183 matches found
SUSE SLES11 Security Update : xen (SUSE-SU-2015:1408-1)
This security update of Xen fixes the following issues : - bsc939712 XSA-140: QEMU leak of uninitialized heap memory in rtl8139 device model CVE-2015-5165 - bsc938344: qemu,kvm,xen: host code execution via IDE subsystem CD-ROM CVE-2015-5154 Note that Tenable Network Security has extracted the...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1302-1)
xen was updated to fix two security issues. These security issues were fixed : - CVE-2015-3259: xl command line config handling stack overflow bsc935634, XSA-137. - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344. The update package also includes non-security fixes. See...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1299-1)
xen was updated to fix two security issues. These security issues were fixed : - CVE-2015-3259: xl command line config handling stack overflow bsc935634, XSA-137. - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344. The update package also includes non-security fixes. See...
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4057.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.057 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone Networ...
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung Stand: 14. Ergaenzungslieferung 14. EL. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2375-1)
Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service out-of-bounds write via a specially crafted device. CVE-2014-3184 Several bounds check flaws allowing for buffe...
Buffer overflow
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service guest crash via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has...
CVE-2011-3346
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service guest crash via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has...
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung (Windows)
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung Windows ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94207 Stand: 13. Ergänzungslieferung 13...
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung - Windows
IT-Grundschutz M4.057: Deaktivieren der automatischen CD-ROM Erkennung Windows ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94207 Stand: 13. Ergänzungslieferung 13...
Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2141 Emese Revfy provided a fix for an information leak ...
Debian Security Advisory DSA 2766-1 (linux-2.6 - privilege escalation/denial of service/information leak)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2141 Emese Revfy provided a fix for an information leak in...
USN-1941-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...
Debian DSA-2745-1 : linux - privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-1059 Chanam Park reported an issue in the Ceph distribut...
Debian Security Advisory DSA 2745-1 (linux - privilege escalation/denial of service/information leak)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1059 Chanam Park reported an issue in the Ceph distributed...
DSA-2745-1 linux - several
Bulletin has no description...
Debian: Security Advisory (DSA-2745-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1932-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1912-1)
Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. CVE-2013-2164 A flaw was discovered in the Linux kernel when an IPv6 socket is used to...
Design/Logic Flaw
The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive...