Lucene search
K

29 matches found

RedHat Linux
RedHat Linux
added 2016/08/23 6:14 a.m.11 views

Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl

Quick EmulatorQEMU built with the Block driver for iSCSI images support virtio-blk is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl2 calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in...

7.8CVSS7.9AI score0.00701EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/08/11 7:8 p.m.5 views

Qemu: block: iscsi: buffer overflow in iscsi_aio_ioctl

Quick EmulatorQEMU built with the Block driver for iSCSI images support virtio-blk is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl2 calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in...

7.8CVSS7.9AI score0.00701EPSS
Exploits0References4
OSV
OSV
added 2016/07/14 10:27 p.m.4 views

USN-3037-1 linux-lts-vivid vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

7.8CVSS7AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2016/07/14 10:10 p.m.4 views

USN-3036-1 linux-lts-utopic vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...

7.8CVSS7AI score0.00415EPSS
Exploits0References2
OSV
OSV
added 2016/06/01 10:59 p.m.2 views

DEBIAN-CVE-2016-5126

Heap-based buffer overflow in the iscsiaioioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service QEMU process crash or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call...

7.8CVSS7.8AI score0.00701EPSS
Exploits0References1
OSV
OSV
added 2016/05/09 9:57 p.m.6 views

USN-2969-1 linux-lts-utopic vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS6.8AI score0.01946EPSS
Exploits14References11
Positive Technologies
Positive Technologies
added 2016/05/02 12:0 a.m.11 views

PT-2016-3471 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.4.1 Description: The issue is related to an integer overflow in the fs/aio.c file of the Linux kernel. This can be exploited by local users to cause a denial of service or possibly have other unspecified impac...

10CVSS7.6AI score0.60631EPSS
Exploits96References224
RedHat Linux
RedHat Linux
added 2016/01/28 3:55 p.m.5 views

Qemu: ide: ahci use-after-free vulnerability in aio port commands

A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing NCQ AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU proces...

8.8CVSS7.7AI score0.00533EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/03/17 3:59 a.m.7 views

kernel: create_elf_tables can leave urandom in a bad state

Use-after-free vulnerability in the fasynchelper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling OASYNC aka FASYNC or FIOASYNC on a locked file, and then closing this file...

7.2CVSS5.8AI score0.00979EPSS
Exploits2References4
Rows per page
Query Builder