kernel: untrusted VMM can trigger int80 syscall handling

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...

SUSE CVE-2010-2242

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...

UBUNTU-CVE-2022-31676

VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine...

kernel: powerpc: KVM guest OS users can cause host OS memory corruption

A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtasargs.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

kernel: powerpc: KVM guest OS users can cause host OS memory corruption

A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtasargs.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

kernel: powerpc: KVM guest OS users can cause host OS memory corruption

A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtasargs.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2019-1470

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'...

CVE-2019-1398

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1397...

CVE-2019-1309

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1310,...

CVE-2019-12648

A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System Guest OS running on an affected device. The vulnerability is due to incorrect role-based access control RBAC evaluation...

CVE-2019-0966

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'...

CVE-2019-0886

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'...

CVE-2017-8623

Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability"...

CVE-2017-0184

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182,...

CVE-2017-0162

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code...

Microsoft Windows Hyper-V Information Leakage Vulnerability

Microsoft Windows is a family of operating systems from Microsoft Corporation, U.S.A. Hyper-V is one of the virtualization products. An information leakage vulnerability exists in Hyper-V for Microsoft Windows, which arises from a program's failure to properly validate input from an authenticated...

Microsoft Windows Hyper-V Information Leakage Vulnerability (CNVD-2016-02242)

Microsoft Windows is a family of operating systems from Microsoft Corporation, U.S.A. Hyper-V is one of the virtualization products. An information leakage vulnerability exists in Hyper-V for Microsoft Windows, which arises from a program's failure to properly validate input from an authenticated...

PT-2013-1029 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.12.5 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS crash due to a divide-by-zero error. This is achieved through crafted modifications of the TMICT value...

DEBIAN-CVE-2013-0216

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service loop by triggering ring pointer corruption...