Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1918 Several long latency operations are not preemptible Some page table manipulation operations for PV guests were not made preemptible, allowing a malicious or buggy PV guest kernel to mount a denial of service attack affecting the whole system. CVE-2013-1952 VT-d interrupt remapping source validation flaw for bridges Due to missing source validation on interrupt remapping table entries for MSI interrupts set up by bridge devices, a malicious domain with access to such a device, can mount a denial of service attack affecting the whole system. CVE-2013-1964 grant table hypercall acquire/release imbalance When releasing a particular, non-transitive grant after doing a grant copy operation Xen incorrectly releases an unrelated grant reference, leading possibly to a crash of the host system. Furthermore information leakage or privilege escalation cannot be ruled out.