Avoid using access-lint altogether.

xen vulnerabilities

Known vulnerabilities in the xen package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M CVE-2022-26364	*
M CVE-2022-26363	*
M Race Condition	*
M Improper Locking	*
H CVE-2022-26361	*
H CVE-2022-26358	*
H Race Condition	*
H CVE-2022-26359	*
H CVE-2022-26360	*
M Incomplete Cleanup	*
M Integer Underflow	*
H Improper Handling of Exceptional Conditions	*
H CVE-2021-28704	*
H Allocation of Resources Without Limits or Throttling	*
H CVE-2021-28707	*
H Improper Handling of Exceptional Conditions	*
H CVE-2021-28703	*
H CVE-2021-28708	*
H Improper Privilege Management	*
H Improper Privilege Management	*
M CVE-2021-28695	*
M Improper Authentication	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Incorrect Authorization	*
M Exposure of Resource to Wrong Sphere	*
M CVE-2021-28690	*
M Information Exposure	*
H Improper Privilege Management	*
L Out-of-Bounds	*
M CVE-2021-26933	*
M NULL Pointer Dereference	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Uncontrolled Recursion	*
M NULL Pointer Dereference	*
M Memory Leak	*
M Use After Free	*
H Exposure of Resource to Wrong Sphere	*
M Untrusted Search Path	*
L Information Exposure	*
H Incorrect Permission Assignment for Critical Resource	*
M Information Exposure	*
M Out-of-Bounds	*
H Improper Privilege Management	*
H Race Condition	*
H Insufficient Verification of Data Authenticity	*
H Memory Leak	*
M Race Condition	*
M Improper Handling of Exceptional Conditions	*
M Resource Exhaustion	*
M Out-of-Bounds	*
H Race Condition	*
M Out-of-Bounds	*
M Arbitrary Code Injection	*
H Improper Privilege Management	*
M Improper Input Validation	*
H Race Condition	*
M Improper Handling of Exceptional Conditions	*
M Improper Input Validation	*
H Resource Exhaustion	*
H Missing Authorization	*
M Improper Handling of Exceptional Conditions	*
M Information Exposure	*
H Out-of-Bounds	*
M CVE-2020-11742	*
H Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
H Memory Leak	<4.8.5.final+shim4.10.4-1+deb9u12
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.8.5.final+shim4.10.4-1+deb9u12
M Race Condition	<4.8.5.final+shim4.10.4-1+deb9u12
M Out-of-Bounds	<4.8.5.final+shim4.10.4-1+deb9u12
H Incorrect Calculation	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
M CVE-2019-11135	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
H Race Condition	<4.8.5.final+shim4.10.4-1+deb9u12
H Incorrect Permission Assignment for Critical Resource	<4.8.5.final+shim4.10.4-1+deb9u12
M Use of Externally-Controlled Format String	<4.8.5.final+shim4.10.4-1+deb9u12
M OS Command Injection	<4.8.5.final+shim4.10.4-1+deb9u12
H Off-by-one Error	<4.8.5.final+shim4.10.4-1+deb9u12
C Improper Privilege Management	<4.8.5.final+shim4.10.4-1+deb9u12
H Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
H Race Condition	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.8.5.final+shim4.10.4-1+deb9u12
H Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
H Race Condition	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
H Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
M Improper Input Validation	<4.8.5.final+shim4.10.4-1+deb9u12
M Information Exposure	<4.8.5.final+shim4.10.4-1+deb9u12
M CVE-2019-11091	<4.8.5.final+shim4.10.4-1+deb9u12
M Information Exposure	<4.8.5.final+shim4.10.4-1+deb9u12
M Information Exposure	<4.8.5.final+shim4.10.4-1+deb9u12
H Incomplete Cleanup	<4.8.5+shim4.10.2+xsa282-1+deb9u11
H Information Exposure	<4.8.5+shim4.10.2+xsa282-1+deb9u11
M Improper Input Validation	<4.8.5+shim4.10.2+xsa282-1+deb9u11
M CVE-2018-19965	<4.8.5+shim4.10.2+xsa282-1+deb9u11
H Interpretation Conflict	<4.8.5+shim4.10.2+xsa282-1+deb9u11
M Incorrect Authorization	<4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
M Resource Exhaustion	<4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
M Resource Exhaustion	<4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
M Information Exposure	<4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
M CVE-2018-3646	<4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10
C Information Exposure	<4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
M CVE-2018-12891	<4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
M CVE-2018-12893	<4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u9
C Out-of-bounds Read	<4.4.0-1
C Out-of-Bounds	<4.4.0-1
M Information Exposure	<4.8.3+xsa267+shim4.10.1+xsa267-1+deb9u8
M Information Exposure	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7
H CVE-2018-10982	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
M Loop with Unreachable Exit Condition ('Infinite Loop')	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
H Race Condition	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
M Out-of-bounds Write	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
M Information Exposure	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
M NULL Pointer Dereference	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
M Resource Exhaustion	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
H CVE-2018-7541	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u5
M Information Exposure	<4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
M Information Exposure	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u4
H CVE-2017-17566	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1
H Error Handling	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1
M Improper Input Validation	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1
H Out-of-Bounds	<4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1
M Information Exposure	<4.8.2+xsa245-0+deb9u1
H Use After Free	<4.8.2+xsa245-0+deb9u1
M Improper Check for Unusual or Exceptional Conditions	<4.8.2+xsa245-0+deb9u1
C Out-of-Bounds	<4.8.2+xsa245-0+deb9u1
M Information Exposure	<4.8.2+xsa245-0+deb9u1
H CVE-2017-15594	<4.8.2+xsa245-0+deb9u1
M Improper Input Validation	<4.8.2+xsa245-0+deb9u1
M Missing Release of Resource after Effective Lifetime	<4.8.2+xsa245-0+deb9u1
H CVE-2017-15590	<4.8.2+xsa245-0+deb9u1
M Resource Exhaustion	<4.8.1-1+deb9u3
H Race Condition	<4.8.2+xsa245-0+deb9u1
H Exposure of Resource to Wrong Sphere	<4.8.2+xsa245-0+deb9u1
H Resource Exhaustion	<4.8.2+xsa245-0+deb9u1
M Missing Release of Resource after Effective Lifetime	<4.8.1-1
H CVE-2017-14319	<4.8.2+xsa245-0+deb9u1
M NULL Pointer Dereference	<4.8.2+xsa245-0+deb9u1
M Race Condition	<4.8.2+xsa245-0+deb9u1
H Out-of-bounds Read	<4.8.2+xsa245-0+deb9u1
H Race Condition	<4.8.1-1+deb9u3
H Buffer Overflow	<4.8.1-1+deb9u3
H Incorrect Calculation	<4.8.1-1+deb9u3
M Information Exposure	<4.8.1-1+deb9u3
H Information Exposure	<4.8.1-1+deb9u3
H Race Condition	<4.8.1-1+deb9u3
C Race Condition	<4.8.1-1+deb9u3
C NULL Pointer Dereference	<4.8.1-1+deb9u3
H Resource Exhaustion	<4.8.1-1+deb9u3
M CVE-2017-10919	<4.8.1-1+deb9u3
C CVE-2017-10913	<4.8.1-1+deb9u3
C Out-of-Bounds	<4.8.1-1+deb9u3
C CVE-2017-10912	<4.8.1-1+deb9u3
C Out-of-Bounds	<4.8.1-1+deb9u3
M Improper Input Validation	<4.8.1-1+deb9u3
C Improper Input Validation	<4.8.1-1+deb9u3
H CVE-2017-8904	<4.8.1-1+deb9u1
H Incorrect Calculation	<4.8.0~rc3-1
H CVE-2017-8903	<4.8.1-1+deb9u1
L Information Exposure	<4.3.0-1
H Improper Validation of Array Index	<4.8.1-1
M Improper Access Control	<4.8.0-1
M Improper Access Control	<4.8.0-1
M Improper Access Control	<4.8.0-1
M Improper Access Control	<4.8.0-1
M Information Exposure	<4.8.0-1
M Improper Access Control	<4.8.0-1
M Incorrect Calculation	<4.8.0-1
H Access Restriction Bypass	<4.4.0-1
M Improper Input Validation	<4.8.0-1
L Information Exposure	<4.8.0~rc3-1
H Access Restriction Bypass	<4.8.0-1
M NULL Pointer Dereference	<4.8.0-1
H Access Restriction Bypass	<4.8.0-1
H Improper Input Validation	<4.8.0-1
H Race Condition	<4.4.0-1
H Improper Input Validation	<4.8.0-1
H Access Restriction Bypass	<4.8.0-1
M Improper Input Validation	<4.8.0-1
H Improper Input Validation	<4.8.0-1
M Race Condition	<4.8.0~rc3-1
H Access Restriction Bypass	<4.8.0~rc3-1
M Use After Free	<4.6.0-1
M Out-of-Bounds	<4.8.0~rc3-1
M Improper Input Validation	<4.8.0~rc3-1
H Improper Access Control	<4.8.0~rc3-1
M CVE-2016-5242	<4.8.0~rc3-1
M Access Restriction Bypass	<4.8.0~rc3-1
M Improper Access Control	<4.8.0~rc3-1
M Resource Exhaustion	<4.4.0-1
H Access Restriction Bypass	<4.8.0~rc3-1
M Integer Overflow or Wraparound	<4.4.0-1
H Out-of-Bounds	<4.4.0-1
H Access Restriction Bypass	<4.8.0~rc3-1
H Out-of-Bounds	<4.4.0-1
H Improper Access Control	<4.8.0~rc3-1
L Information Exposure	<4.8.0~rc3-1
L Information Exposure	<4.8.0~rc3-1
H Information Exposure	<4.8.0~rc3-1
M Improper Input Validation	<4.8.0~rc3-1
M CVE-2016-2271	<4.8.0~rc3-1
M Code	<4.8.0~rc3-1
H Improper Input Validation	<4.8.0~rc3-1
M Security Features	<4.8.0~rc3-1
M Code	<4.8.0~rc3-1
M Improper Data Handling	<4.8.0~rc3-1
H Security Features	<4.8.0~rc3-1
H Resource Management Errors	<4.8.0~rc3-1
M Security Features	<4.6.0-1
M Resource Management Errors	<4.8.0~rc3-1
M Resource Management Errors	<4.8.0~rc3-1
M Resource Management Errors	<4.6.0-1
M Improper Data Handling	<4.6.0-1
M Out-of-Bounds	<4.6.0-1
H Access Restriction Bypass	<4.6.0-1
M Resource Management Errors	<4.6.0-1
M Resource Management Errors	<4.6.0-1
M Resource Management Errors	<4.6.0-1
M Code	<4.8.0~rc3-1
M Access Restriction Bypass	<4.8.0~rc3-1
H Out-of-Bounds	<4.4.0-1
H Access Restriction Bypass	<4.4.0-1
H Out-of-Bounds	<4.4.0-1
H Information Exposure	<4.4.0-1
L Access Restriction Bypass	<4.6.0-1
M CVE-2015-4163	<4.6.0-1
M Resource Management Errors	<4.6.0-1
H Out-of-bounds Write	<4.4.0-1
M Resource Management Errors	<4.4.0-1
H Access Restriction Bypass	<4.4.0-1
M Access Restriction Bypass	<4.4.0-1
M Incorrect Authorization	<4.4.0-1
H Out-of-Bounds	<4.4.0-1
L Information Exposure	<4.6.0-1
M Code	<4.4.1-9
M Improper Input Validation	<4.4.1-9
M Access Restriction Bypass	<4.2.0~rc2-1
L Access Restriction Bypass	<4.4.1-9
H Access Restriction Bypass	<4.4.1-8
M Information Exposure	<4.4.1-8
M Information Exposure	<4.4.1-8
L Resource Management Errors	<4.4.1-7
M Resource Management Errors	<4.4.1-3
H CVE-2015-0361	<4.4.1-7
M Code	<4.4.1-6
L Code	*
M Code	<4.4.1-5
M Code	<4.4.1-5
L Improper Input Validation	<4.4.1-4
L Code	<4.4.1-4
L Improper Input Validation	<4.4.1-4
M Out-of-Bounds	<4.4.1-1
H Resource Management Errors	<4.4.1-3
M Access Restriction Bypass	<4.4.1-3
M Access Restriction Bypass	<4.4.1-3
M Race Condition	<4.4.1-3
M Access Restriction Bypass	<4.4.1-1
L Resource Management Errors	<4.4.1-4
L Resource Management Errors	<4.4.1-4
L Out-of-Bounds	<4.4.1-1
M CVE-2014-3967	<4.4.1-1
M CVE-2014-3968	<4.4.1-1
M Access Restriction Bypass	<4.4.1-1
M Improper Input Validation	<4.4.0-1
M Numeric Errors	<4.4.0-1
M Improper Input Validation	<4.4.1-1
H Out-of-Bounds	<4.4.0-1
M Resource Management Errors	<4.4.0-1
M Resource Management Errors	<4.4.0-1
H Access Restriction Bypass	<4.4.0-1
L Resource Management Errors	<4.2
M Improper Input Validation	<4.1.0-1
M Out-of-Bounds	<4.4.0-1
H Access Restriction Bypass	<4.4.0-1
H Access Restriction Bypass	<4.4.0-1
M Improper Input Validation	<4.4.0-1
M Improper Input Validation	<4.4.0-1
M Out-of-Bounds	<4.4.0-1
L Information Exposure	<4.4.0-1
M Resource Management Errors	<4.4.0-1
L CVE-2013-4369	<4.4.0-1
M Access Restriction Bypass	<4.4.0-1
H Buffer Overflow	<4.2-1
M Information Exposure	<4.4.0-1
L Information Exposure	<4.4.0-1
L Information Exposure	<4.4.0-1
H Access Restriction Bypass	<4.3.0-1
M Information Exposure	<4.2.2-1
M Access Restriction Bypass	<4.2.2-1
L Out-of-Bounds	<4.2.2-1
H Access Restriction Bypass	<4.3.0-1
L Access Restriction Bypass	<4.4.1-3
H Resource Management Errors	<4.3.0-1
L Out-of-Bounds	<4.3.0-1
H CVE-2013-2196	<4.3.0-1
H Numeric Errors	<4.3.0-1
H Numeric Errors	<4.3.0-1
M Improper Input Validation	<4.2.2-1
H Access Restriction Bypass	<4.1.4-3
M Out-of-Bounds	<4.1.4-4
L Improper Input Validation	<4.1.4-3
L Improper Input Validation	<4.1.4-4
M Access Restriction Bypass	<4.1.4-3
L Configuration	<4.1.3-8
M CVE-2013-0153	<4.1.4-2
H Buffer Overflow	<4.1.3-8
H Improper Input Validation	<4.1.3-5
M CVE-2012-5514	<4.1.3-6
M CVE-2012-5515	<4.1.3-5
M Resource Management Errors	<4.1.3-8
M Configuration	<4.1.3-5
M Resource Management Errors	<4.1.2-1
M CVE-2012-5510	<4.1.3-5
M Out-of-Bounds	<4.1.3-5
L CVE-2012-0218	<4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
L CVE-2012-2934	<4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
L Access Restriction Bypass	<4.1.3-1
M Improper Input Validation	<4.1.3-4
M Resource Management Errors	<4.1.3-1
H Improper Input Validation	<4.1.3-2
H Improper Input Validation	<4.1.3-2
M Access Restriction Bypass	<4.1.3-2
M Configuration	<4.1.3-2
L Improper Input Validation	<4.1.4-1
M Information Exposure	<4.1.3-2
L Improper Input Validation	<4.1.4-1
L Improper Input Validation	<4.1.4-1
L Improper Input Validation	<4.1.4-1
M Improper Input Validation	<4.1.3-2
L Improper Input Validation	<4.1.4-1
L Access Restriction Bypass	<4.1.4-1
L Numeric Errors	<4.1.4-1
L Access Restriction Bypass	<4.1.4-1
M Configuration	<4.1.3-4
M CVE-2012-4536	<4.1.3-4
M Resource Management Errors	<4.1.3-4
L Resource Management Errors	<4.1.3-4
L Improper Input Validation	<4.1.3-4
L Improper Input Validation	<4.1.3-4
H Out-of-Bounds	<4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
M Out-of-Bounds	<4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
M Resource Management Errors	<4.1.1-1
H Access Restriction Bypass	<4.1.1-1
H Numeric Errors	<4.1.1-1
M CVE-2010-4255	<4.0.1-2
M Resource Management Errors	<4.0.1-1

Vulnerability

Vulnerable Version

Improper Handling of Exceptional Conditions

CVE-2021-28704

Allocation of Resources Without Limits or Throttling

CVE-2021-28707

Improper Handling of Exceptional Conditions

CVE-2021-28703

CVE-2021-28708

Improper Privilege Management

CVE-2021-28695

Improper Authentication

Loop with Unreachable Exit Condition ('Infinite Loop')

Incorrect Authorization

Exposure of Resource to Wrong Sphere

CVE-2021-28690

Information Exposure

Improper Privilege Management

Out-of-Bounds

CVE-2021-26933

NULL Pointer Dereference

Allocation of Resources Without Limits or Throttling

Uncontrolled Recursion

NULL Pointer Dereference

Memory Leak

Use After Free

Exposure of Resource to Wrong Sphere

Untrusted Search Path

Information Exposure

Incorrect Permission Assignment for Critical Resource

Information Exposure

Out-of-Bounds

Improper Privilege Management

Race Condition

Insufficient Verification of Data Authenticity

Memory Leak

Race Condition

Improper Handling of Exceptional Conditions

Arbitrary Code Injection

Improper Privilege Management

Improper Input Validation

Race Condition

Improper Handling of Exceptional Conditions

Improper Input Validation

Resource Exhaustion

Missing Authorization

Improper Handling of Exceptional Conditions

Information Exposure

Out-of-Bounds

CVE-2020-11742

Improper Input Validation