Buffer Overflows

AtomicReferenceFieldUpdater in OpenJDK does not properly check if the field to be updated is of primitive type. An untrusted Java application or applet could use flaw to trigger Java virtual machine memory corruption and possibly bypass Java sandbox restrictions...

Arbitrary Code Execution

openjdk is vulnerable to arbitrary code execution. It was discovered that the 2D component did not properly reject certain malformed images. Specially-crafted raster parameters could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine...

Denial Of Service (DoS)

The openstack-nova packages provide OpenStack Compute Nova, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible...

Sandbox Restrictions Bypass

OpenJDK 7 is vulnerable to sandbox restrictions bypass. The attack is possible because of a flaw in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, allowing an untrusted application to trigger Java Virtual Machine memory corruption...

Sandbox Restrictions Bypass

OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger...

The vulnerability of the sysadmin virtual machine component of the Cisco IOS XR operating system allows a attacker to cause a service failure or gain access to the device.

The vulnerability of the sysadmin virtual machine component of the Cisco IOS XR operating system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain access to the device...

UBUNTU-CVE-2019-3561

Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. This affects all supported versions of HHVM 4.0.3, 3.30.4, and 3.27.7 and below...

SUSE-SU-2018:4064-2 Security update for java-1_8_0-ibm

java-180-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 bsc1116574 Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTIO...

SUSE-SU-2018:3933-2 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()

A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvmioctlcreatedevice, the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If suc...

Update Rollup 7 for System Center 2016 Virtual Machine Manager

Update Rollup 7 for System Center 2016 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2016 Virtual Machine Manager. Two updates are available for Virtual Machine Manager, one for the Virtual Machine Manager serv...

CVE-2019-1710

A vulnerability in the sysadmin virtual machine VM on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation...

Oracle Database Server Java VM Access Control Error Vulnerability

Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...

February 19, 2019—KB4487016 (Preview of Monthly Rollup)

February 19, 2019—KB4487016 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4487000 released February 12, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates...

February 19, 2019—KB4487024 (Preview of Monthly Rollup)

February 19, 2019—KB4487024 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4487025 released February 12, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates...

February 19, 2019—KB4487022 (Preview of Monthly Rollup)

February 19, 2019—KB4487022 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4487023 released February 12, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates...

Hyper-V vSMB Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker...

January 17, 2019—KB4480955 (Preview of Monthly Rollup)

January 17, 2019—KB4480955 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4480970 released January 8, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

Troubleshooting NSM Virtualization Problems with Linux and VirtualBox

I spent a chunk of the day troubleshooting a network security monitoring NSM problem. I thought I would share the problem and my investigation in the hopes that it might help others. The specifics are probably less important than the general approach. It began with ja3. You may know ja3 as a set ...

USN-3932-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. CVE-2017-18249 Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadat...