40 matches found
Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability
...
PT-2021-4806 · Microsoft · Windows Hyper-V +1
Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Hyper-V Discrete Device Assignment DDA component. This can be exploited to cause a denial of service...
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system,...
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system,...
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system,...
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system,...
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system,...
insufficient TLB flushing / improper large page mappings with AMD IOMMUs
ISSUE DESCRIPTION In order to be certain that no undue access to memory is possible anymore after IOMMU mappings of this memory have been removed, Translation Lookaside Buffers TLBs need to be flushed after most changes to such mappings. Xen bypassed certain IOMMU flushes on AMD x86 hardware...
Oracle Linux 6 : kernel (ELSA-2012-0350)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0350 advisory. - fs xfs: Fix missing xfsiunlock on error recovery path in xfsreadlink Carlos Maiolino 749161 694702 CVE-2011-4077 - fs xfs: Fix memory corruption in...
RHEL 5 : kvm (RHSA-2012:0149)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0149 advisory. - kernel: kvm: device assignment DoS CVE-2011-4347 Note that Nessus has not tested for this issue but has instead relied only on the application's...
RHEL 5 : kvm (RHSA-2012:0676)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0676 advisory. - kernel: kvm: irqchipinkernel and vcpu-arch.apic inconsistency CVE-2012-1601 - kvm: device assignment page leak CVE-2012-2121 Note that...
kvm: device assignment page leak
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service memory leak and host OS crash by leveraging administrative access to the guest OS to conduct hotunplug an...
CVE-2012-2693
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices...
kvm: device assignment page leak
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service memory leak and host OS crash by leveraging administrative access to the guest OS to conduct hotunplug an...
USN-1426-1: Linux kernel (EC2) vulnerabilities
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Bärwolf discovered a flaw in the KVM kernel-based virtual machin...
DSA-2443-1 linux-2.6 - several
Bulletin has no description...
kernel: kvm: device assignment DoS
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
kvm security and bug fix update
kvm-83-249.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch - modify kversion to fix build failure kvm-83-249.el5 - kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch bz770101 - CVE: CVE-2011-4622 - Resolves: bz770101...
kernel: kvm: device assignment DoS
The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...
kvm security update
kvm-83-164.0.1.el55.25 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch kvm-83-164.el55.25 - Adding loadgsindex to kmod symbol greylist - Related: bz639886 CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic rhel-5.5.z...