86 matches found
EUVD-2013-2150
Malware in sbrugna...
EUVD-2016-8038
Malware in sbrugna...
EUVD-2014-3144
Malware in sbrugna...
EUVD-2013-2149
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2012-4544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk 1 before or 2 after decompression, which allows local guest...
Linux Distros Unpatched Vulnerability : CVE-2016-4454
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a...
SUSE CVE-2012-4411
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998...
SUSE CVE-2012-5514
The guestphysmapmarkpopulateondemand function in Xen 4.2 and earlier does not properly unlock the subject GFNs when checking if they are in use, which allows local guest HVM administrators to cause a denial of service hang via unspecified vectors...
SUSE CVE-2013-1922
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted, a different...
SUSE CVE-2013-1964
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service host crash, obtain sensitive information, or possibly have other impacts via unspecified vectors...
SUSE CVE-2013-2194
Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel...
SUSE CVE-2013-2195
The Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations...
SUSE CVE-2013-2211
The libxenlight libxl toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors...
SUSE CVE-2014-2580
The netback driver in Xen, when using certain Linux versions that do not allow sleeping in softirq context, allows local guest administrators to cause a denial of service "scheduling while atomic" error and host crash via a malformed packet, which causes a mutex to be taken when trying to disable...
SUSE CVE-2014-3967
The HVMOPinjectmsi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service NULL pointer dereference and crash via unspecified vectors...
SUSE CVE-2014-3968
The HVMOPinjectmsi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service host crash via a large number of crafted requests, which trigger an error messages to be logged...
SUSE CVE-2015-8551
The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service NULL pointer dereference and host OS crash by leveraging a system with access to a...
SUSE CVE-2016-4964
The mptsasfetchrequests function in hw/scsi/mptsas.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop, and CPU consumption or QEMU process crash via vectors involving s-state...
SUSE CVE-2016-7154
Use-after-free vulnerability in the FIFO event channel code in Xen 4.4.x allows local guest OS administrators to cause a denial of service host crash and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number...
SUSE CVE-2016-7156
The pvscsiconvertsglist function in hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging an incorrect cast...