823 matches found
ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write
/ Source: http://rol.im/asux/ ASUS Memory Mapping Driver ASMMAP/ASMMAP64: Physical Memory Read/Write PoC by slipstream/RoL - https://twitter.com/TheWack0lian - http://rol.im/chat/ The ASUS "Generic Function Service" includes a couple of drivers, ASMMAP.sys / ASMMAP64.sys, the version resources...
kernel: integer overflow in fb_mmap
An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...
OracleVM 2.2 : xen (OVMSA-2016-0012)
The remote OracleVM system is missing necessary patches to address critical security updates : - XSA-125: Limit XENDOMCTLmemorymapping hypercall to only process up to 64 GFNs or less Jan Beulich 20732412 CVE-2015-2752 - XSA-126: xen: limit guest control of PCI command register Jan Beulich 2073939...
Moderate: Red Hat Security Advisory: openstack-nova security and bug fix advisory
Updated OpenStack Compute packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 for RHEL 7. OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute...
Multiple NVIDIA GPU Graphics Card Driver Gain of Privilege Vulnerability
NVIDIA GPU graphics driver R346 and R352 for Linux and R352 for GRID vGPU and vSGA are graphics processor GPU drivers from NVIDIA. A security vulnerability exists in the host memory mapping path feature of several NVIDIA GPU graphics drivers, which stems from the program's failure to properly...
CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...
DEBIAN-CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...
Path traversal
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...
CVE-2015-5053
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict access to third-party device IO memory, which allows attackers to gain privileges, cause a denial of...
kernel: kvm: reporting emulation failures to userspace
It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...
CVE-2013-4511
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...
CVE-2015-6654
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
Denial of service
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
CVE-2015-6654
The xenmemaddtophysmapone function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map t...
CVE-2015-6654
CVE-2015-6654 affects Xen up to and including 4.5.x/4.4.x, where xenmem_add_to_physmap_one does not cap printk messages when failing to retrieve a reference on a foreign page. This can enable DoS by remote domains with permission to map memory of another guest. Upstream mitigation was released in...
kernel: integer overflow in fb_mmap
An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...
Xen XEN_DOMCTL_memory_mapping hypercall local denial of service vulnerability
Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A security vulnerability in Xen XENDOMCTLmemorymapping hypercall allows local X86 HVM domain users to conduct denial-of-service attacks via special device model requests when usin...
CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...
DEBIAN-CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...
CVE-2015-2752
The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...