21 matches found
EUVD-2021-13148
Malware in sbrugna...
EUVD-2020-25213
Malware in sbrugna...
CVE-2020-3948
Linux Guest VMs running on VMware Workstation 15.x before 15.5.2 and Fusion 11.x before 11.5.2 contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled...
Citrix Hypervisor Security Update
A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to compromise the host. Citrix believes that there would be significant complexity in performing this attack in Citrix Hypervisor. The issue has the following CVE identifier:...
SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2022:1846-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1846-1 advisory. - Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to...
CVE-2021-26342
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer TLB following a particular sequence of operations that includes creation of a new virtual machine control block VMCB. The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for...
CVE-2021-26342
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer TLB following a particular sequence of operations that includes creation of a new virtual machine control block VMCB. The failure to flush the TLB may cause the microcode to use stale TLB translations which may allow for...
LSN-0081-1: Kernel Live Patch Security Notice
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...
USN-5072-1: Linux kernel vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
SUSE SLED15: libvirt / libvirt-admin / libvirt-bash-completion / libvirt-client / etc (SUSE-SU-2021:2471-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2471-1 advisory. - CVE-2021-3631: fix SELinux label generation logic bsc1187871 Tenable has extracted the preceding description block directly from the SUSE...
CVE-2021-26311
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to...
CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
Design/Logic Flaw
Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all VMMs, this issue may...
CVE-2020-2025
CVE-2020-2025 affects Kata Containers before 1.11.0 on Cloud Hypervisor. The issue lets a malicious guest persist or overwrite the underlying image file, potentially gaining control of subsequent VMs. Because Kata uses a shared VM image across VMMs, this may also impact QEMU and Firecracker based...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of serviceDoS attacks. This is because improper validation in the bnx2x network card driver. An attacker could send a packet with a gsosize larger than 9700 bytes because of that Untrusted guest VMs could exploit this vulnerability in the host machine, causing...
Citrix Hypervisor Security Update
Description of Problem A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines or the hypervisor that are, or have recently been, running on the...
VMSA-2018-0017:VMware Tools update addresses an out-of-bounds read vulnerability
VMSA-2018-0017.4 VMware Tools update addresses an out-of-bounds read vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0017.4 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Tools update addresses an out-of-bounds read...
CVE-2018-1000026
Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...
RHEL 6 : kernel (RHSA-2017:0031)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0031 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free vulnerability was found in the...
RedHat Update for kernel RHSA-2016:2962-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...