299 matches found
UBUNTU-CVE-2020-25742
pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer...
UBUNTU-CVE-2020-25595
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't ...
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
...
PT-2020-5392 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.13 Description: The issue is related to the VFIO PCI driver in the Linux kernel, which mishandles attempts to access disabled memory space. This can be exploited to cause a denial of service. Recommendations:...
PT-2019-4891 · Xen +1 · Xen +1
Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11.x Description: The issue is caused by synchronization errors when using a shared resource, allowing an attacker to cause a denial of service or gain privileges by leveraging a page-writability race condition during...
The vulnerability of the jsm_probe_one handler implementation in Linux kernels allows a hacker to trigger a service failure.
The vulnerability in the implementation of the jsmprobeone function in the drivers/tty/serial/jsm/jsm.ko kernel of the Linux operating system is caused by a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a Digi International Neo and Classi...
June 14, 2016 — KB3163017 (OS Build 10240.16942)
June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...
PT-2023-8981 · Libvirt +9 · Libvirt +9
Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A security flaw in libvirt occurs due to repeatedly querying an SR-IOV PCI device's capabilities, exposing a memory leak caused by a failure to free the virPCIVirtualFunction array within t...
Qemu: OOB access in address_space_rw leads to segmentation fault
An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...
Qemu: OOB access in address_space_rw leads to segmentation fault
An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...
DEBIAN-CVE-2015-8551
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...
UBUNTU-CVE-2015-8552
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service disk consumption by leveraging a system with access to a...
Xen Denial of Service Vulnerability (CNVD-2015-03572)
Xen is an open source virtual machine monitor. Xen versions 3.3.x-4.5.x, fail to properly restrict access to the PCI MSI mask bit, which can be exploited by native x86 HVM clients to cause a denial of service unexpected outage and host crash...
UBUNTU-CVE-2015-4104
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service unexpected interrupt and host crash via unspecified vectors...
DEBIAN-CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...
kernel: kvm: device assignment DoS
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
kernel: kvm: device assignment DoS
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
kernel: kvm: device assignment DoS
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
kernel: xen: IOMMU fault livelock
Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCIE device to cause a denial of service CPU consumption and host hang via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock...