69 matches found
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks
A flaw was found in the Linux kernel’s KVM implementation, where improper handing of the VMIO|VMPFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
Are Virtual Machines the New Gold for Cyber Criminals?
ARCHIVED STORY Are Virtual Machines the New Gold for Cyber Criminals? ATR Operational Intelligence Team · JUN 10, 2021 Introduction Virtualization technology has been an IT cornerstone for organization for years now. It revolutionized the way organizations can scale up IT systems in a heartbeat,...
USN-4985-1 intel-microcode vulnerabilities
It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O VT-d. This may allow a local user to perform a privilege escalation attack. CVE-2020-24489 Joseph Nuzman discovered that some Intel processors may not...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
hw: vt-d related privilege escalation
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...
UBUNTU-CVE-2020-24489
Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access...
Intel Virtualization Technology for Direct I/O 授权问题漏洞
Intel Virtualization Technology for Direct I/O Intel VT-d is a part of Intel Virtualization Technology from Intel Corporation, which mainly targets the I/O subsystem, and is implemented by introducing a redirection unit in hardware, which is used to redirect DMA operations and interrupt passes to...
Microsoft Hyper-V Remote Code Execution Vulnerability
Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A remote code execution vulnerability exists in Microsoft Hyper-V. No detailed vulnerability details are available at this time...
Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
Remember the Reverse RDP Attack? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely. You can find details and a video demonstration for...
Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege Escalation...
Samsung KNOX - An Encrypted Virtual Operating system for Android Devices
Last year Samsung launched a security feature called 'KNOX' for high-end enterprise mobile devices. It's a nice security addition and free with new Samsung handsets such as the Galaxy Note 3 and Samsung Galaxy S4. Samsung Knox is an application that creates a virtual partition container within th...