "38431",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38431"
},
{
"name": "ADV-2010-0290",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0290"
},
{
"name": "1023530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023530"
},
{
"name": "38052",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/CTX123456",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123456"
},
{
"name": "http://support.citrix.com/article/CTX123193",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123193"
},
{
"name": "http://support.citrix.com/article/CTX123460",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123460"
},
{
"name": "38431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38431"
},
{
"name": "ADV-2010-0290",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0290"
},
{
"name": "1023530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023530"
},
{
"name": "38052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0633",
"datePublished": "2010-02-12T22:00:00Z",
"dateReserved": "2010-02-12T00:00:00Z",
"dateUpdated": "2024-09-16T17:07:48.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12137 (GCVE-0-2017-12137)
Vulnerability from cvelistv5
Published
2017-08-24 14:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 227 (CVE-2017-12137) - x86: PV privilege escalation via map_grant_ref",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/2"
},
{
"name": "1039174",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039174"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "100342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-227.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-15T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 227 (CVE-2017-12137) - x86: PV privilege escalation via map_grant_ref",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/2"
},
{
"name": "1039174",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039174"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "100342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-227.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX225941",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 227 (CVE-2017-12137) - x86: PV privilege escalation via map_grant_ref",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/2"
},
{
"name": "1039174",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039174"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477657"
},
{
"name": "DSA-3969",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "GLSA-201801-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "100342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100342"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-227.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-227.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12137",
"datePublished": "2017-08-24T14:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1571 (GCVE-0-2016-1571)
Vulnerability from cvelistv5
Published
2016-01-22 15:00
Modified
2024-08-05 23:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:11.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX205496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-168.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-30T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX205496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-168.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The paging_invlpg function in include/asm-x86/paging.h in Xen 3.3.x through 4.6.x, when using shadow mode paging or nested virtualization is enabled, allows local HVM guest users to cause a denial of service (host crash) via a non-canonical guest address in an INVVPID instruction, which triggers a hypervisor bug check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3519",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034745",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034745"
},
{
"name": "http://support.citrix.com/article/CTX205496",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX205496"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-168.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-168.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1571",
"datePublished": "2016-01-22T15:00:00",
"dateReserved": "2016-01-11T00:00:00",
"dateUpdated": "2024-08-05T23:02:11.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6259 (GCVE-0-2016-6259)
Vulnerability from cvelistv5
Published
2016-08-02 16:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "1036447",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036447"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa183-unstable.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-183.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa183-4.6.patch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-08-02T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "92130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "1036447",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036447"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa183-unstable.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-183.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa183-4.6.patch"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allows local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92130"
},
{
"name": "http://support.citrix.com/article/CTX214954",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX214954"
},
{
"name": "1036447",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036447"
},
{
"name": "http://xenbits.xen.org/xsa/xsa183-unstable.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa183-unstable.patch"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-183.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-183.html"
},
{
"name": "http://xenbits.xen.org/xsa/xsa183-4.6.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa183-4.6.patch"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6259",
"datePublished": "2016-08-02T16:00:00",
"dateReserved": "2016-07-20T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3665 (GCVE-0-2018-3665)
Vulnerability from cvelistv5
Published
2018-06-21 20:00
Modified
2024-09-17 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel Core-based microprocessors |
Version: All |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "RHSA-2018:2164",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "USN-3696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3696-1/"
},
{
"name": "1041125",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041125"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "RHSA-2018:1944",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1944"
},
{
"name": "RHSA-2018:1852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1852"
},
{
"name": "FreeBSD-SA-18:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
},
{
"name": "1041124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041124"
},
{
"name": "RHSA-2018:2165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2165"
},
{
"name": "DSA-4232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4232"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "USN-3696-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3696-2/"
},
{
"name": "104460",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104460"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_31"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX235745"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-3665"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel Core-based microprocessors",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"datePublic": "2018-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T02:22:59",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "RHSA-2018:2164",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "USN-3696-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3696-1/"
},
{
"name": "1041125",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041125"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "RHSA-2018:1944",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1944"
},
{
"name": "RHSA-2018:1852",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1852"
},
{
"name": "FreeBSD-SA-18:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
},
{
"name": "1041124",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041124"
},
{
"name": "RHSA-2018:2165",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2165"
},
{
"name": "DSA-4232",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4232"
},
{
"name": "USN-3698-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "USN-3696-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3696-2/"
},
{
"name": "104460",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104460"
},
{
"name": "USN-3698-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_31"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX235745"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2018-3665"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-06-13T00:00:00",
"ID": "CVE-2018-3665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel Core-based microprocessors",
"version": {
"version_data": [
{
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
},
{
"name": "RHSA-2018:2164",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2164"
},
{
"name": "USN-3696-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3696-1/"
},
{
"name": "1041125",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041125"
},
{
"name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
},
{
"name": "RHSA-2018:1944",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1944"
},
{
"name": "RHSA-2018:1852",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1852"
},
{
"name": "FreeBSD-SA-18:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:07.lazyfpu.asc"
},
{
"name": "1041124",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041124"
},
{
"name": "RHSA-2018:2165",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2165"
},
{
"name": "DSA-4232",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4232"
},
{
"name": "USN-3698-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-1/"
},
{
"name": "USN-3696-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3696-2/"
},
{
"name": "104460",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104460"
},
{
"name": "USN-3698-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"name": "RHSA-2019:1170",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"refsource": "CONFIRM",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_31",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_31"
},
{
"name": "https://security.netapp.com/advisory/ntap-20181016-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181016-0001/"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html"
},
{
"name": "https://support.citrix.com/article/CTX235745",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX235745"
},
{
"name": "https://security.paloaltonetworks.com/CVE-2018-3665",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2018-3665"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3665",
"datePublished": "2018-06-21T20:00:00Z",
"dateReserved": "2017-12-28T00:00:00",
"dateUpdated": "2024-09-17T01:01:36.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11053 (GCVE-0-2018-11053)
Vulnerability from cvelistv5
Published
2018-06-26 22:00
Modified
2024-09-16 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper File Permission Vulnerability
Summary
Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell EMC | iDRAC Service Module |
Version: 3.0.1 Version: 3.0.2 Version: 3.1.0 Version: 3.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104567",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104567"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDRAC Service Module",
"vendor": "Dell EMC",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.2.0"
}
]
}
],
"datePublic": "2018-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper File Permission Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-28T09:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "104567",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104567"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "iSM: Dell EMC iDRAC Service Module Improper File Permission Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2018-06-26T17:00:00.000Z",
"ID": "CVE-2018-11053",
"STATE": "PUBLIC",
"TITLE": "iSM: Dell EMC iDRAC Service Module Improper File Permission Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iDRAC Service Module",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "3.0.1",
"version_value": "3.0.1"
},
{
"affected": "=",
"version_affected": "=",
"version_name": "3.0.2",
"version_value": "3.0.2"
},
{
"affected": "=",
"version_affected": "=",
"version_name": "3.1.0",
"version_value": "3.1.0"
},
{
"affected": "=",
"version_affected": "=",
"version_name": "3.2.0",
"version_value": "3.2.0"
}
]
}
}
]
},
"vendor_name": "Dell EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper File Permission Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104567",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104567"
},
{
"name": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en",
"refsource": "MISC",
"url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2018-11053",
"datePublished": "2018-06-26T22:00:00Z",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-09-16T17:03:39.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8555 (GCVE-0-2015-8555)
Vulnerability from cvelistv5
Published
2016-04-13 15:00
Modified
2024-08-06 08:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:43.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "DSA-3519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034477",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034477"
},
{
"name": "79543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79543"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-165.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX203879"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "DSA-3519",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034477",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034477"
},
{
"name": "79543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79543"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-165.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX203879"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when XSAVE/XRSTOR are not used to manage guest extended register state, which allows local guest domains to obtain sensitive information from other domains via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "DSA-3519",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3519"
},
{
"name": "1034477",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034477"
},
{
"name": "79543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79543"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-165.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-165.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "http://support.citrix.com/article/CTX203879",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX203879"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8555",
"datePublished": "2016-04-13T15:00:00",
"dateReserved": "2015-12-14T00:00:00",
"dateUpdated": "2024-08-06T08:20:43.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9380 (GCVE-0-2016-9380)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037347"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/xsa198.patch",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/xsa198.patch"
},
{
"name": "94473",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94473"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-198.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-198.html"
},
{
"name": "1037347",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037347"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9380",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14007 (GCVE-0-2018-14007)
Vulnerability from cvelistv5
Published
2018-08-15 18:00
Modified
2024-08-05 09:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Citrix XenServer 7.1 and newer allows Directory Traversal.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:21:40.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-271.html"
},
{
"name": "105110",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105110"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX236548"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Citrix XenServer 7.1 and newer allows Directory Traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-18T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-271.html"
},
{
"name": "105110",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105110"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX236548"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Citrix XenServer 7.1 and newer allows Directory Traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-271.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-271.html"
},
{
"name": "105110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105110"
},
{
"name": "https://support.citrix.com/article/CTX236548",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX236548"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14007",
"datePublished": "2018-08-15T18:00:00",
"dateReserved": "2018-07-12T00:00:00",
"dateUpdated": "2024-08-05T09:21:40.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4948 (GCVE-0-2014-4948)
Vulnerability from cvelistv5
Published
2014-07-22 20:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD).
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:36.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "xenserver-cve20144948-dos(94632)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94632"
},
{
"name": "60027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030604"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "68660",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68660"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "xenserver-cve20144948-dos(94632)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94632"
},
{
"name": "60027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030604"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "68660",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68660"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Citrix XenServer 6.2 Service Pack 1 and earlier allows attackers to cause a denial of service and obtain sensitive information by modifying the guest virtual hard disk (VHD)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "xenserver-cve20144948-dos(94632)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94632"
},
{
"name": "60027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"name": "http://support.citrix.com/article/CTX140984",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "68660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68660"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4948",
"datePublished": "2014-07-22T20:00:00",
"dateReserved": "2014-07-14T00:00:00",
"dateUpdated": "2024-08-06T11:34:36.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12136 (GCVE-0-2017-12136)
Vulnerability from cvelistv5
Published
2017-08-24 14:00
Modified
2024-08-05 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-228.html"
},
{
"name": "100346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100346"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 228 (CVE-2017-12136) - grant_table: Race conditions with maptrack free list handling",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039175",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039175"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-15T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX225941"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-228.html"
},
{
"name": "100346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100346"
},
{
"name": "DSA-3969",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 228 (CVE-2017-12136) - grant_table: Race conditions with maptrack free list handling",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651"
},
{
"name": "GLSA-201801-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039175",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039175"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.citrix.com/article/CTX225941",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX225941"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-228.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-228.html"
},
{
"name": "100346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100346"
},
{
"name": "DSA-3969",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "[oss-security] 20170815 Xen Security Advisory 228 (CVE-2017-12136) - grant_table: Race conditions with maptrack free list handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/08/15/3"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477651"
},
{
"name": "GLSA-201801-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"name": "1039175",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039175"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12136",
"datePublished": "2017-08-24T14:00:00",
"dateReserved": "2017-08-01T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3494 (GCVE-0-2012-3494)
Vulnerability from cvelistv5
Published
2012-11-23 20:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "SUSE-SU-2012:1135",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "55400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55400"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
},
{
"name": "SUSE-SU-2012:1162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "openSUSE-SU-2012:1174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "xen-setdebugreg-dos(78265)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
},
{
"name": "SUSE-SU-2012:1129",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "85197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/85197"
},
{
"name": "1027479",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027479"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "DSA-2544",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The set_debugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service (host crash) by writing to the reserved bits of the DR7 debug control register."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "SUSE-SU-2012:1135",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50472"
},
{
"name": "55400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55400"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
},
{
"name": "SUSE-SU-2012:1162",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "openSUSE-SU-2012:1174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "GLSA-201604-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "xen-setdebugreg-dos(78265)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
},
{
"name": "SUSE-SU-2012:1132",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
},
{
"name": "SUSE-SU-2012:1129",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
},
{
"name": "SUSE-SU-2012:1133",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "85197",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/85197"
},
{
"name": "1027479",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027479"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "DSA-2544",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2544"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3494",
"datePublished": "2012-11-23T20:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9383 (GCVE-0-2016-9383)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94474",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94474"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-195.html"
},
{
"name": "1037346",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037346"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94474",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94474"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-195.html"
},
{
"name": "1037346",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037346"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94474"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-195.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-195.html"
},
{
"name": "1037346",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037346"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9383",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4947 (GCVE-0-2014-4947)
Vulnerability from cvelistv5
Published
2014-07-22 20:00
Modified
2024-08-06 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:34:36.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030604"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "citrix-xenserver-cve20144947-bo(94631)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94631"
},
{
"name": "68659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68659"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "60027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030604"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "citrix-xenserver-cve20144947-bo(94631)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94631"
},
{
"name": "68659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68659"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the HVM graphics console support in Citrix XenServer 6.2 Service Pack 1 and earlier has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60027"
},
{
"name": "1030604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030604"
},
{
"name": "http://support.citrix.com/article/CTX140984",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX140984"
},
{
"name": "citrix-xenserver-cve20144947-bo(94631)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94631"
},
{
"name": "68659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68659"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4947",
"datePublished": "2014-07-22T20:00:00",
"dateReserved": "2014-07-14T00:00:00",
"dateUpdated": "2024-08-06T11:34:36.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9637 (GCVE-0-2016-9637)
Vulnerability from cvelistv5
Published
2017-02-16 18:00
Modified
2024-08-06 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94699"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX219136"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-199.html"
},
{
"name": "1037397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037397"
},
{
"name": "RHSA-2016:2963",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2963.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-07T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94699"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX219136"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-199.html"
},
{
"name": "1037397",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037397"
},
{
"name": "RHSA-2016:2963",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2963.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) ioport_read and (2) ioport_write functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94699"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "https://support.citrix.com/article/CTX219136",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX219136"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-199.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-199.html"
},
{
"name": "1037397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037397"
},
{
"name": "RHSA-2016:2963",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2963.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9637",
"datePublished": "2017-02-16T18:00:00",
"dateReserved": "2016-11-23T00:00:00",
"dateUpdated": "2024-08-06T02:59:03.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9603 (GCVE-0-2016-9603)
Vulnerability from cvelistv5
Published
2018-07-27 21:00
Modified
2024-08-06 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:02.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96893",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96893"
},
{
"name": "RHSA-2017:0983",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0983"
},
{
"name": "RHSA-2017:0982",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0982"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "GLSA-201706-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"name": "RHSA-2017:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1206"
},
{
"name": "1038023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038023"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX221578"
},
{
"name": "RHSA-2017:0985",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0985"
},
{
"name": "RHSA-2017:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0987"
},
{
"name": "RHSA-2017:0984",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0984"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0988"
},
{
"name": "RHSA-2017:1441",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603"
},
{
"name": "RHSA-2017:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"name": "RHSA-2017:0980",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"name": "RHSA-2017:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Qemu:",
"vendor": "QEMU",
"versions": [
{
"status": "affected",
"version": "2.9"
}
]
}
],
"datePublic": "2017-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow flaw was found in QEMU\u0027s Cirrus CLGD 54xx VGA emulator\u0027s VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-07T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "96893",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96893"
},
{
"name": "RHSA-2017:0983",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0983"
},
{
"name": "RHSA-2017:0982",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0982"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "GLSA-201706-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"name": "RHSA-2017:1206",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1206"
},
{
"name": "1038023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038023"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX221578"
},
{
"name": "RHSA-2017:0985",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0985"
},
{
"name": "RHSA-2017:0987",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0987"
},
{
"name": "RHSA-2017:0984",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0984"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0988",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0988"
},
{
"name": "RHSA-2017:1441",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603"
},
{
"name": "RHSA-2017:0981",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"name": "RHSA-2017:0980",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"name": "RHSA-2017:1205",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Qemu:",
"version": {
"version_data": [
{
"version_value": "2.9"
}
]
}
}
]
},
"vendor_name": "QEMU"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow flaw was found in QEMU\u0027s Cirrus CLGD 54xx VGA emulator\u0027s VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.5/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
],
[
{
"vectorString": "4.9/AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96893"
},
{
"name": "RHSA-2017:0983",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0983"
},
{
"name": "RHSA-2017:0982",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0982"
},
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "GLSA-201706-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-03"
},
{
"name": "RHSA-2017:1206",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1206"
},
{
"name": "1038023",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038023"
},
{
"name": "https://support.citrix.com/article/CTX221578",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX221578"
},
{
"name": "RHSA-2017:0985",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0985"
},
{
"name": "RHSA-2017:0987",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0987"
},
{
"name": "RHSA-2017:0984",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0984"
},
{
"name": "[debian-lts-announce] 20180206 [SECURITY] [DLA 1270-1] xen security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html"
},
{
"name": "RHSA-2017:0988",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0988"
},
{
"name": "RHSA-2017:1441",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1441"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9603"
},
{
"name": "RHSA-2017:0981",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0981"
},
{
"name": "RHSA-2017:0980",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0980"
},
{
"name": "RHSA-2017:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1205"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9603",
"datePublished": "2018-07-27T21:00:00",
"dateReserved": "2016-11-23T00:00:00",
"dateUpdated": "2024-08-06T02:59:02.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9381 (GCVE-0-2016-9381)
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-06 02:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:50:37.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xenbits.xen.org/xsa/advisory-197.html"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94476",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "1037344",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xenbits.xen.org/xsa/advisory-197.html"
},
{
"name": "GLSA-201612-56",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94476",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "1037344",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xenbits.xen.org/xsa/advisory-197.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-197.html"
},
{
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94476"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "1037344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9381",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2016-11-17T00:00:00",
"dateUpdated": "2024-08-06T02:50:37.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}