4447 matches found
UBUNTU-CVE-2020-15866
mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
Microsoft Windows Hyper-V RemoteFX vGPU Input Validation Error Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Hyper-V RemoteFX vGPU is one of the GPU virtualization and remote...
Microsoft Hyper-V RemoteFX vGPU Resource Management Error Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...
Microsoft Windows Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...
Microsoft Hyper-V RemoteFX vGPU Buffer Overflow Vulnerability
Microsoft Windows is a popular operating system. A buffer overflow vulnerability exists in Microsoft Hyper-V RemoteFX vGPU, which originates when a program fails to properly validate input from an authenticated user on a virtual machine operating system. An attacker could exploit the vulnerabilit...
Microsoft Hyper-V RemoteFX vGPU Buffer Overflow Vulnerability (CNVD-2020-45324)
Microsoft Windows is a popular operating system. A buffer overflow vulnerability exists in Microsoft Hyper-V RemoteFX vGPU that originates from a program's inability to properly validate authenticated user input on a virtual machine operating system. An attacker could exploit the vulnerability by...
Microsoft Hyper-V RemoteFX vGPU Buffer Overflow Vulnerability (CNVD-2020-45323)
Microsoft Windows is a popular operating system. A buffer overflow vulnerability exists in Microsoft Hyper-V RemoteFX vGPU. An attacker can exploit this vulnerability by running a specially crafted application on a virtual machine operating system to execute arbitrary code on the host operating...
[SECURITY] Fedora 32 Update: libslirp-4.3.1-1.fc32
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
The vulnerability of the VM-Series network interface cards is related to insufficient protection of registration data, which allows attackers to disclose sensitive information and cause service failures.
The vulnerability of the VM-Series network firewalls is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to disclose protected information and cause service failures...
Fedora: Security Advisory for libslirp (FEDORA-2020-8c0b966c16)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Xen Denial of Service Vulnerability (CNVD-2021-17752)
Xen is an open source virtual machine monitor product. It enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.13.x and earlier versions. An attacker could...
Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory address spaces. If a user attempts to access the...
How to Remove a Storage Repository from XenServer
This article describes how to remove a Storage Repository SR on a XenServer host when the Storage Repository is experiencing issues, or if you wish to discontinue using the Storage Repository. A XenServer Storage Repository is used to Store ISOs or Virtual Machine VM Virtual Disks VDIs. The Stora...
QEMU: vnc: memory leakage upon disconnect
A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...
virt:rhel security update
An update is available for libiscsi, netcf, sgabios. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM offers a full virtualizatio...
Buffer Overflow Vulnerability in Multiple VMware Products (CNVD-2021-24362)
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
CVE-2020-3964
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may b...
CVE-2020-3968
VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain an out-of-bounds write vulnerability in the USB 3.0 controller xHCI. A malicious actor with local administrati...