Thomas Leonard

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue concerns the ARM image loading functionality, which fails to properly validate kernel length. This allows local users to potentially read system memory or cause a denial of service by crafting a 32-bit ARM guest kernel in an image, leading to a buffer overflow. **Recommendations** For Xen version 4.4.x, update to a version that includes the fix for the ARM image loading functionality to prevent buffer overflows.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** A buffer overflow issue allows local users to read system memory or cause a denial of service via a crafted 32-bit guest kernel. This is related to the process of searching for an appended DTB. **Recommendations** For Xen version 4.4.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue is related to a problem with alignment checking in Xen, which can be exploited by local users to cause a denial of service (crash) by manipulating an unspecified field in a DTB header in a 32-bit guest kernel. **Recommendations** For Xen version 4.4.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue allows local users to read system memory or cause a denial of service via a crafted kernel, triggering a buffer overflow, due to improper validation of the load address for 64-bit ARM guest kernels. **Recommendations** For Xen version 4.4.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue is related to the vgic distr mmio write function in the virtual guest interrupt controller (GIC) distributor. It allows local guest users to cause a denial of service, resulting in a NULL pointer dereference and host crash, when running on an ARM system. **Recommendations** For Xen version 4.4.x, consider disabling the vgic distr mmio write function as a temporary workaround until a patch is available. Restrict access to the virtual guest interrupt controller to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Xen versions 4.4.x **Description** The issue is related to improper restriction of access to hardware features on ARM systems, which can be exploited by local guest users to cause a denial of service, resulting in a host or guest crash. This is related to cache control, coprocessors, debug registers, and other unspecified registers. **Recommendations** For Xen version 4.4.x, restrict access to hardware features to prevent local guest users from causing a denial of service. As a temporary workaround, consider disabling access to cache control, coprocessors, debug registers, and other sensitive registers until a patch is available.