Lucene search
K

82 matches found

FreeBSD
FreeBSD
added 2015/10/29 12:0 a.m.39 views

xen-kernel -- Uncontrolled creation of large page mappings by PV guests

The Xen Project reports: The code to validate level 2 page table entries is bypassed when certain conditions are satisfied. This means that a PV guest can create writable mappings using super page mappings. Such writable mappings can violate Xen intended invariants for pages which Xen is supposed...

7.2CVSS7.9AI score0.00427EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/16 12:0 a.m.41 views

SUSE: Security Advisory for apache2 (SUSE-SU-2014:1081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.85744EPSS
Exploits6References1
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.24 views

FreeBSD : xen-kernel -- arm: vgic-v2: GICD_SGIR is not properly emulated (785c86b1-27d6-11e5-a4a5-002590263bf5)

The Xen Project reports : When decoding a guest write to a specific register in the virtual interrupt controller Xen would treat an invalid value as a critical error and crash the host. By writing an invalid value to the GICD.SGIR register a guest can crash the host, resulting in a Denial of...

4.9CVSS7.9AI score0.00415EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.44 views

FreeBSD : xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw (83a28417-27e3-11e5-a4a5-002590263bf5)

The Xen Project reports : Instructions with register operands ignore eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override can, however, corrupt a pointer used subsequently to store the result of the instruction. A malicious gue...

7.2CVSS7AI score0.0057EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.30 views

FreeBSD : xen-kernel -- Information leak through XEN_DOMCTL_gettscinfo (ce658051-27ea-11e5-a4a5-002590263bf5)

The Xen Project reports : The handler for XENDOMCTLgettscinfo failed to initialize a padding field subsequently copied to guest memory. A similar leak existed in XENSYSCTLgetdomaininfolist, which is being addressed here regardless of that operation being declared unsafe for disaggregation by...

2.9CVSS7.7AI score0.00793EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.37 views

FreeBSD : xen-kernel -- Information leak through version information hypercall (ef9d041e-27e2-11e5-a4a5-002590263bf5)

The Xen Project reports : The code handling certain sub-operations of the HYPERVISORxenversion hypercall fails to fully initialize all fields of structures subsequently copied back to guest memory. Due to this hypervisor stack contents are copied into the destination of the operation, thus becomi...

2.1CVSS7.2AI score0.00466EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.29 views

FreeBSD : xen-kernel -- arm: vgic: incorrect rate limiting of guest triggered logging (912cb7f7-27df-11e5-a4a5-002590263bf5)

The Xen Project reports : On ARM systems the code which deals with virtualizing the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting. A malicious guest could cause repeated logging to the hypervisor console, leading...

2.1CVSS7.9AI score0.00411EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/07/14 12:0 a.m.20 views

FreeBSD : xen-kernel -- GNTTABOP_swap_grant_ref operation misbehavior (80e846ff-27eb-11e5-a4a5-002590263bf5)

The Xen Project reports : With the introduction of version 2 grant table operations, a version check became necessary for most grant table related hypercalls. The GNTTABOPswapgrantref call was lacking such a check. As a result, the subsequent code behaved as if version 2 was in use, when a guest...

4.9CVSS7.8AI score0.00439EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/06/11 12:0 a.m.36 views

xen-kernel -- vulnerability in the iret hypercall handler

The Xen Project reports: A buggy loop in Xen's compatiret function iterates the wrong way around a 32-bit index. Any 32-bit PV guest kernel can trigger this vulnerability by attempting a hypercalliret with EFLAGS.VM set. Given the use of get/putuser, and that the virtual addresses in question are...

4.9CVSS6.9AI score0.00437EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality of protected information

The Linux-modules-2.6.18-4-xen-686 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to violations of the confidentiality of protected information. These vulnerabilities can be exploited remotely...

5CVSS5.5AI score0.03017EPSS
Exploits0References8Affected Software1
FreeBSD
FreeBSD
added 2015/03/10 12:0 a.m.44 views

xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw

The Xen Project reports: Instructions with register operands ignore eventual segment overrides encoded for them. Due to an insufficiently conditional assignment such a bogus segment override can, however, corrupt a pointer used subsequently to store the result of the instruction. A malicious gues...

7.2CVSS7.4AI score0.0057EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/23 12:0 a.m.40 views

SuSE 11.3 Security Update : Xen (SAT Patch Number 9828)

The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to fix various bugs and security issues. The following security issues have been fixed : - XSA-108: CVE-2014-7188: Improper MSR range used for x2APIC emulation. bnc897657 - XSA-106: CVE-2014-7156: Missing privilege level checks i...

8.3CVSS6.9AI score0.04554EPSS
Exploits0References37
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/09 1:9 p.m.36 views

xen: security and bugfix update (important)

XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...

8.3CVSS1.1AI score0.04554EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2013/11/20 12:0 a.m.27 views

SuSE 11.2 / 11.3 Security Update : Xen (SAT Patch Numbers 8478 / 8479)

XEN has been updated to version 4.2.3 c/s 26170, fixing various bugs and security issues. - XSA-72: Fixed ocaml xenstored that mishandled oversized message replies. CVE-2013-4416 - XSA-63: Fixed information leaks through I/O instruction emulation. CVE-2013-4355 - XSA-66: Fixed information leak...

7.4CVSS7.4AI score0.00585EPSS
Exploits0References58
RedHat Linux
RedHat Linux
added 2012/12/04 8:48 p.m.5 views

kernel: xen: VCPU timer overflow leads to PCPU deadlock and host death-by-watchdog

Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service Xen infinite loop and physical CPU consumption by setting a VCPU with an "inappropriate deadline."...

1.9CVSS7.3AI score0.00385EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.37 views

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by...

4CVSS6.9AI score0.03536EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/09/23 12:0 a.m.34 views

CentOS Update for libvirt CESA-2011:1019 centos5 i386

Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2011:1019 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

4CVSS0.1AI score0.03536EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/09/06 9:31 p.m.3 views

kernel: xen: x86_emulate: fix SAHF emulation

Xen in the Linux kernel, when running a guest on a host without hardware assisted paging HAP, allows guest users to cause a denial of service invalid pointer dereference and hypervisor crash via the SAHF instruction...

5.5CVSS7AI score0.00676EPSS
Exploits0References4
Cent OS
Cent OS
added 2011/09/01 4:11 p.m.64 views

libvirt security update

CentOS Errata and Security Advisory CESA-2011:1019 Updated libvirt packages that fix one security issue, several bugs and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Commo...

4CVSS6.8AI score0.03536EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2011/07/21 9:23 a.m.34 views

Moderate: Red Hat Security Advisory: libvirt security, bug fix, and enhancement update

Updated libvirt packages that fix one security issue, several bugs and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

4CVSS6.8AI score0.03536EPSS
Exploits0References11
Rows per page
Query Builder