This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xen First view 2009-05-22
Product Xen Last view 2024-01-05
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:* 275
cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:* 263
cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:* 248
cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:* 247
cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:* 246
cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:* 246
cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:* 245
cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:* 244
cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:* 238
cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:* 238
cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:* 233
cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:* 231
cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:* 230
cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:* 229
cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:* 229
cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:* 229
cpe:2.3:o:xen:xen:4.0.2:*:*:*:*:*:*:* 228
cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:* 228
cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:* 227
cpe:2.3:o:xen:xen:4.1.6.1:*:*:*:*:*:*:* 218
cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:* 217
cpe:2.3:o:xen:xen:3.4.1:*:*:*:*:*:*:* 215
cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:* 215
cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:* 215
cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:* 215
cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:* 214
cpe:2.3:o:xen:xen:3.3.0:*:*:*:*:*:*:* 210
cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:* 209
cpe:2.3:o:xen:xen:3.3.1:*:*:*:*:*:*:* 207
cpe:2.3:o:xen:xen:3.3.2:*:*:*:*:*:*:* 206
cpe:2.3:o:xen:xen:4.4.0:rc1:*:*:*:*:*:* 202
cpe:2.3:o:xen:xen:3.2.3:*:*:*:*:*:*:* 200
cpe:2.3:o:xen:xen:3.2.2:*:*:*:*:*:*:* 200
cpe:2.3:o:xen:xen:3.2.1:*:*:*:*:*:*:* 200
cpe:2.3:o:xen:xen:3.2.0:*:*:*:*:*:*:* 199
cpe:2.3:o:xen:xen:*:*:*:*:*:*:x86:* 195
cpe:2.3:o:xen:xen:4.3.2:*:*:*:*:*:*:* 193
cpe:2.3:o:xen:xen:4.3.4:*:*:*:*:*:*:* 191
cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:* 191
cpe:2.3:o:xen:xen:3.1.4:*:*:*:*:*:*:* 191
cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:* 191
cpe:2.3:o:xen:xen:3.1.3:*:*:*:*:*:*:* 191
cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:* 189
cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:* 189
cpe:2.3:o:xen:xen:3.0.4:*:*:*:*:*:*:* 188
cpe:2.3:o:xen:xen:3.0.2:*:*:*:*:*:*:* 187
cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:* 187
cpe:2.3:o:xen:xen:*:*:*:*:*:*:arm:* 187
cpe:2.3:o:xen:xen:2.2.0:*:*:*:*:*:*:* 186
cpe:2.3:o:xen:xen:4.1.6:*:*:*:*:*:*:* 186

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
3.3 2024-01-05 CVE-2023-46837

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest.

Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory.

This undefined behavior was meant to be addressed by XSA-437, but the approach was not sufficient.

4.7 2024-01-05 CVE-2023-46836

The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled.

However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupts enabled on two entry paths; one unconditionally, and one conditionally on whether XPTI was active.

As BTC/SRSO and Meltdown affect different CPU vendors, the mitigations are not active together by default. Therefore, there is a race condition whereby a malicious PV guest can bypass BTC/SRSO protections and launch a BTC/SRSO attack against Xen.

5.5 2024-01-05 CVE-2023-46835

The current setup of the quarantine page tables assumes that the quarantine domain (dom_io) has been initialized with an address width of DEFAULT_DOMAIN_ADDRESS_WIDTH (48) and hence 4 page table levels.

However dom_io being a PV domain gets the AMD-Vi IOMMU page tables levels based on the maximum (hot pluggable) RAM address, and hence on systems with no RAM above the 512GB mark only 3 page-table levels are configured in the IOMMU.

On systems without RAM above the 512GB boundary amd_iommu_quarantine_init() will setup page tables for the scratch page with 4 levels, while the IOMMU will be configured to use 3 levels only, resulting in the last page table directory (PDE) effectively becoming a page table entry (PTE), and hence a device in quarantine mode gaining write access to the page destined to be a PDE.

Due to this page table level mismatch, the sink page the device gets read/write access to is no longer cleared between device assignment, possibly leading to data leaks.

5.5 2024-01-05 CVE-2023-34328

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]

AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions.

Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service.

1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of
a previous vCPUs debug mask state.

2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT.
This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock
up the CPU entirely.

5.5 2024-01-05 CVE-2023-34327

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]

AMD CPUs since ~2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions.

Unfortunately there are errors in Xen's handling of the guest state, leading to denials of service.

1) CVE-2023-34327 - An HVM vCPU can end up operating in the context of
a previous vCPUs debug mask state.

2) CVE-2023-34328 - A PV vCPU can place a breakpoint over the live GDT.
This allows the PV vCPU to exploit XSA-156 / CVE-2015-8104 and lock
up the CPU entirely.

7.8 2024-01-05 CVE-2023-34326

The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed.

Such stale DMA mappings can point to memory ranges not owned by the guest, thus allowing access to unindented memory regions.

7.8 2024-01-05 CVE-2023-34325

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]

libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks.

Pygrub runs as the same user as the toolstack (root in a priviledged domain).

At least one issue has been reported to the Xen Security Team that allows an attacker to trigger a stack buffer overflow in libfsimage. After further analisys the Xen Security Team is no longer confident in the suitability of libfsimage when run against guest controlled input with super user priviledges.

In order to not affect current deployments that rely on pygrub patches are provided in the resolution section of the advisory that allow running pygrub in deprivileged mode.

CVE-2023-4949 refers to the original issue in the upstream grub project ("An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.") CVE-2023-34325 refers specifically to the vulnerabilities in Xen's copy of libfsimage, which is decended from a very old version of grub.

4.9 2024-01-05 CVE-2023-34324

Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest.

The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable.

Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn't use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn't block further readers to get the lock).

5.5 2024-01-05 CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction.

Unfortunately, some versions of C Xenstored are assuming that the quota cannot be negative and are using assert() to confirm it. This will lead to C Xenstored crash when tools are built without -DNDEBUG (this is the default).

7.8 2024-01-05 CVE-2023-34322

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Since Xen itself needs to be mapped when PV guests run, Xen and shadowed PV guests run directly the respective shadow page tables. For 64-bit PV guests this means running on the shadow of the guest root page table.

In the course of dealing with shortage of memory in the shadow pool associated with a domain, shadows of page tables may be torn down. This tearing down may include the shadow root page table that the CPU in question is presently running on. While a precaution exists to supposedly prevent the tearing down of the underlying live page table, the time window covered by that precaution isn't large enough.

3.3 2024-01-05 CVE-2023-34321

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a guest.

Unfortunately, the arithmetics in the helpers can overflow and would then result to skip the cache cleaning/invalidation. Therefore there is no guarantee when all the writes will reach the memory.

6.7 2023-11-10 CVE-2023-4949

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.

7.8 2023-09-22 CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the driver.

6.5 2023-08-11 CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5 2023-08-08 CVE-2023-20588

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.Â

5.5 2023-07-24 CVE-2023-20593

An issue in “Zen 2†CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

8.8 2023-06-07 CVE-2022-4949

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ajax_upload' function in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers with Contributor+ level privileges to upload arbitrary files on the affected sites server which makes remote code execution possible.

3.3 2023-05-17 CVE-2022-42336

Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active.

7.8 2023-04-25 CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed through to cause the hypervisor to access an arbitrary pointer partially under guest control.

6.5 2023-03-21 CVE-2022-42334

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).

8.6 2023-03-21 CVE-2022-42333

x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).

7.8 2023-03-21 CVE-2022-42332

x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.

5.5 2023-03-21 CVE-2022-42331

x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.

7.5 2023-01-26 CVE-2022-42330

Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact.

5.5 2022-11-09 CVE-2022-23824

IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
12% (49) CWE-20 Improper Input Validation
12% (46) CWE-264 Permissions, Privileges, and Access Controls
7% (30) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (29) CWE-362 Race Condition
7% (28) CWE-399 Resource Management Errors
7% (28) CWE-200 Information Exposure
4% (17) CWE-770 Allocation of Resources Without Limits or Throttling
2% (10) CWE-787 Out-of-bounds Write
2% (10) CWE-476 NULL Pointer Dereference
2% (10) CWE-284 Access Control (Authorization) Issues
2% (9) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
2% (9) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (9) CWE-17 Code
2% (8) CWE-459 Incomplete Cleanup
1% (7) CWE-755 Improper Handling of Exceptional Conditions
1% (7) CWE-189 Numeric Errors
1% (6) CWE-416 Use After Free
1% (6) CWE-269 Improper Privilege Management
1% (5) CWE-682 Incorrect Calculation
1% (4) CWE-212 Improper Cross-boundary Removal of Sensitive Data
0% (3) CWE-404 Improper Resource Shutdown or Release
0% (3) CWE-254 Security Features
0% (3) CWE-203 Information Exposure Through Discrepancy
0% (3) CWE-125 Out-of-bounds Read
0% (3) CWE-16 Configuration

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:10313 The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to...
oval:org.mitre.oval:def:19861 DSA-2508-1 kfreebsd-8 - privilege escalation
oval:org.mitre.oval:def:19281 CRITICAL PATCH UPDATE OCTOBER 2012
oval:org.mitre.oval:def:15596 User Mode Scheduler Memory Corruption Vulnerability (CVE-2012-0217)
oval:org.mitre.oval:def:21551 RHSA-2012:1130: xen security update (Moderate)
oval:org.mitre.oval:def:23412 ELSA-2012:1130: xen security update (Moderate)
oval:org.mitre.oval:def:27844 DEPRECATED: ELSA-2012-1130 -- xen security update (moderate)
oval:org.mitre.oval:def:20953 RHSA-2013:0241: xen security update (Moderate)
oval:org.mitre.oval:def:23430 ELSA-2013:0241: xen security update (Moderate)
oval:org.mitre.oval:def:25518 SUSE-SU-2014:0411-1 -- Security update for Xen
oval:org.mitre.oval:def:26932 DEPRECATED: ELSA-2013-0241 -- xen security update (moderate)
oval:org.mitre.oval:def:17653 DSA-2544-1 xen - denial of service
oval:org.mitre.oval:def:25115 SUSE-SU-2014:0446-1 -- Security update for Xen
oval:org.mitre.oval:def:21575 RHSA-2012:1234: qemu-kvm security update (Important)
oval:org.mitre.oval:def:21464 RHSA-2012:1235: kvm security update (Important)
oval:org.mitre.oval:def:21145 RHSA-2012:1236: xen security update (Important)
oval:org.mitre.oval:def:19980 DSA-2545-1 qemu - multiple
oval:org.mitre.oval:def:18326 DSA-2542-1 qemu-kvm - multiple
oval:org.mitre.oval:def:18182 USN-1590-1 -- qemu-kvm vulnerability
oval:org.mitre.oval:def:23955 ELSA-2012:1234: qemu-kvm security update (Important)
oval:org.mitre.oval:def:22996 ELSA-2012:1236: xen security update (Important)
oval:org.mitre.oval:def:22862 ELSA-2012:1235: kvm security update (Important)
oval:org.mitre.oval:def:27797 DEPRECATED: ELSA-2012-1236 -- xen security update (important)
oval:org.mitre.oval:def:27721 DEPRECATED: ELSA-2012-1234 -- qemu-kvm security update (important)
oval:org.mitre.oval:def:27565 DEPRECATED: ELSA-2012-1235 -- kvm security update (important)

Open Source Vulnerability Database (OSVDB)

id Description
75279 Qemu hw/scsi-disk.c scsi_disk_emulate_command() Function Command Parsing Loca...
75241 Linux Kernel SAHF Instruction Emulation Remote DoS
74873 Xen x86_64__addr_ok() Macro Off-by-one Unprivileged Local Host DoS
74868 Xen VM Exit CPUID Instruction Emulation Handling Unprivileged Local DoS
74656 Linux Kernel Xen Hypervisor Implementation SMP Guest Malicious User Process L...
74629 Xen DMA Request Parsing IOMMU Fault Local DoS
71331 Xen xen/arch/x86/domain.c arch_set_info_guest() Pagetable Local DoS
54474 Xen arch/i386/kernel/entry-xen.S hypervisor_callback() Function Local DoS

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities)
File : nvt/deb_2582_1.nasl
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14 Name : Fedora Update for xen FEDORA-2012-19717
File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13 Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN)
File : nvt/gb_suse_2012_1572_1.nasl
2012-12-13 Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen)
File : nvt/gb_suse_2012_0886_1.nasl
2012-12-13 Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu)
File : nvt/gb_suse_2012_1170_1.nasl
2012-12-13 Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security)
File : nvt/gb_suse_2012_1172_1.nasl
2012-12-13 Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security)
File : nvt/gb_suse_2012_1174_1.nasl
2012-12-06 Name : RedHat Update for kernel RHSA-2012:1540-01
File : nvt/gb_RHSA-2012_1540-01_kernel.nasl
2012-12-06 Name : CentOS Update for kernel CESA-2012:1540 centos5
File : nvt/gb_CESA-2012_1540_kernel_centos5.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18242
File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-15 Name : CentOS Update for kernel CESA-2012:1445 centos5
File : nvt/gb_CESA-2012_1445_kernel_centos5.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17204
File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15 Name : RedHat Update for kernel RHSA-2012:1445-01
File : nvt/gb_RHSA-2012_1445-01_kernel.nasl
2012-10-19 Name : Fedora Update for qemu FEDORA-2012-15606
File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl
2012-10-16 Name : Fedora Update for qemu FEDORA-2012-15740
File : nvt/gb_fedora_2012_15740_qemu_fc17.nasl
2012-10-03 Name : Ubuntu Update for qemu-kvm USN-1590-1
File : nvt/gb_ubuntu_USN_1590_1.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13434
File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-09-15 Name : Debian Security Advisory DSA 2542-1 (qemu-kvm)
File : nvt/deb_2542_1.nasl
2012-09-15 Name : Debian Security Advisory DSA 2543-1 (xen-qemu-dm-4.0)
File : nvt/deb_2543_1.nasl
2012-09-15 Name : Debian Security Advisory DSA 2544-1 (xen)
File : nvt/deb_2544_1.nasl
2012-09-15 Name : Debian Security Advisory DSA 2545-1 (qemu)
File : nvt/deb_2545_1.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0202 Citrix XenServer Information Disclosure Vulnerability
Severity: Category I - VMSKEY: V0061343
2015-A-0112 Oracle Linux & Virtualization Buffer Overflow Vulnerability
Severity: Category I - VMSKEY: V0060735
2015-A-0115 QEMU Virtual Floppy Drive Controller (FDC) Buffer Overflow Vulnerability
Severity: Category II - VMSKEY: V0060741
2014-B-0099 Multiple Vulnerabilities in Citrix XenServer
Severity: Category I - VMSKEY: V0053313
2013-B-0048 Multiple Vulnerabilities in Citrix XenServer
Severity: Category I - VMSKEY: V0037950
2012-A-0020 Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity: Category I - VMSKEY: V0031252

Snort® IPS/IDS

Date Description
2019-09-24 OMRON CX-One MCI file stack buffer overflow attempt
RuleID : 51192 - Type : FILE-OTHER - Revision : 1
2019-09-24 OMRON CX-One MCI file stack buffer overflow attempt
RuleID : 51191 - Type : FILE-OTHER - Revision : 1
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46910 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows Interrupt Service Routine stack rollback attempt
RuleID : 46909 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46908 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows processor modification return to user-mode attempt
RuleID : 46907 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46906 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows malicious CONTEXT structure creation attempt
RuleID : 46905 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46904 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-10 Microsoft Windows SYSTEM token stealing attempt
RuleID : 46903 - Type : INDICATOR-COMPROMISE - Revision : 2
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46835 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46834 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows ROP gadget locate attempt
RuleID : 46833 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows ROP gadget locate attempt
RuleID : 46832 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46831 - Type : OS-WINDOWS - Revision : 1
2018-07-03 Microsoft Windows kernel privilege escalation attempt
RuleID : 46830 - Type : OS-WINDOWS - Revision : 1
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34488 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34487 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34486 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34485 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34484 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34483 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34482 - Type : OS-OTHER - Revision : 4
2015-06-23 QEMU floppy disk controller buffer overflow attempt
RuleID : 34481 - Type : OS-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-15 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4369.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-683dfde81a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-73dd8de892.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-8422d94975.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a24754252a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a7862a75f5.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a7ac26523d.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing one or more security updates.
File: fedora_2018-cc812838fb.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-dbebca30d0.nasl - Type: ACT_GATHER_INFO
2018-11-26 Name: A server virtualization platform installed on the remote host is missing a se...
File: citrix_xenserver_CTX239432.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security update.
File: debian_DLA-1577.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f20a0cead5.nasl - Type: ACT_GATHER_INFO
2018-11-09 Name: A server virtualization platform installed on the remote host is missing a se...
File: citrix_xenserver_CTX239100.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL17403481.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Debian host is missing a security update.
File: debian_DLA-1559.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO
2018-10-19 Name: The remote Debian host is missing a security update.
File: debian_DLA-1549.nasl - Type: ACT_GATHER_INFO
2018-10-10 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4313.nasl - Type: ACT_GATHER_INFO
2018-10-04 Name: The remote Debian host is missing a security update.
File: debian_DLA-1531.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4308.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1263.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1270.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Debian host is missing a security update.
File: debian_DLA-1493.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Debian host is missing a security update.
File: debian_DLA-1497.nasl - Type: ACT_GATHER_INFO
2018-09-04 Name: The remote Fedora host is missing a security update.
File: fedora_2018-915602df63.nasl - Type: ACT_GATHER_INFO