xen vulnerabilities

Known vulnerabilities in the xen package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L XSA-312	<4.11.4-r0
M Resource Exhaustion	<4.11.4-r2
M Out-of-Bounds	<4.11.4-r2
H Race Condition	<4.11.4-r2
M Arbitrary Code Injection	<4.11.4-r2
H Memory Leak	<4.11.4-r2
M Out-of-Bounds	<4.11.4-r2
H Improper Privilege Management	<4.11.4-r2
M Race Condition	<4.11.4-r2
M Improper Handling of Exceptional Conditions	<4.11.4-r2
M Out-of-bounds Read	<4.11.4-r1
M Improper Handling of Exceptional Conditions	<4.11.4-r0
M Improper Input Validation	<4.11.4-r0
H Resource Exhaustion	<4.11.4-r0
M Improper Input Validation	<4.11.4-r0
H Race Condition	<4.11.4-r0
M Improper Input Validation	<4.11.3-r0
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.11.3-r1
H Improper Input Validation	<4.11.3-r1
H Incorrect Calculation	<4.11.3-r1
M Race Condition	<4.11.3-r1
H Memory Leak	<4.11.3-r1
C Improper Privilege Management	<4.11.2-r1
H Race Condition	<4.11.2-r1
H Off-by-one Error	<4.11.2-r1
M OS Command Injection	<4.11.2-r1
H Incorrect Permission Assignment for Critical Resource	<4.11.2-r1
M Improper Input Validation	<4.11.2-r1
M CVE-2019-11135	<4.11.2-r1
M Information Exposure	<4.11.3-r2
H Improper Input Validation	<4.11.2-r0
H Out-of-Bounds	<4.11.3-r2
H Race Condition	<4.11.2-r0
M Improper Handling of Exceptional Conditions	<4.11.3-r2
L CVE-2017-17342	<4.11.2-r0
M CVE-2020-11742	<4.11.3-r2
M Improper Input Validation	<4.11.2-r0
M Information Exposure	<4.11.4-r0
H Out-of-bounds Read	<4.9.0-r4
M Improper Input Validation	<4.11.2-r0
M NULL Pointer Dereference	<4.9.0-r4
H Improper Input Validation	<4.11.2-r0
M Race Condition	<4.9.0-r4
H Improper Input Validation	<4.11.2-r0
H CVE-2017-14319	<4.9.0-r4
M Improper Input Validation	<4.11.2-r0
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.11.2-r0
M Use of Externally-Controlled Format String	<4.11.2-r0
H CVE-2017-8903	<4.8.1-r2
M Information Exposure	<4.11.0-r0
H CVE-2017-8904	<4.8.1-r2
M CVE-2018-12893	<4.11.0-r0
M Information Exposure	<4.11.1-r2
C Information Exposure	<4.11.0-r0
M Information Exposure	<4.11.1-r2
M Information Exposure	<4.11.0-r0
M Information Exposure	<4.11.1-r2
H Access Restriction Bypass	<4.7.1-r1
M CVE-2019-11091	<4.11.1-r2
H Access Restriction Bypass	<4.7.1-r1
M Improper Input Validation	<4.7.1-r1
M Information Exposure	<4.7.1-r1
H Improper Input Validation	<4.7.1-r1
M Incorrect Calculation	<4.7.1-r1
M Improper Access Control	<4.7.1-r1
H Race Condition	<4.7.1-r1
H Improper Input Validation	<4.7.1-r1
H Improper Access Control	<4.7.0-r0
H CVE-2017-15590	<4.9.0-r6
H Improper Input Validation	<4.7.1-r1
M Improper Input Validation	<4.7.0-r0
L Information Exposure	<4.7.1-r3
M Resource Exhaustion	<4.7.0-r0
M Information Exposure	<4.9.0-r6
M Improper Access Control	<4.7.1-r3
H Resource Exhaustion	<4.9.0-r6
M Improper Access Control	<4.7.1-r3
H Race Condition	<4.9.0-r6
M Improper Access Control	<4.7.1-r3
M Missing Release of Resource after Effective Lifetime	<4.9.0-r6
M Improper Access Control	<4.7.1-r3
H Exposure of Resource to Wrong Sphere	<4.9.0-r6
M Race Condition	<4.7.0-r5
H CVE-2017-15594	<4.9.0-r6
M Resource Exhaustion	<4.11.1-r0
M Incorrect Authorization	<4.11.1-r0
M Resource Exhaustion	<4.11.1-r0
C Out-of-Bounds	<4.9.0-r7
M Information Exposure	<4.11.1-r0
C Out-of-Bounds	<4.7.2-r0
M CVE-2018-3646	<4.11.1-r0
H Improper Validation of Array Index	<4.7.2-r0
M Resource Exhaustion	<4.10.0-r2
H Incomplete Cleanup	<4.11.1-r0
M Improper Input Validation	<4.7.1-r4
H CVE-2018-7541	<4.10.0-r2
H Information Exposure	<4.11.1-r0
M NULL Pointer Dereference	<4.7.1-r4
M NULL Pointer Dereference	<4.10.0-r2
H Reachable Assertion	<4.11.1-r0
H Access Restriction Bypass	<4.7.1-r4
M CVE-2018-19964	<4.11.1-r0
H NULL Pointer Dereference	<4.11.1-r0
M CVE-2018-19965	<4.11.1-r0
H Interpretation Conflict	<4.11.1-r0
M Improper Input Validation	<4.11.1-r0
C Out-of-bounds Read	<4.7.1-r5
C Out-of-bounds Read	<4.7.1-r5
M Information Exposure	<4.10.1-r0
M Out-of-bounds Write	<4.10.1-r0
M Information Exposure	<4.9.0-r0
C CVE-2017-10912	<4.9.0-r0
C CVE-2017-10913	<4.9.0-r0
H Race Condition	<4.9.0-r0
C Race Condition	<4.9.0-r0
H Information Exposure	<4.9.0-r0
C NULL Pointer Dereference	<4.9.0-r0
C Improper Input Validation	<4.9.0-r0
M CVE-2017-10919	<4.9.0-r0
C Out-of-Bounds	<4.9.0-r0
C Out-of-Bounds	<4.9.0-r0
H Resource Exhaustion	<4.9.0-r0
M Improper Input Validation	<4.9.0-r0
H Race Condition	<4.10.1-r1
H CVE-2018-10982	<4.10.1-r1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.10.1-r1
H Incorrect Calculation	<4.9.0-r1
H Buffer Overflow	<4.9.0-r1
H Race Condition	<4.9.0-r1
M Information Exposure	<4.9.0-r1
H Access Restriction Bypass	<4.7.0-r1
H Access Restriction Bypass	<4.7.0-r1
M Out-of-Bounds	<4.7.0-r1
L CVE-2017-17344	<4.11.2-r0
L XSA-253	<4.10.0-r1
L XSA-254	<4.10.0-r1
M CVE-2018-12891	<4.11.0-r0
L XSA-249	<4.10.0-r1
L XSA-250	<4.10.0-r1
L XSA-238	<4.9.0-r6
L XSA-246	<4.9.1-r1
L XSA-247	<4.9.1-r1
L XSA-235	<4.9.0-r2
L XSA-248	<4.10.0-r1
L XSA-251	<4.10.0-r1
L XSA-245	<4.9.0-r5
L XSA-207	<4.7.1-r5
L XSA-210	<4.7.1-r5

Vulnerability

Vulnerable Version

<4.11.4-r0

<4.11.4-r2

<4.11.4-r2

<4.11.4-r2

Arbitrary Code Injection

<4.11.4-r2