The libxl toolstack library in Xen 4.1.x up to and including 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allows malicious users to cause a denial of service (memory and disk consumption) by starting domains.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xen xen 4.3.2 |
||
xen xen 4.6.0 |
||
xen xen 4.1.5 |
||
xen xen 4.2.2 |
||
xen xen 4.2.3 |
||
xen xen 4.3.3 |
||
xen xen 4.3.0 |
||
xen xen 4.1.2 |
||
xen xen 4.5.2 |
||
xen xen 4.4.2 |
||
xen xen 4.4.3 |
||
xen xen 4.1.1 |
||
xen xen 4.2.0 |
||
xen xen 4.1.0 |
||
xen xen 4.1.6 |
||
xen xen 4.2.5 |
||
xen xen 4.1.3 |
||
xen xen 4.1.6.1 |
||
xen xen 4.3.4 |
||
xen xen 4.5.1 |
||
xen xen 4.2.4 |
||
xen xen 4.1.4 |
||
xen xen 4.4.1 |
||
xen xen 4.3.1 |
||
xen xen 4.2.1 |
||
xen xen 4.5.0 |
||
xen xen 4.4.0 |