Mandriva Linux Security Advisory : kernel (MDVSA-2014:001)

Multiple vulnerabilities has been found and corrected in the Linux kernel : The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address CVE-2013-6368. The...

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

Code injection

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

CVE-2013-4587

CVE-2013-4587 describes an array index error in kvm_vm_ioctl_create_vcpu() within virt/kvm/kvm_main.c of the Linux kernel (through 3.12.5). This vulnerability enables local privilege escalation via a large id value. The connected Nessus/OpenVAS advisories reference Unity Linux/SUSE/OpenVAS entrie...

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

UBUNTU-CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

CVE-2013-3903

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service reboot via a crafted TrueType font TTF file, aka "TrueType Font Parsing Vulnerability."...

Spoofing

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service reboot via a crafted TrueType font TTF file, aka "TrueType Font Parsing Vulnerability."...

CVE-2013-3903

CVE-2013-3903 is a local-privilege/DoS issue in Windows kernel‑mode: an array index error in win32k.sys allows a crafted TrueType font to reboot the system on Windows 8, Windows Server 2012 (Gold/R2), Windows RT, and Windows 8.1. The vulnerability stems from the font parsing pathway in the TrueTy...

CVE-2013-3903

Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to cause a denial of service reboot via a crafted TrueType font TTF file, aka "TrueType Font Parsing Vulnerability."...

CVE-2013-0846

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

CVE-2013-0846

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

CVE-2013-0846

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

Out-of-bounds

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

CVE-2013-0846

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

CVE-2013-0846

The CVE-2013-0846 issue affects FFmpeg's libavcodec/qdm2.c, where an array index error in qdm2_decode_super_block can trigger an out-of-bounds access via crafted QDM2 data. This vulnerability is present in FFmpeg before 1.1 and can allow a remote attacker to impact confidentiality, integrity, and...

CVE-2013-0846

Array index error in the qdm2decodesuperblock function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access...

UBUNTU-CVE-2013-6639

The DehoistArrayIndex function in hydrogen-dehoist.cc aka hydrogen.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via JavaScript code that sets the...