Lucene search
+L

369 matches found

xen
xen
added 2016/03/24 4:26 p.m.99 views

broken AMD FPU FIP/FDP/FOP leak workaround

ISSUE DESCRIPTION There is a workaround in Xen to deal with the fact that AMD CPUs don't load the x86 registers FIP and possibly FCS, FDP and possibly FDS, and FOP from memory via XRSTOR or FXRSTOR when there is no pending unmasked exception. See XSA-52. However, this workaround does not cover al...

3.8CVSS6AI score0.0041EPSS
Exploits0Affected Software1
nessus
nessus
added 2016/03/04 12:0 a.m.49 views

Fedora 23 : xen-4.5.2-6.fc23 (2015-d8253e2b1d)

paravirtualized drivers incautious about shared memory contents XSA-155, CVE-2015-8550 qemu-dm buffer overrun in MSI-X handling XSA-164, CVE-2015-8554 information leak in legacy x86 FPU/XMM initialization XSA-165, CVE-2015-8555 ioreq handling possibly susceptible to multiple read issue XSA-166 No...

8.6CVSS7.7AI score0.02254EPSS
Exploits2References8
nessus
nessus
added 2016/01/25 12:0 a.m.50 views

openSUSE Security Update : xen (openSUSE-2016-35)

This update for xen fixes the following security issues : - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop i...

8.8CVSS7.1AI score0.05557EPSS
Exploits4References28
nessus
nessus
added 2016/01/25 12:0 a.m.43 views

openSUSE Security Update : xen (openSUSE-2016-36)

This update for xen fixes the following issues : - CVE-2015-8567,CVE-2015-8568: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...

8.8CVSS7AI score0.05557EPSS
Exploits4References28
xen
xen
added 2015/12/17 12:0 p.m.93 views

information leak in legacy x86 FPU/XMM initialization

ISSUE DESCRIPTION When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. IMPACT A malicious domain may be able to leverage...

8.6CVSS7.5AI score0.02254EPSS
Exploits0Affected Software1
freebsd
freebsd
added 2015/12/17 12:0 a.m.47 views

xen-kernel -- information leak in legacy x86 FPU/XMM initialization

The Xen Project reports: When XSAVE/XRSTOR are not in use by Xen to manage guest extended register state, the initial values in the FPU stack and XMM registers seen by the guest upon first use are those left there by the previous user of those registers. A malicious domain may be able to leverage...

8.6CVSS7.8AI score0.02254EPSS
Exploits0References1
openvas
openvas
added 2015/10/06 12:0 a.m.34 views

Oracle: Security Advisory (ELSA-2013-1166)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.3AI score0.04707EPSS
Exploits5References2
redhat
redhat
added 2015/06/25 1:46 p.m.63 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.2CVSS6.9AI score0.01395EPSS
Exploits3References2
hackerone
hackerone
added 2015/06/09 7:20 p.m.43 views

Internet Bug Bounty: Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player

Misusing of FPU Instruction Could Cause Security Vulnerabilities in Adobe Flash Player This vulnerability CVE-2015-3100 was reported to Adobe on March 10, 2015 and has been patched today via APSB15-11 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html. Following is the original...

10CVSS6.8AI score0.07715EPSS
Exploits0
openvas
openvas
added 2015/06/09 12:0 a.m.62 views

CentOS Update for kernel CESA-2015:1042 centos5

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882189";...

7.2CVSS6.9AI score0.01395EPSS
Exploits3References2
openvas
openvas
added 2015/06/09 12:0 a.m.52 views

RedHat Update for kernel RHSA-2015:1042-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.8AI score0.01395EPSS
Exploits3References2
nessus
nessus
added 2015/06/04 12:0 a.m.49 views

CentOS 5 : kernel (CESA-2015:1042)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.2CVSS7AI score0.01395EPSS
Exploits3References2
nessus
nessus
added 2015/06/03 12:0 a.m.77 views

RHEL 5 : kernel (RHSA-2015:1042)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.2CVSS7AI score0.01395EPSS
Exploits3References3
oraclelinux
oraclelinux
added 2015/04/08 12:0 a.m.65 views

kernel security and bug fix update

kernel 2.6.18-404.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...

6.9CVSS7AI score0.00465EPSS
Exploits0
oraclelinux
oraclelinux
added 2015/03/13 12:0 a.m.69 views

Unbreakable Enterprise kernel security update

2.6.39-400.248.3 - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 - Revert 'mm: Fix NULL pointer dereference in madviseMADVWILLNEED support' Guangyu Sun Orabug: 20673281 CVE-2014-8173 2.6.39-400.248.2 -...

7.2CVSS0.7AI score0.05489EPSS
Exploits4
oraclelinux
oraclelinux
added 2015/02/11 12:0 a.m.70 views

kernel security and bug fix update

kernel 2.6.18-402.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...

7.2CVSS6.3AI score0.01176EPSS
Exploits2
oraclelinux
oraclelinux
added 2015/01/29 12:0 a.m.70 views

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.246.2 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425333 CVE-2014-7841 2.6.39-400.246.1 - sched: Fix possible divide by zero in avgatom calculation Mateusz Guzik Orabug: 20148169 - include/linux/math64.h: add div64ul Alex...

5CVSS7AI score0.0523EPSS
Exploits1
oraclelinux
oraclelinux
added 2014/12/18 12:0 a.m.61 views

kernel security update

kernel 2.6.18-400.1.1.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...

7.2CVSS8.2AI score0.01447EPSS
Exploits8
oraclelinux
oraclelinux
added 2014/12/05 12:0 a.m.45 views

kernel security and bug fix update

kernel 2.6.18-400.0.0.0.1 - net fix tcptrimhead James Li orabug 14512145, 19219078 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function...

2.1CVSS7.1AI score0.00538EPSS
Exploits1
oraclelinux
oraclelinux
added 2014/09/04 12:0 a.m.83 views

kernel security and bug fix update

kernel 2.6.18-371.12.1.0.1 - ocfs2: dlm: fix recovery hung Junxiao Bi orabug 13956772 - i386: fix MTRR code Zhenzhong Duan orabug 15862649 - oprofile x86, mm: Add getuserpagesfast orabug 14277030 - oprofile export getuserpagesfast function orabug 14277030 - oprofile oprofile, x86: Fix nmi-unsafe...

3.3CVSS7.1AI score0.0036EPSS
Exploits0
Rows per page
Query Builder