Lucene search
K

80 matches found

Xen Project
Xen Project
added 2020/10/20 12:0 p.m.46 views

x86 PV guest INVLPG-like flushes may leave stale TLB entries

ISSUE DESCRIPTION x86 PV guest kernels may use hypercalls with INVLPG-like behavior to invalidate TLB entries even after changes to non-leaf page tables. Such changes to non-leaf page tables will, however, also render stale possible TLB entries created by Xen's internal use of linear page tables ...

5.3CVSS0.2AI score0.00353EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/06/05 12:0 a.m.83 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5708)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5708 advisory. - Input: ff-memless - kill timer in destroy Oliver Neukum Orabug: 31213691 CVE-2019-19524 - libertas: Fix two buffer overflows at parsing bss...

10CVSS6.8AI score0.08667EPSS
Exploits11References13
Tenable Nessus
Tenable Nessus
added 2020/06/05 12:0 a.m.43 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5706)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5706 advisory. - ipv6: only static routes qualify for equal cost multipathing Hannes Frederic Sowa Orabug: 30977687 CVE-2013-4125 - USB: adutux: fix use-after-fre...

7.8CVSS6.6AI score0.04672EPSS
Exploits3References6
Ubuntu
Ubuntu
added 2020/04/09 12:58 p.m.223 views

LSN-0065-1: Kernel Live Patch Security Notice

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 It was discovered that the KVM implementation in the Linux kernel, when...

7.1CVSS6.7AI score0.0135EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2020/04/08 5:14 a.m.27 views

CVE-2018-18281

Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that permits access to a physical pag...

7.8CVSS2.3AI score0.01061EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.44 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1108)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.01061EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2019/11/12 12:7 p.m.26 views

CVE-2019-17346

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

8.8CVSS6.5AI score0.00349EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.45 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current...

8.4CVSS6.8AI score0.05789EPSS
Exploits8References20
NVD
NVD
added 2019/10/08 1:15 a.m.13 views

CVE-2019-17346

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

8.8CVSS8.5AI score0.00349EPSS
Exploits0References5
OSV
OSV
added 2019/10/08 1:15 a.m.22 views

CVE-2019-17346

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

8.8CVSS6.5AI score
Exploits0References5
Prion
Prion
added 2019/10/08 1:15 a.m.19 views

Denial of service

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

7.2CVSS8.4AI score0.00349EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2019/10/08 1:15 a.m.23 views

CVE-2019-17346

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

8.8CVSS6.9AI score0.00349EPSS
Exploits0References2
CVE
CVE
added 2019/10/08 12:2 a.m.95 views

CVE-2019-17346

CVE-2019-17346 affects the Xen hypervisor (notably through 4.11.x). Root cause: an incompatibility between Process Context Identifiers (PCID) and TLB flushes in x86 PV guests, enabling either denial of service or privilege escalation for local attackers. Affected component: Xen PV guest OS path o...

8.8CVSS8.3AI score0.00349EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/10/08 12:2 a.m.30 views

CVE-2019-17346

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because of an incompatibility between Process Context Identifiers PCID and TLB flushes...

8.4AI score0.00349EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.49 views

EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1244)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found In the Linux kernel, through version 4.19.6, where a local user could exploit a use-after-free in the ALSA drive...

8.1CVSS6.3AI score0.02612EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.53 views

EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1253)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A division-by-zero in settermios, when debugging is enabled, was found in the Linux kernel. When the ioti driver is loaded, a loc...

8.1CVSS6.5AI score0.02612EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.83 views

openSUSE Security Update : the Linux Kernel (openSUSE-2019-974)

The openSUSE Leap 15.0 kernel was updated to 4.12.14-lp150.12.28.1 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the...

7.8CVSS7.1AI score0.01061EPSS
Exploits2References119
Tenable Nessus
Tenable Nessus
added 2019/03/26 12:0 a.m.70 views

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1108)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in the Linux kernel's USB subsystem in the usbgetextradescriptor function in the drivers/usb/core/usb.c which mishandles a...

7.8CVSS6.2AI score0.01061EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2019/02/04 12:0 a.m.80 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0222-1) (Spectre)

The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-19407: The vcpuscanioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service NULL pointer dereference and BUG via...

8CVSS7.1AI score0.93838EPSS
Exploits17References299
OpenVAS
OpenVAS
added 2018/12/18 12:0 a.m.260 views

openSUSE: Security Advisory for kernel (openSUSE-SU-2018:4133-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.5AI score0.01061EPSS
Exploits2References2
Rows per page
Query Builder