59 matches found
PT-2024-1555 · Amd · Amd Sev-Snp
Name of the Vulnerable Software and Affected Versions: AMD SEV-SNP affected versions not specified Description: A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests, potentially resulting in guests not receiving expected debug information. The issue is related to the...
Debug Exception Delivery in Secure Nested Paging
Bulletin ID: AMD-SB-3006 Potential Impact: Suppression of guest debug exceptions Severity: Low Summary A researcher has reported that a host can potentially suppress delivery of debug exceptions to SEV-SNP guests that have the restricted injection feature enabled. For example, a software-based...
Oracle Linux 5 : kernel (ELSA-2018-4219)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4219 advisory. 2.6.18-419.0.0.0.11 - x8664/entry: Don't use IST entry for BP stack orabug 28452062 CVE-2018-8897 Tenable has extracted the preceding description block directly...
SUSE CVE-2015-8104
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...
SUSE CVE-2018-8897
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...
Local Privilege Escalation
kernel is vulnerable to arbitrary code execution attacks. The vulnerability exists as a statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in...
Fedora 28 : xen (2018-a7ac26523d)
x86: mishandling of debug exceptions XSA-260, CVE-2018-8897 x86 vHPET interrupt injection errors XSA-261 1576089 qemu may drive Xen into unbounded loop XSA-262 ---- update to xen-4.10.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora updat...
SUSE-SU-2018:3230-1 Security update for xen
This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...
CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...
CVE-2018-12893
An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leadi...
Fedora 26 : xen (2018-7cd077ddd3)
x86: mishandling of debug exceptions XSA-260, CVE-2018-8897 x86 vHPET interrupt injection errors XSA-261, CVE-2018-10982 1576089 qemu may drive Xen into unbounded loop XSA-262, CVE-2018-10981 1576680 Note that Tenable Network Security has extracted the preceding description block directly from th...
SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown)
This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...
SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown)
This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...
SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown)
This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown)
This update for xen to version 4.9.2 fixes several issues. This feature was added : - Added script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU. They are triggered via 'xl vcpu-set domU N' These security issues were fixed : - CVE-2018-8897: Prevent...
USN-3641-1: Linux kernel vulnerabilities
Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...
USN-3641-1 linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, linux-kvm, linux-lts-xenial, linux-oem, linux-raspi2, linux-snapdragon vulnerabilities
Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...
ALPINE-CVE-2018-8897
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...
DEBIAN-CVE-2018-8897
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...
CVE-2018-8897
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...