4438 matches found
Hyper-V Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running ...
Hyper-V Denial of Service Vulnerability
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running ...
Hyper-V vSMB Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker...
Update Rollup 2.1 for System Center 2016 Virtual Machine Manager
Update Rollup 2.1 for System Center 2016 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 2.1 for Microsoft System Center 2016 Virtual Machine Manager. There are two updates available for Virtual Machine Manager: one for the Virtual Machine...
Update Rollup 2 for System Center 2016 Virtual Machine Manager
Update Rollup 2 for System Center 2016 Virtual Machine Manager Notice This update rollup has been updated to include additional fixes. For more information, see Update Rollup 2.1 for System Center 2016 Virtual Machine Manager. We recommend that you install Update Rollup 2.1 instead of this update...
VMPanel cybervm log on at the parameters the username reflected XSS vulnerability
0x01 vulnerability profile VMPanel is a powerful Web-based service VMware Esx/Esxi control panel, the user can remotely create or delete the virtual machine. Official website: http://cybervm.com/ VMPanel in the login page the user name input box because the filter is not strict, resulting in XSS...
Virglrenderer Integer Overflow Vulnerability
Virgil is a research project aimed at investigating the possibilities of creating virtual 3D GPUs in qemu virtual machines, which allow client operating systems to use the capabilities of the host GPU to accelerate 3D rendering. An integer overflow vulnerability exists in Virglrenderer. An attack...
Virglrenderer Stack Buffer Overflow Vulnerability
Virgil is a research project aimed at investigating the possibilities of creating virtual 3D GPUs in qemu virtual machines, which allow client operating systems to use the capabilities of the host GPU to accelerate 3D rendering. Virglrenderer suffers from a heap buffer overflow vulnerability. An...
DEBIAN-CVE-2015-2877
Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states "Basically ...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20170302)
Security Fixes : - Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support is vulnerable to a NULL pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS...
Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20170302)
Security Fixes : - Quick emulator QEMU built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process...
kernel: kvm: x86: NULL pointer dereference during instruction decode
Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS...
Update Rollup 16 for Azure Site Recovery
Describes the fixes that are included in Update Rollup 16 for Azure Site Recovery.IntroductionThis article describes the fixes that are included in Update Rollup 16 for Azure Site Recovery for the following:Microsoft Azure Site Recovery Provider version 5.1.2150.0Microsoft Azure Site Recovery...
qemu security update
CentOS Errata and Security Advisory CESA-2017:0309 An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
RHEL 6 : kernel (RHSA-2017:0307)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0307 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: When creating audit records for...
Virglrenderer Denial of Service Vulnerability (CNVD-2017-02434)
Virglrenderer is a library for maintaining API stability in Virgil 3d projects. A denial of service vulnerability exists in Virglrenderer. An attacker exploits this vulnerability to crash a QEMU instance, resulting in a denial of service...
Virglrenderer Denial of Service Vulnerability
Virglrenderer is a library for maintaining API stability in Virgil 3d projects. A denial of service vulnerability exists in Virglrenderer. An attacker can exploit this vulnerability to cause a QEMU instance to crash, resulting in a denial of service...
UBUNTU-CVE-2016-9377
Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging IDT entry miscalculation...
USN-3208-2 linux-lts-xenial vulnerabilities
USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the generic SCSI block layer in the Linux kernel did not proper...
UBUNTU-CVE-2016-9637
The 1 ioportread and 2 ioportwrite functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access...