Important: Red Hat Security Advisory: virt:rhel security update

An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: virt:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

CVE-2020-14377

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an...

CVE-2020-14374

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copydata function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhostcrypto application. The highest threat from this...

CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...

UBUNTU-CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...

UBUNTU-CVE-2020-14377

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an...

cPanel Authentication Vulnerability

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in cPanel versions prior to 88.03, which stems from Dovecot's use of an insecure authentication...

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..

...

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.

...

CVE-2020-26103

In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM SEC-551...

CVE-2020-26105

In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM SEC-554...

CVE-2020-26101

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM SEC-549...

CVE-2020-26102

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM SEC-550...

Denial Of Service (DoS)

xen is vulnerable to denial of service DoS. An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a GP fault, and...

VMware Workstation 15.x < 15.5.7 Multiple Vulnerabilities (VMSA-2020-0020)

The version of VMware Workstation installed on the remote host is 15.x. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. A malicious actor with norm...

ALPINE-CVE-2020-25598

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

UBUNTU-CVE-2020-25596

An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a GP fault, and incorrectly delivers it twice to the guest...

Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach

The operators of the Maze ransomware have added a fresh trick to their bag of badness: Distributing ransomware payloads via virtual machines VM. It’s a “radical” approach, according to researchers, meant to help the ransomware get around endpoint defense. That’s according to researchers with Soph...