Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.VIRTUOZZO_VZA-2018-037.NASL
HistoryMay 31, 2018 - 12:00 a.m.

Virtuozzo 7 : anaconda / anaconda-core / anaconda-dracut / etc (VZA-2018-037)

2018-05-3100:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
JSON

According to the versions of the anaconda / anaconda-core / anaconda-dracut / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :

  • A flaw was found in the way the Linux kernel’s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions.
    During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor’s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. NOTE:
    This fix also requires CPU microcode/firmware updates and subscribers are advised to contact their hardware OEM vendors to receive the appropriate microcode/firmware for their processor. A kernel update, without the appropriate firmware/microcode updated for the processor, is insufficient to remediate this vulnerability.

  • A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in the denial of service.

Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(110234);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id(
    "CVE-2018-1087",
    "CVE-2018-3639",
    "CVE-2018-8897"
  );

  script_name(english:"Virtuozzo 7 : anaconda / anaconda-core / anaconda-dracut / etc (VZA-2018-037)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Virtuozzo host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the anaconda / anaconda-core /
anaconda-dracut / etc packages installed, the Virtuozzo installation
on the remote host is affected by the following vulnerabilities :

  - A flaw was found in the way the Linux kernel's KVM
    hypervisor handled exceptions delivered after a stack
    switch operation via Mov SS or Pop SS instructions.
    During the stack switch operation, the processor did
    not deliver interrupts and exceptions, rather they are
    delivered once the first instruction after the stack
    switch is executed. An unprivileged KVM guest user
    could use this flaw to crash the guest or, potentially,
    escalate their privileges in the guest.

  - An industry-wide issue was found in the way many modern
    microprocessor designs have implemented speculative
    execution of Load & Store instructions (a commonly used
    performance optimization). It relies on the presence of
    a precisely-defined instruction sequence in the
    privileged code as well as the fact that memory read
    from address to which a recent memory write has
    occurred may see an older value and subsequently cause
    an update into the microprocessor's data cache even for
    speculatively executed instructions that never actually
    commit (retire). As a result, an unprivileged attacker
    could use this flaw to read privileged memory by
    conducting targeted cache side-channel attacks. NOTE:
    This fix also requires CPU microcode/firmware updates
    and subscribers are advised to contact their hardware
    OEM vendors to receive the appropriate
    microcode/firmware for their processor. A kernel
    update, without the appropriate firmware/microcode
    updated for the processor, is insufficient to remediate
    this vulnerability.

  - A flaw was found in the way the Linux kernel handled
    exceptions delivered after a stack switch operation via
    Mov SS or Pop SS instructions. During the stack switch
    operation, the processor did not deliver interrupts and
    exceptions, rather they are delivered once the first
    instruction after the stack switch is executed. An
    unprivileged system user could use this flaw to crash
    the system kernel resulting in the denial of service.

Note that Tenable Network Security has extracted the preceding
description block directly from the Virtuozzo security advisory.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://help.virtuozzo.com/customer/portal/articles/2941807");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1651");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1087");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-3639");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-8897");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/vulnerabilities/pop_ss");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/vulnerabilities/ssbd");
  script_set_attribute(attribute:"solution", value:
"Update the affected anaconda / anaconda-core / anaconda-dracut / etc packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/31");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-dracut");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-gui");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-tui");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-widgets");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:anaconda-widgets-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:cpupools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:cpupools-features");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:kpatch-kmod-48.1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:ksm-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-admin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-config-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-config-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-interface");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-network");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-nodedev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-nwfilter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-secret");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-disk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-gluster");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-iscsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-logical");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-mpath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-rbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-scsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-lxc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-lock-sanlock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-login-shell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvirt-nss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvzctl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:libvzctl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:prl-disp-legacy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:prl-disp-service");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:prl-disp-service-tests");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:prlctl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:qemu-img-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm-common-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm-tools-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm-vz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:vzkernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-headers");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:virtuozzo:virtuozzo:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Virtuozzo Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Virtuozzo/release", "Host/Virtuozzo/rpm-list");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/Virtuozzo/release");
if (isnull(release) || "Virtuozzo" >!< release) audit(AUDIT_OS_NOT, "Virtuozzo");
os_ver = pregmatch(pattern: "Virtuozzo Linux release ([0-9]+\.[0-9])(\D|$)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Virtuozzo");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Virtuozzo 7.x", "Virtuozzo " + os_ver);

if (!get_kb_item("Host/Virtuozzo/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Virtuozzo", cpu);

flag = 0;

pkgs = ["anaconda-21.48.22.121-3.vz7.58.4",
        "anaconda-core-21.48.22.121-3.vz7.58.4",
        "anaconda-dracut-21.48.22.121-3.vz7.58.4",
        "anaconda-gui-21.48.22.121-3.vz7.58.4",
        "anaconda-tui-21.48.22.121-3.vz7.58.4",
        "anaconda-widgets-21.48.22.121-3.vz7.58.4",
        "anaconda-widgets-devel-21.48.22.121-3.vz7.58.4",
        "cpupools-7.0.15-0.vz7.1",
        "cpupools-features-7.0.15-0.vz7.1",
        "kpatch-kmod-48.1-0.5.0-1.vl7",
        "ksm-vz-2.9.0-16.13.vz7.76.5",
        "libvirt-3.6.0-1.vz7.32.2",
        "libvirt-admin-3.6.0-1.vz7.32.2",
        "libvirt-client-3.6.0-1.vz7.32.2",
        "libvirt-daemon-3.6.0-1.vz7.32.2",
        "libvirt-daemon-config-network-3.6.0-1.vz7.32.2",
        "libvirt-daemon-config-nwfilter-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-interface-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-lxc-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-network-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-nodedev-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-nwfilter-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-qemu-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-secret-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-core-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-disk-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-gluster-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-iscsi-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-logical-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-mpath-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-rbd-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-storage-scsi-3.6.0-1.vz7.32.2",
        "libvirt-daemon-driver-vz-3.6.0-1.vz7.32.2",
        "libvirt-daemon-kvm-3.6.0-1.vz7.32.2",
        "libvirt-daemon-lxc-3.6.0-1.vz7.32.2",
        "libvirt-daemon-vz-3.6.0-1.vz7.32.2",
        "libvirt-devel-3.6.0-1.vz7.32.2",
        "libvirt-docs-3.6.0-1.vz7.32.2",
        "libvirt-libs-3.6.0-1.vz7.32.2",
        "libvirt-lock-sanlock-3.6.0-1.vz7.32.2",
        "libvirt-login-shell-3.6.0-1.vz7.32.2",
        "libvirt-nss-3.6.0-1.vz7.32.2",
        "libvzctl-7.0.470.4-1.vz7",
        "libvzctl-devel-7.0.470.4-1.vz7",
        "prl-disp-legacy-7.0.820.9-1.vz7",
        "prl-disp-service-7.0.820.9-1.vz7",
        "prl-disp-service-tests-7.0.820.9-1.vz7",
        "prlctl-7.0.148.1-1.vz7",
        "qemu-img-vz-2.9.0-16.13.vz7.76.5",
        "qemu-kvm-common-vz-2.9.0-16.13.vz7.76.5",
        "qemu-kvm-tools-vz-2.9.0-16.13.vz7.76.5",
        "qemu-kvm-vz-2.9.0-16.13.vz7.76.5",
        "vzkernel-3.10.0-693.21.1.vz7.48.2",
        "vzkernel-debug-3.10.0-693.21.1.vz7.48.2",
        "vzkernel-debug-devel-3.10.0-693.21.1.vz7.48.2",
        "vzkernel-devel-3.10.0-693.21.1.vz7.48.2",
        "vzkernel-headers-3.10.0-693.21.1.vz7.48.2"];

foreach (pkg in pkgs)
  if (rpm_check(release:"Virtuozzo-7", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "anaconda / anaconda-core / anaconda-dracut / etc");
}
VendorProductVersionCPE
virtuozzovirtuozzoanacondap-cpe:/a:virtuozzo:virtuozzo:anaconda
virtuozzovirtuozzoanaconda-corep-cpe:/a:virtuozzo:virtuozzo:anaconda-core
virtuozzovirtuozzolibvirt-daemon-driver-storage-iscsip-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-iscsi
virtuozzovirtuozzolibvirt-daemon-driver-storage-logicalp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-logical
virtuozzovirtuozzolibvirt-daemon-driver-storage-mpathp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-mpath
virtuozzovirtuozzolibvirt-daemon-driver-storage-rbdp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-rbd
virtuozzovirtuozzolibvirt-daemon-driver-storage-scsip-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-storage-scsi
virtuozzovirtuozzolibvirt-daemon-driver-vzp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-driver-vz
virtuozzovirtuozzolibvirt-daemon-kvmp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-kvm
virtuozzovirtuozzolibvirt-daemon-lxcp-cpe:/a:virtuozzo:virtuozzo:libvirt-daemon-lxc
Rows per page:
1-10 of 591

Related

redhat 22
nessus 87
virtuozzo 4
oraclelinux 11
osv 3
openvas 26
redhatcve 2
suse 2
debian 2
ubuntu 2
cloudfoundry 1
cve 2
debiancve 2
ubuntucve 2
exploitpack 1
photon 2
huawei 2
veracode 2
prion 2
cisa 1
xen 1
packetstorm 1
mscve 1
cert 1
symantec 1
f5 1
qualysblog 1
freebsd_advisory 1
zdt 3
threatpost 1
metasploit 1
freebsd 1
centos 2
ibm 2
kaspersky 1
amazon 2
redhat
redhat
(RHSA-2018:1710) Important: redhat-virtualization-host security update
2018-05-23 15:45:43
(RHSA-2018:1711) Important: rhev-hypervisor7 security update
2018-05-23 15:46:13
(RHSA-2018:1348) Important: kernel security update
2018-05-08 20:53:34
nessus
nessus
RHEL 6 / 7 : Virtualization (RHSA-2018:1711) (Spectre)
2018-05-25 00:00:00
RHEL 7 : Virtualization (RHSA-2018:1710) (Spectre)
2018-05-25 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4096)
2018-05-09 00:00:00
virtuozzo
virtuozzo
Important product update: Virtuozzo 7.0 Update 7 Hotfix 3 (7.0.7-461)
2018-05-30 00:00:00
Important product update: Fixes for CVE-2018-3639 and CVE-2018-1087 in virtual machines; Virtuozzo 6.0 Update 12 Hotfix 26 (6.0.12-3707)
2018-05-28 00:00:00
Important kernel security update: CVE-2018-3639 (x86 AMD) and other issues; new kernel 2.6.32-042stab132.1; Virtuozzo 6.0 Update 12 Hotfix 29 (6.0.12-3710)
2018-07-16 00:00:00
oraclelinux
oraclelinux
kernel security update
2018-05-22 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
Unbreakable Enterprise kernel security update
2018-05-08 00:00:00
osv
osv
linux - security update
2018-05-08 00:00:00
CVE-2018-8897
2018-05-08 18:29:00
xen - security update
2018-05-25 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1119)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1121)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1120)
2020-01-23 00:00:00
redhatcve
redhatcve
CVE-2018-1087
2020-04-08 20:05:13
CVE-2018-8897
2020-04-07 11:35:31
suse
suse
Security update for the Linux Kernel (important)
2018-05-09 00:07:18
Security update for libvirt (important)
2018-06-09 15:07:56
debian
debian
[SECURITY] [DSA 4196-1] linux security update
2018-05-08 21:54:36
[SECURITY] [DSA 4196-1] linux security update
2018-05-08 21:54:36
ubuntu
ubuntu
Linux kernel vulnerabilities
2018-05-08 00:00:00
Linux kernel vulnerabilities
2018-05-08 00:00:00
cloudfoundry
cloudfoundry
USN-3641-1: Linux kernel vulnerabilities | Cloud Foundry
2018-06-05 00:00:00
cve
cve
CVE-2018-1087
2018-05-15 16:29:00
CVE-2018-8897
2018-05-08 18:29:00
debiancve
debiancve
CVE-2018-1087
2018-05-15 16:29:00
CVE-2018-8897
2018-05-08 18:29:00
ubuntucve
ubuntucve
CVE-2018-1087
2018-05-08 00:00:00
CVE-2018-8897
2018-05-08 00:00:00
exploitpack
exploitpack
Microsoft Windows - POPMOV SS Privilege Escalation
2018-05-22 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0132-A
2018-05-03 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0151
2018-06-22 00:00:00
huawei
huawei
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products
2019-09-21 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 09:22:45
Local Privilege Escalation
2019-01-15 09:21:51
prion
prion
Design/Logic Flaw
2018-05-15 16:29:00
Privilege escalation
2018-05-08 18:29:00
cisa
cisa
Debug Exception May Cause Unexpected Behavior
2018-05-08 00:00:00
xen
xen
x86: mishandling of debug exceptions
2018-05-08 16:45:00
packetstorm
packetstorm
Microsoft Windows POP/MOV SS Local Privilege Elevation
2018-07-13 00:00:00
mscve
mscve
Windows Kernel Elevation of Privilege Vulnerability
2018-05-08 07:00:00
cert
cert
Hardware debug exception documentation may result in unexpected behavior
2018-05-08 00:00:00
symantec
symantec
Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability
2018-05-08 00:00:00
f5
f5
K17403481 : Linux kernel vulnerability CVE-2018-8897
2018-05-15 00:00:00
qualysblog
qualysblog
What we’ve got here is failure to communicate: OS vendors misread CPU docs, create flaw
2018-05-14 18:47:42
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:06.debugreg
2018-05-08 00:00:00
zdt
zdt
Microsoft Windows - POP/MOV SS Privilege Escalation Exploit
2018-05-23 00:00:00
Microsoft Windows #MicrosoftWindows POP/MOV SS Local Privilege Elevation Exploit
2018-07-13 00:00:00
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass Exploit
2018-05-23 00:00:00
threatpost
threatpost
Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked
2018-05-10 15:37:07
metasploit
metasploit
Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability
2018-07-13 06:11:37
freebsd
freebsd
FreeBSD -- Mishandling of x86 debug exceptions
2018-05-08 00:00:00
centos
centos
kernel, perf, python security update
2018-07-13 16:57:08
kernel, perf, python security update
2018-05-30 18:29:24
ibm
ibm
Security Bulletin: IBM Cloud Manager is affected by the vulnerabilities known as SpectreNG (CVE-2018-3639)
2018-08-08 04:13:55
Security Bulletin: IBM has released the following fixes for AIX and VIOS in response to Speculative Store Bypass (SSB), also known as Variant 4.
2018-08-17 23:06:03
kaspersky
kaspersky
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
2018-05-21 00:00:00
amazon
amazon
Important: java-1.7.0-openjdk
2018-06-08 18:05:00
Important: java-1.8.0-openjdk
2018-06-08 18:10:00
JSON
Related for VIRTUOZZO_VZA-2018-037.NASL
redhat22nessus87virtuozzo4oraclelinux11osv3openvas26redhatcve2suse2debian2ubuntu2cloudfoundry1cve2debiancve2ubuntucve2exploitpack1photon2huawei2veracode2prion2cisa1xen1packetstorm1mscve1cert1symantec1f51qualysblog1freebsd_advisory1zdt3threatpost1metasploit1freebsd1centos2ibm2kaspersky1amazon2