Bitdefender Hypervisor Introspection 安全漏洞

Bidefender Hypervisor Introspection HVI is a software from Bidefender Romania that checks the memory safety of running virtual machines at the Hypervisor layer using the VM self-test APIs of the Xen and KVM hypervisors. The software blocks code execution in abnormal memory by virtualizing the...

ALPINE-CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

UBUNTU-CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

golang: improper validation of cgo flags can lead to code execution at build time

An input validation vulnerability was found in Go. If cgo is specified in a Go file, it is possible to bypass the validation of arguments to the gcc compiler. This flaw allows an attacker to create a malicious repository that can execute arbitrary code when downloaded and run via go get or go bui...

CVE-2020-29479

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certain operations on the root node. Unprivileged...

lambda_pattern (>=0.0.15 <=0.0.31), push2cloud-cli (>=1.0.0 <=2.0.3) +3 more potentially affected by CVE-2020-28422 via git-archive (=0.1.4)

git-archive NPM version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on git-archive and may be impacted: - lambdapattern =0.0.15, =1.0.0, =1.0.0, =2.0.4 - push2cloud-compiler-rf =2.0.2 Source cves: CVE-2020-28422 Source advisory:...

SUSE SLED15 / SLES15 Security Update : go1.14 (SUSE-SU-2020:2761-1)

This update for go1.14 fixes the following issues : go1.14.9 released 2020-09-09 includes fixes to the compiler, linker, runtime, documentation, and the net/http and testing packages. Refs bsc1164903 go1.14 release tracking - go41192 net/http/fcgi: race detected during execution of...

SUSE SLED15 / SLES15 Security Update : go1.15 (SUSE-SU-2020:2776-1)

go1.15 released 2020-08-11 Go 1.15 is a major release of Go. go1.15.x minor releases will be provided through August 2021. https://github.com/golang/go/wiki/Go-Release-Cycle Most changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1...

Microsoft Chakra LinearScan Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JIT compiler...

SUSE SLES12 Security Update : gcc10 (SUSE-SU-2020:3263-1)

This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgccs1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can specify them...

SUSE SLED15 / SLES15 Security Update : gcc10, nvptx-tools (SUSE-SU-2020:2947-1)

This update for gcc10, nvptx-tools fixes the following issues : This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgccs1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can...

SUSE-SU-2020:2947-1 Security update for gcc10, nvptx-tools

This update for gcc10, nvptx-tools fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgccs1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can...

DEBIAN-CVE-2020-28367

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a cgo directive...

UBUNTU-CVE-2020-28367

Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a cgo directive...

Amazon Linux AMI : libtiff (ALAS-2020-1447)

The version of libtiff installed on the remote host is prior to 4.0.3-35.36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1447 advisory. TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because th...

CVE-2020-28367

An input validation vulnerability was found in Go. If cgo is specified in a Go file, it is possible to bypass the validation of arguments to the gcc compiler. This flaw allows an attacker to create a malicious repository that can execute arbitrary code when downloaded and run via go get or go bui...

SUSE-SU-2020:3263-1 Security update for gcc10

This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgccs1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with '-10' suffix, you can specify them...

kernel: cached use of fpu_fpregs_owner_ctx in arch/x86/include/asm/fpu/internal.h can lead to DoS

A flaw was found in the Linux kernel. When compiled with GCC 9, a vector register corruption occurs on return from a signal handler where the top page of the signal stack had not yet been paged in which can allow a local attacker with special user privilege or root to leak kernel internal...