xen vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the xen package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2023-46842

<4.16.6-r0
  • L
CVE-2024-31142

<4.16.6-r0
  • L
CVE-2024-2201

<4.16.6-r0
  • L
CVE-2023-46841

<4.16.5-r7
  • L
CVE-2023-28746

<4.16.5-r7
  • L
CVE-2024-2193

<4.16.5-r7
  • L
CVE-2023-46839

<4.16.5-r6
  • L
Out-of-Bounds

<4.16.5-r5
  • M
CVE-2023-46836

<4.16.5-r4
  • M
CVE-2023-46835

<4.16.5-r4
  • M
NULL Pointer Dereference

<4.16.5-r3
  • H
Out-of-bounds Write

<4.16.5-r3
  • M
CVE-2023-34327

<4.16.5-r3
  • H
CVE-2023-34326

<4.16.5-r3
  • M
CVE-2023-34328

<4.16.5-r3
  • M
Divide By Zero

<4.16.5-r2
  • L
Out-of-Bounds

<4.16.5-r1
  • H
Improper Check for Dropped Privileges

<4.16.5-r1
  • M
Information Exposure

<4.16.5-r0
  • M
Information Exposure

<4.16.5-r0
  • M
Improper Locking

<4.16.4-r3
  • M
CVE-2023-20593

<4.16.4-r1
  • H
Use After Free

<4.16.4-r0
  • H
Allocation of Resources Without Limits or Throttling

<4.16.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.4-r0
  • M
CVE-2022-42331

<4.16.4-r0
  • M
CVE-2022-27672

<4.16.4-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • L
Improper Resource Shutdown or Release

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Memory Leak

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • H
Incomplete Cleanup

<4.16.3-r0
  • M
Improper Handling of Exceptional Conditions

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Memory Leak

<4.16.3-r0
  • M
Improper Resource Shutdown or Release

<4.16.3-r0
  • M
Memory Leak

<4.16.3-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.16.3-r0
  • M
Memory Leak

<4.16.3-r0
  • M
Incomplete Cleanup

<4.16.3-r0
  • M
Uncontrolled Recursion

<4.16.3-r0
  • M
Memory Leak

<4.16.3-r0
  • M
CVE-2022-23824

<4.16.2-r0
  • L
CVE-2022-23816

<4.16.1-r6
  • H
Release of Invalid Pointer or Reference

<4.16.1-r6
  • L
CVE-2022-23816

<4.16.1-r5
  • M
Exposure of Resource to Wrong Sphere

<4.16.1-r4
  • L
CVE-2022-23816

<4.16.1-r4
  • M
Improper Cross-boundary Removal of Sensitive Data

<4.16.1-r4
  • H
Improper Cross-boundary Removal of Sensitive Data

<4.16.1-r3
  • H
Information Exposure

<4.16.1-r3
  • H
Memory Leak

<4.16.1-r3
  • H
Information Exposure

<4.16.1-r3
  • M
Incomplete Cleanup

<4.16.1-r2
  • M
Incomplete Cleanup

<4.16.1-r2
  • M
Incomplete Cleanup

<4.16.1-r2
  • M
CVE-2022-26363

<4.16.1-r1
  • M
CVE-2022-26364

<4.16.1-r1
  • M
Race Condition

<4.16.1-r1
  • H
CVE-2022-26359

<4.16.1-r0
  • L
XSA-398

<4.16.1-r0
  • H
CVE-2022-26360

<4.16.1-r0
  • M
Improper Locking

<4.16.1-r0
  • H
CVE-2022-26361

<4.16.1-r0
  • H
Improper Resource Shutdown or Release

<4.16.1-r0
  • H
Race Condition

<4.16.1-r0
  • M
Integer Underflow

<4.16.1-r0
  • M
Incomplete Cleanup

<4.16.1-r0
  • H
CVE-2022-26358

<4.16.1-r0
  • M
Out-of-Bounds

<4.10.0-r1
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
CVE-2021-28703

<4.15.1-r1
  • H
CVE-2021-28708

<4.15.1-r2
  • H
CVE-2021-28707

<4.15.1-r2
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
CVE-2021-28704

<4.15.1-r2
  • H
Improper Privilege Management

<4.15.1-r1
  • H
Improper Privilege Management

<4.15.1-r1
  • H
Improper Privilege Management

<4.15.0-r3
  • M
Allocation of Resources Without Limits or Throttling

<4.15.0-r2
  • H
Improper Privilege Management

<4.15.0-r2
  • M
Improper Authentication

<4.15.0-r2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.15.0-r2
  • M
CVE-2021-28699

<4.15.0-r2
  • M
CVE-2021-28695

<4.15.0-r2
  • M
Incorrect Authorization

<4.15.0-r2
  • M
CVE-2021-28690

<4.15.0-r1
  • M
Information Exposure

<4.15.0-r1
  • H
Improper Privilege Management

<4.15.0-r1
  • M
CVE-2021-28693

<4.15.0-r1
  • M
Missing Initialization of Resource

<4.15.0-r0
  • M
CVE-2021-26933

<4.14.1-r3
  • M
CVE-2021-3308

<4.14.1-r2
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Insufficient Verification of Data Authenticity

<4.14.0-r2
  • H
Improper Privilege Management

<4.14.0-r2
  • H
Race Condition

<4.14.0-r2
  • M
Out-of-Bounds

<4.14.0-r2
  • H
Off-by-one Error

<4.14.0-r3
  • M
NULL Pointer Dereference

<4.14.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Incorrect Permission Assignment for Critical Resource

<4.14.1-r0
  • M
Use After Free

<4.14.1-r0
  • M
Memory Leak

<4.14.1-r0
  • M
Uncontrolled Recursion

<4.14.1-r0
  • M
NULL Pointer Dereference

<4.14.1-r0
  • L
Information Exposure

<4.14.1-r0
  • H
Exposure of Resource to Wrong Sphere

<4.14.1-r0
  • M
Untrusted Search Path

<4.14.1-r0
  • M
Information Exposure

<4.14.0-r2
  • L
XSA-312

<4.13.1-r0
  • M
Resource Exhaustion

<4.14.0-r1
  • M
Out-of-Bounds

<4.14.0-r1
  • H
Race Condition

<4.14.0-r1
  • M
Arbitrary Code Injection

<4.14.0-r1
  • H
Memory Leak

<4.14.0-r1
  • M
Out-of-Bounds

<4.14.0-r1
  • H
Improper Privilege Management

<4.14.0-r1
  • M
Race Condition

<4.14.0-r1
  • M
Always-Incorrect Control Flow Implementation

<4.14.0-r1
  • M
Improper Handling of Exceptional Conditions

<4.14.0-r1
  • M
Out-of-bounds Read

<4.13.1-r5
  • M
Improper Handling of Exceptional Conditions

<4.13.1-r4
  • M
Improper Input Validation

<4.13.1-r4
  • H
Resource Exhaustion

<4.13.1-r4
  • M
Improper Input Validation

<4.13.1-r4
  • H
Race Condition

<4.13.1-r4
  • M
Improper Input Validation

<4.13.0-r0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.13.0-r0
  • H
Improper Input Validation

<4.13.0-r0
  • H
Incorrect Calculation

<4.13.0-r0
  • M
Race Condition

<4.13.0-r0
  • H
Memory Leak

<4.13.0-r0
  • C
Improper Privilege Management

<4.13.0-r0
  • H
Race Condition

<4.13.0-r0
  • H
Off-by-one Error

<4.13.0-r0
  • M
OS Command Injection

<4.13.0-r0
  • H
Incorrect Permission Assignment for Critical Resource

<4.13.0-r0
  • M
Improper Input Validation

<4.13.0-r0
  • M
CVE-2019-11135

<4.13.0-r0
  • M
Information Exposure

<4.13.0-r3
  • H
Out-of-Bounds

<4.13.0-r3
  • M
Improper Handling of Exceptional Conditions

<4.13.0-r3
  • M
CVE-2020-11742

<4.13.0-r3
  • M
Information Exposure

<4.13.1-r3
  • H
Out-of-bounds Read

<4.9.0-r4
  • M
NULL Pointer Dereference

<4.9.0-r4
  • M
Race Condition

<4.9.0-r4
  • H
CVE-2017-14319

<4.9.0-r4
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.12.1-r0
  • H
CVE-2017-8903

<4.8.1-r2
  • M
Information Exposure

<4.11.0-r0
  • H
CVE-2017-8904

<4.8.1-r2
  • M
CVE-2018-12893

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • C
Information Exposure

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • M
Information Exposure

<4.11.0-r0
  • M
Information Exposure

<4.12.0-r2
  • H
Access Restriction Bypass

<4.7.1-r1
  • M
CVE-2019-11091

<4.12.0-r2
  • H
Access Restriction Bypass

<4.7.1-r1
  • M
Improper Input Validation

<4.7.1-r1
  • M
Information Exposure

<4.7.1-r1
  • H
Improper Input Validation

<4.7.1-r1
  • M
Incorrect Calculation

<4.7.1-r1
  • M
Improper Access Control

<4.7.1-r1
  • H
Race Condition

<4.7.1-r1
  • H
Improper Input Validation

<4.7.1-r1
  • H
Improper Access Control

<4.7.0-r0
  • H
CVE-2017-15590

<4.9.0-r6
  • H
Improper Input Validation

<4.7.1-r1
  • M
Improper Input Validation

<4.7.0-r0
  • L
Information Exposure

<4.7.1-r3
  • M
Resource Exhaustion

<4.7.0-r0
  • M
Information Exposure

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Resource Exhaustion

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Race Condition

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • M
Missing Release of Resource after Effective Lifetime

<4.9.0-r6
  • M
Improper Access Control

<4.7.1-r3
  • H
Exposure of Resource to Wrong Sphere

<4.9.0-r6
  • M
Race Condition

<4.7.0-r5
  • H
CVE-2017-15594

<4.9.0-r6
  • M
Resource Exhaustion

<4.11.1-r0
  • M
Incorrect Authorization

<4.11.1-r0
  • M
Resource Exhaustion

<4.11.1-r0
  • C
Out-of-Bounds

<4.9.0-r7
  • M
Information Exposure

<4.11.1-r0
  • C
Out-of-Bounds

<4.7.2-r0
  • M
CVE-2018-3646

<4.11.1-r0
  • H
Improper Validation of Array Index

<4.7.2-r0
  • M
Resource Exhaustion

<4.10.0-r2
  • H
Incomplete Cleanup

<4.11.1-r0
  • M
Improper Input Validation

<4.7.1-r4
  • H
CVE-2018-7541

<4.10.0-r2
  • H
Information Exposure

<4.11.1-r0
  • M
NULL Pointer Dereference

<4.7.1-r4
  • M
NULL Pointer Dereference

<4.10.0-r2
  • H
Reachable Assertion

<4.11.1-r0
  • H
Access Restriction Bypass

<4.7.1-r4
  • M
CVE-2018-19964

<4.11.1-r0
  • H
NULL Pointer Dereference

<4.11.1-r0
  • M
CVE-2018-19965

<4.11.1-r0
  • H
Interpretation Conflict

<4.11.1-r0
  • M
Improper Input Validation

<4.11.1-r0
  • C
Out-of-bounds Read

<4.7.1-r5
  • C
Out-of-bounds Read

<4.7.1-r5
  • M
Information Exposure

<4.10.1-r0
  • M
Out-of-bounds Write

<4.10.1-r0
  • M
Information Exposure

<4.9.0-r0
  • C
CVE-2017-10912

<4.9.0-r0
  • C
CVE-2017-10913

<4.9.0-r0
  • H
Race Condition

<4.9.0-r0
  • C
Race Condition

<4.9.0-r0
  • H
Information Exposure

<4.9.0-r0
  • C
NULL Pointer Dereference

<4.9.0-r0
  • C
Improper Input Validation

<4.9.0-r0
  • M
CVE-2017-10919

<4.9.0-r0
  • C
Out-of-Bounds

<4.9.0-r0
  • C
Out-of-Bounds

<4.9.0-r0
  • H
Resource Exhaustion

<4.9.0-r0
  • M
Improper Input Validation

<4.9.0-r0
  • H
Race Condition

<4.10.1-r1
  • H
CVE-2018-10982

<4.10.1-r1
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.10.1-r1
  • H
Incorrect Calculation

<4.9.0-r1
  • H
Buffer Overflow

<4.9.0-r1
  • H
Race Condition

<4.9.0-r1
  • M
Information Exposure

<4.9.0-r1
  • H
Access Restriction Bypass

<4.7.0-r1
  • H
Access Restriction Bypass

<4.7.0-r1
  • M
Out-of-Bounds

<4.7.0-r1
  • L
XSA-254

<4.10.0-r1
  • M
CVE-2018-12891

<4.11.0-r0
  • L
XSA-249

<4.10.0-r1
  • L
XSA-250

<4.10.0-r1
  • L
XSA-238

<4.9.0-r6
  • L
XSA-246

<4.9.1-r1
  • L
XSA-247

<4.9.1-r1
  • L
XSA-235

<4.9.0-r2
  • L
XSA-248

<4.10.0-r1
  • L
XSA-251

<4.10.0-r1
  • L
XSA-245

<4.9.0-r5
  • L
XSA-207

<4.7.1-r5
  • L
XSA-210

<4.7.1-r5