282 matches found
CVE-2016-5728
Race condition in the vopioctl function in drivers/misc/mic/vop/vopvringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service memory corruption and system crash by changing a certain header, ak...
UBUNTU-CVE-2016-5728
Race condition in the vopioctl function in drivers/misc/mic/vop/vopvringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service memory corruption and system crash by changing a certain header, ak...
DEBIAN-CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
Double free
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
CVE-2015-8550
CVE-2015-8550 is reported in Xen as a double-fetch vulnerability affecting systems using PV backends. The issue arises when memory is shared between the Xen frontend and backend, enabling local guest OS administrators to either crash the host OS (DoS) or gain privileges. The description consisten...
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Ubuntu: Security Advisory (USN-2886-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2854-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2854-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2848-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2848-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...
USN-2850-1: Linux kernel vulnerabilities
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
USN-2849-1 linux-lts-utopic vulnerabilities
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
paravirtualized drivers incautious about shared memory contents
ISSUE DESCRIPTION The compiler can emit optimizations in the PV backend drivers which can lead to double fetch vulnerabilities. Specifically the shared memory between the frontend and backend can be fetched twice during which time the frontend can alter the contents possibly leading to arbitrary...
UBUNTU-CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
CVE-2015-8550
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability...
CVE-2014-1819
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly control access to objects associated with font...
CVE-2014-1819
CVE-2014-1819 affects Windows kernel-mode font handling (win32k.sys) where access to font-file objects is not properly controlled, enabling local privilege escalation via a crafted font file. Connected docs corroborate font-file handling as the root cause and map to MS14-045 kernel-mode driver up...