EUVD-2015-5169

Malware in sbrugna...

EUVD-2006-0104

Malware in sbrugna...

containerd allows RAPL to be accessible to a container

/sys/devices/virtual/powercap accessible by default to containers Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux...

GHSA-7WW5-4WQC-M92C containerd allows RAPL to be accessible to a container

/sys/devices/virtual/powercap accessible by default to containers Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-017)

The version of kernel installed on the remote host is prior to 5.10.126-117.518. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-017 advisory. Due to the small table perturb size, a memory leak flaw was found in the Linux kernel's TCP source port...

Linux Kernel CVE-2019-9213 NULL Dereferences

By following the codepath that Andrea Arcangeli pointed out in his mails regarding the last bug I reported, I noticed that it is possible for userspace on a normal distro to map virtual address 0, which on an X86 system without SMAP enables the exploitation of kernel NULL pointer dereferences. Th...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host...

CVE-2018-1000204

Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in...

Code injection

QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers IMR. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...

CVE-2015-8744

QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...

FreeBSD : qemu -- denial of service vulnerabilities in eepro100 NIC support (b56fe6bb-b1b1-11e5-9728-002590263bf5)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the i8255x PRO100 emulation support is vulnerable to an infinite loop issue. It could occur while processing a chain of commands located in the Command Block List CBL. Each Command BlockCB points to the next comman...

CVE-2013-6383

The aaccompatioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAPSYSRAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call...

CVE-2009-2695

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to 1 the default configuration of the allowunconfinedmmapl...

Null pointer dereference

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to 1 the default configuration of the allowunconfinedmmapl...

CVE-2009-2695

CVE-2009-2695 affects the Linux kernel before 2.6.31-rc7, where mmap operations targeting page zero and other low memory addresses are not properly prevented. This enables local privilege escalation via NULL pointer dereference vulnerabilities, linked to (1) SELinux’s allow_unconfined_mmap_low se...

CVE-2009-2695

The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to 1 the default configuration of the allowunconfinedmmapl...