DEBIAN-CVE-2017-8421

The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...

zziplib - multiple vulnerabilities

NIST reports by search in the range 2017/01/01 - 2018/07/06: 17 security fixes in this release: Heap-based buffer overflow in the zzipget32 function in fetch.c. Heap-based buffer overflow in the zzipget64 function in fetch.c. Heap-based buffer overflow in the zzipmementryextrablock function in...

MGASA-2016-0225 Updated kernel packages fix security vulnerabilities

This kernel update provides an upgrade to the upstream 4.4 longterm kernel series, currently based on 4.4.13 and resolves at least the following security issues: The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service memory consumption by...

How to understand stack and heap overflow exploits-a vulnerability warning-the black bar safety net

This article is a detailed description of the heap,and will teach you how to write a heap-based overflow vulnerability. Run the following program: include include include int mainint argc, char argv char buf1 = malloc1 2 8; char buf2 = malloc2 5 6; read's filenostdin, buf1, 2 0 0; freebuf2;...

MiniUPnP igd_desc_parse. c buffer overflow

No description provided by source. TALOS-CAN-0035 CVE 2015-6031 exploit by Aleksandar Nikolic illustrating the SSP bypass with a stack buffer overflow in an application that uses pthreads. import socket import struct SSDP reply to MSEARCH request, specifies the location URL reply = """HTTP/1.1 20...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...

xfsprogs security, bug fix and enhancement update

3.2.2-2 - Fix xfsmetadump disclosure flaw, CVE-2012-2150 1251118 3.2.2-1 - Update to upstream v3.2.2, plus fixes from v3.2.3 1223991 - repair: fix unnecessary secondary scan if only last sb is corrupt 1201238 - repair: check ino alignment value to avoid mod by zero 1223444...

CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

DEBIAN-CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

Xen Alignment Check Exception Handling Denial of Service Vulnerability

Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. Xen handles alignment checking anomalies with a security vulnerability that allows a 32-bit guest user to trigger the vulnerability and conduct denial-of-service attacks...

Ubuntu: Security Advisory (USN-2807-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2807-1: Linux kernel (Wily HWE) vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...