CVE-2020-25596

Technical details about CVE-2020-25596 are not provided in the supplied documents. Affected products, exploitability, and fixes are described only at a high level in the initial description; monitor for updates.

CVE-2020-25596

An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a GP fault, and incorrectly delivers it twice to the guest...

CVE-2020-25596

An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a GP fault, and incorrectly delivers it twice to the guest...

x86 pv guest kernel DoS via SYSENTER

ISSUE DESCRIPTION The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege GP fault typically fatal rather than ...

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...

CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this...

kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code

It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the...

Oracle: Security Advisory (ELSA-2015-3054)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20150722)

A flaw was found in the way Linux kernel's Transparent Huge Pages THP implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. CVE-2014-3940, Moderate A buffer overflow flaw was found in the way the Linu...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3055)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3055 advisory. - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502741 CVE-2015-0239 CVE-2015-0239 - x86/tls: Validate TLS entries to protect espfix...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3054)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3054 advisory. - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502740 CVE-2015-0239 CVE-2015-0239 - x86/tls: Validate TLS entries to protect espfix...

Unbreakable Enterprise kernel security update

2.6.39-400.250.9 - x86, tls: Interpret an all-zero struct userdesc as 'no segment' Andy Lutomirski Orabug: 21514969 - x86, tls, ldt: Stop checking lm in LDTempty Andy Lutomirski Orabug: 21514969 2.6.39-400.250.8 - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502740 CVE-2015-0239...

OracleVM 3.3 : kernel-uek (OVMSA-2015-0104)

The remote OracleVM system is missing necessary patches to address critical security updates : - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502739 CVE-2015-0239 CVE-2015-0239 - fs: take imutex during preparebinprm for setugid executables Jann Horn Orabug: 21502254 CVE-2015-3339 -...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2015-3053)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3053 advisory. - KVM: x86: SYSENTER emulation is broken Nadav Amit Orabug: 21502739 CVE-2015-0239 CVE-2015-0239 - fs: take imutex during preparebinprm for setugid...

kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code

It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream -longterm 3.14.41 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access...

MGASA-2015-0219 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream -longterm 3.14.41 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access...

MGASA-2015-0210 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream -longterm 3.14.41 and fixes the following security issues: net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite...