Homepage

xen vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the xen package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2024-36350

<4.20.1-r0
  • L
CVE-2025-27465

<4.20.1-r0
  • L
CVE-2024-36357

<4.20.1-r0
  • L
XSA-247

<4.9.1-r1
  • H
CVE-2017-15590

<4.9.0-r6
  • M
NULL Pointer Dereference

<4.9.0-r4
  • H
CVE-2017-14319

<4.9.0-r4
  • H
Improper Validation of Array Index

<4.7.2-r0
  • M
Improper Access Control

<4.7.1-r3
  • C
Out-of-Bounds

<4.7.2-r0
  • M
Improper Access Control

<4.7.1-r3
  • H
Improper Input Validation

<4.7.1-r1
  • H
Improper Input Validation

<4.7.1-r1
  • H
Improper Access Control

<4.7.0-r0
  • M
Resource Exhaustion

<4.7.0-r0
  • H
Access Restriction Bypass

<4.7.1-r1
  • L
CVE-2024-2193

<4.18.0-r5
  • L
CVE-2023-28746

<4.18.0-r5
  • L
Out-of-Bounds

<4.18.0-r2
  • L
CVE-2023-46839

<4.18.0-r3
  • L
CVE-2022-42336

<4.17.1-r1
  • M
CVE-2022-42331

<4.17.0-r5
  • H
NULL Pointer Dereference

<4.17.0-r5
  • H
Allocation of Resources Without Limits or Throttling

<4.17.0-r5
  • L
Improper Resource Shutdown or Release

<4.17.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • H
CVE-2017-15594

<4.9.0-r6
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • M
Information Exposure

<4.9.0-r0
  • H
Exposure of Resource to Wrong Sphere

<4.9.0-r6
  • C
CVE-2017-10913

<4.9.0-r0
  • M
CVE-2022-26363

<4.16.1-r2
  • H
CVE-2022-26358

<4.16.1-r0
  • H
CVE-2022-26360

<4.16.1-r0
  • H
Buffer Overflow

<4.9.0-r1
  • M
Improper Locking

<4.16.1-r0
  • H
Access Restriction Bypass

<4.7.1-r1
  • M
Improper Input Validation

<4.9.0-r0
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
CVE-2021-28704

<4.15.1-r2
  • M
Allocation of Resources Without Limits or Throttling

<4.15.0-r2
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.15.0-r2
  • M
NULL Pointer Dereference

<4.14.1-r0
  • H
Race Condition

<4.7.1-r1
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Resource Exhaustion

<4.9.0-r6
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • M
NULL Pointer Dereference

<4.17.2-r3
  • M
Out-of-Bounds

<4.14.0-r2
  • M
Divide By Zero

<4.17.2-r2
  • M
Memory Leak

<4.14.1-r0
  • H
Off-by-one Error

<4.14.0-r3
  • H
Memory Leak

<4.14.0-r1
  • H
Resource Exhaustion

<4.9.0-r0
  • L
Out-of-Bounds

<4.17.2-r1
  • H
Improper Check for Dropped Privileges

<4.17.2-r1
  • L
CVE-2023-46841

<4.18.0-r4
  • M
Out-of-Bounds

<4.14.0-r1
  • M
Out-of-bounds Read

<4.13.1-r5
  • C
Improper Input Validation

<4.9.0-r0
  • M
Improper Input Validation

<4.7.1-r4
  • H
Race Condition

<4.9.0-r6
  • M
Race Condition

<4.9.0-r4
  • H
Out-of-bounds Read

<4.9.0-r4
  • M
Always-Incorrect Control Flow Implementation

<4.14.0-r1
  • M
CVE-2022-27672

<4.17.0-r2
  • M
NULL Pointer Dereference

<4.7.1-r4
  • L
XSA-235

<4.9.0-r2
  • M
Improper Access Control

<4.7.1-r3
  • L
Information Exposure

<4.7.1-r3
  • L
XSA-246

<4.9.1-r1
  • C
NULL Pointer Dereference

<4.9.0-r0
  • M
Memory Leak

<4.17.0-r0
  • H
Incorrect Calculation

<4.9.0-r1
  • H
Race Condition

<4.9.0-r0
  • C
Out-of-Bounds

<4.9.0-r7
  • H
Information Exposure

<4.9.0-r0
  • L
XSA-210

<4.7.1-r5
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • M
CVE-2017-10919

<4.9.0-r0
  • M
Out-of-Bounds

<4.7.0-r1
  • L
XSA-238

<4.9.0-r6
  • H
Improper Input Validation

<4.7.1-r1
  • H
CVE-2017-8904

<4.8.1-r2
  • M
Missing Release of Resource after Effective Lifetime

<4.9.0-r6
  • M
Improper Cross-boundary Removal of Sensitive Data

<4.16.1-r5
  • M
Improper Handling of Exceptional Conditions

<4.17.0-r0
  • M
Information Exposure

<4.9.0-r6
  • L
XSA-207

<4.7.1-r5
  • L
XSA-245

<4.9.0-r5
  • M
CVE-2018-19964

<4.11.1-r0
  • C
Information Exposure

<4.11.0-r0
  • H
Access Restriction Bypass

<4.7.0-r1
  • M
Incorrect Calculation

<4.7.1-r1
  • L
CVE-2024-2201

<4.18.2-r0
  • M
Incomplete Cleanup

<4.16.1-r3
  • L
CVE-2023-46842

<4.18.2-r0
  • C
Race Condition

<4.9.0-r0
  • M
Exposure of Resource to Wrong Sphere

<4.16.1-r5
  • L
CVE-2024-45817

<4.19.0-r0
  • M
CVE-2023-34328

<4.17.2-r3
  • M
Information Exposure

<4.10.1-r0
  • M
Improper Input Validation

<4.7.0-r0
  • M
CVE-2023-46835

<4.17.2-r4
  • M
NULL Pointer Dereference

<4.10.0-r2
  • M
CVE-2023-46836

<4.17.2-r4
  • L
XSA-248

<4.10.0-r1
  • M
CVE-2023-34327

<4.17.2-r3
  • H
Memory Leak

<4.16.1-r4
  • L
CVE-2024-45819

<4.19.0-r1
  • H
Access Restriction Bypass

<4.7.0-r1
  • C
Out-of-Bounds

<4.9.0-r0
  • L
CVE-2024-31143

<4.19.0-r0
  • C
Out-of-bounds Read

<4.7.1-r5
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • C
Out-of-bounds Read

<4.7.1-r5
  • H
Improper Privilege Management

<4.15.1-r1
  • M
Improper Access Control

<4.7.1-r3
  • M
Improper Input Validation

<4.7.1-r1
  • H
Improper Privilege Management

<4.15.0-r3
  • L
XSA-249

<4.10.0-r1
  • M
CVE-2021-3308

<4.14.1-r2
  • L
CVE-2024-45818

<4.19.0-r1
  • H
Exposure of Resource to Wrong Sphere

<4.14.1-r0
  • L
CVE-2024-28956

<4.20.0-r1
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • M
Memory Leak

<4.17.0-r0
  • L
CVE-2024-31142

<4.18.2-r0
  • H
Out-of-bounds Write

<4.17.2-r3
  • H
CVE-2023-34326

<4.17.2-r3
  • L
CVE-2025-1713

<4.19.1-r1
  • M
Memory Leak

<4.17.0-r0
  • M
Resource Exhaustion

<4.14.0-r1
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • L
CVE-2024-31145

<4.19.0-r0
  • M
Memory Leak

<4.17.0-r0
  • M
Information Exposure

<4.9.0-r1
  • M
Incorrect Conversion between Numeric Types

<4.17.0-r0
  • M
Race Condition

<4.14.0-r1
  • H
Improper Privilege Management

<4.14.0-r1
  • H
Race Condition

<4.9.0-r1
  • M
Uncontrolled Recursion

<4.17.0-r0
  • H
Information Exposure

<4.16.1-r4
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • H
Release of Invalid Pointer or Reference

<4.16.2-r1
  • M
Improper Input Validation

<4.13.1-r4
  • M
Information Exposure

<4.13.1-r3
  • H
Use After Free

<4.17.0-r5
  • H
CVE-2022-42330

<4.17.0-r2
  • M
Improper Locking

<4.17.1-r5
  • H
Race Condition

<4.13.1-r4
  • M
Allocation of Resources Without Limits or Throttling

<4.17.0-r0
  • H
Memory Leak

<4.13.0-r0
  • M
CVE-2023-20593

<4.17.1-r3
  • H
Information Exposure

<4.16.1-r4
  • L
XSA-398

<4.16.1-r0
  • H
Improper Input Validation

<4.13.0-r0
  • H
CVE-2022-26361

<4.16.1-r0
  • C
Improper Privilege Management

<4.13.0-r0
  • H
CVE-2022-33745

<4.16.1-r6
  • H
CVE-2017-8903

<4.8.1-r2
  • H
Off-by-one Error

<4.13.0-r0
  • H
CVE-2022-26359

<4.16.1-r0
  • M
Incomplete Cleanup

<4.16.1-r0
  • H
Interpretation Conflict

<4.11.1-r0
  • M
Out-of-Bounds

<4.14.0-r1
  • M
CVE-2021-28693

<4.15.0-r1
  • C
Out-of-Bounds

<4.9.0-r0
  • M
CVE-2018-12893

<4.11.0-r0
  • M
Information Exposure

<4.15.0-r1
  • M
Incomplete Cleanup

<4.16.1-r3
  • C
CVE-2017-10912

<4.9.0-r0
  • H
Incomplete Cleanup

<4.11.1-r0
  • M
Incomplete Cleanup

<4.16.1-r3
  • M
Use After Free

<4.14.1-r0
  • M
Information Exposure

<4.11.0-r0
  • M
CVE-2021-28699

<4.15.0-r2
  • M
Improper Access Control

<4.7.1-r1
  • H
CVE-2021-28708

<4.15.1-r2
  • M
CVE-2021-28695

<4.15.0-r2
  • M
Information Exposure

<4.7.1-r1
  • M
Integer Underflow

<4.16.1-r0
  • M
Incorrect Authorization

<4.15.0-r2
  • H
Access Restriction Bypass

<4.7.1-r4
  • M
Race Condition

<4.7.0-r5
  • H
Improper Privilege Management

<4.15.0-r1
  • H
Race Condition

<4.16.1-r0
  • H
Improper Resource Shutdown or Release

<4.16.1-r0
  • M
Information Exposure

<4.13.0-r3
  • L
Information Exposure

<4.14.1-r0
  • M
CVE-2019-11135

<4.13.0-r0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.13.0-r0
  • H
Incorrect Permission Assignment for Critical Resource

<4.14.1-r0
  • H
Incorrect Permission Assignment for Critical Resource

<4.13.0-r0
  • H
Incorrect Calculation

<4.13.0-r0
  • L
XSA-312

<4.13.1-r0
  • H
Improper Handling of Exceptional Conditions

<4.15.1-r2
  • H
Race Condition

<4.14.0-r2
  • H
CVE-2021-28707

<4.15.1-r2
  • M
CVE-2021-28690

<4.15.0-r1
  • M
Information Exposure

<4.17.2-r0
  • H
Insufficient Verification of Data Authenticity

<4.14.0-r2
  • M
CVE-2021-26933

<4.14.1-r3
  • H
NULL Pointer Dereference

<4.11.1-r0
  • H
Resource Exhaustion

<4.13.1-r4
  • M
Allocation of Resources Without Limits or Throttling

<4.14.1-r0
  • H
Information Exposure

<4.11.1-r0
  • M
Improper Input Validation

<4.13.1-r4
  • M
Missing Initialization of Resource

<4.15.0-r0
  • M
Memory Leak

<4.17.0-r0
  • H
Race Condition

<4.13.0-r0
  • M
Incomplete Cleanup

<4.17.0-r0
  • M
Uncontrolled Recursion

<4.14.1-r0
  • M
Information Exposure

<4.17.2-r0
  • M
Untrusted Search Path

<4.14.1-r0
  • M
Information Exposure

<4.14.0-r2
  • M
Information Exposure

<4.12.0-r2
  • H
Incomplete Cleanup

<4.17.0-r0
  • M
OS Command Injection

<4.13.0-r0
  • M
NULL Pointer Dereference

<4.14.1-r0
  • M
CVE-2022-23824

<4.16.2-r2
  • H
Race Condition

<4.14.0-r1
  • L
CVE-2022-23816

<4.16.1-r5
  • H
CVE-2022-42327

<4.16.2-r1
  • H
Improper Cross-boundary Removal of Sensitive Data

<4.16.1-r4
  • M
Race Condition

<4.16.1-r2
  • M
Improper Handling of Exceptional Conditions

<4.14.0-r1
  • M
CVE-2022-26364

<4.16.1-r2
  • M
Resource Exhaustion

<4.11.1-r0
  • M
Arbitrary Code Injection

<4.14.0-r1
  • M
Information Exposure

<4.12.0-r2
  • M
Improper Resource Shutdown or Release

<4.17.0-r0
  • M
CVE-2018-19965

<4.11.1-r0
  • H
Improper Privilege Management

<4.15.1-r1
  • M
Race Condition

<4.13.0-r0
  • M
Out-of-Bounds

<4.10.0-r1
  • L
XSA-251

<4.10.0-r1
  • H
CVE-2021-28703

<4.15.1-r1
  • M
Information Exposure

<4.12.0-r2
  • M
Improper Handling of Exceptional Conditions

<4.13.1-r4
  • H
Improper Privilege Management

<4.15.0-r2
  • M
Improper Authentication

<4.15.0-r2
  • M
CVE-2018-3646

<4.11.1-r0
  • M
Incorrect Authorization

<4.11.1-r0
  • M
Improper Handling of Exceptional Conditions

<4.13.0-r3
  • M
Information Exposure

<4.11.1-r0
  • H
Race Condition

<4.10.1-r1
  • M
Resource Exhaustion

<4.10.0-r2
  • H
Improper Privilege Management

<4.14.0-r2
  • L
XSA-254

<4.10.0-r1
  • L
XSA-250

<4.10.0-r1
  • H
CVE-2018-7541

<4.10.0-r2
  • M
Out-of-bounds Write

<4.10.1-r0
  • M
CVE-2020-11742

<4.13.0-r3
  • M
Improper Input Validation

<4.13.0-r0
  • M
Improper Input Validation

<4.13.0-r0
  • H
Out-of-Bounds

<4.13.0-r3
  • M
Improper Input Validation

<4.11.1-r0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.12.1-r0
  • M
Resource Exhaustion

<4.11.1-r0
  • M
CVE-2019-11091

<4.12.0-r2
  • M
CVE-2018-12891

<4.11.0-r0
  • H
Reachable Assertion

<4.11.1-r0
  • H
CVE-2018-10982

<4.10.1-r1
  • M
Information Exposure

<4.11.0-r0
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<4.10.1-r1