Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the hostDisk process in the virt-handler component when mounting a host file or directory using the DiskOrCreate option. An attacker can gain unauthorized access to and modify...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the hostDisk process in the virt-handler component when mounting a host file or directory using the DiskOrCreate option. An attacker can gain unauthorized access to and modify...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the hostDisk process in the virt-handler component when mounting a host file or directory using the DiskOrCreate option. An attacker can gain unauthorized access to and modify...

EUVD-2015-4130

Malware in sbrugna...

RHEL 6 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: ne2000: OOB memory access in ioport r/w functions CVE-2015-8743 - The qemu implementation in...

RHEL 7 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: audio: host memory leakage via capture buffer CVE-2017-8309 - The qemu implementation in libvirt...

SUSE CVE-2013-2096

OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...

SUSE CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

DEBIAN-CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

Design/Logic Flaw

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

CVE-2014-3672

CVE-2014-3672 affects the qemu implementation in libvirt (before 1.3.0) and Xen. Local guest OS users can trigger a denial of service on the host (host disk consumption) by writing to stdout or stderr. Root cause details and specific impacted versions are stated in the public CVE description; rem...

CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr...

Xen Denial of Service Vulnerability (CNVD-2015-03571)

Xen is an open source virtual machine monitor. Xen versions 3.3.x-4.5.x, enable logging of PCI MSI-X passthrough error messages, which can be exploited by local x86 clients to cause a denial of service host disk exhaustion through certain invalid actions...

CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

CVE-2015-4105

Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service host disk consumption via certain invalid operations...

Guest triggerable qemu MSI-X pass-through error messages

ISSUE DESCRIPTION Device model code dealing with guest PCI MSI-X interrupt management activities logs messages on certain supposedly invalid guest operations. IMPACT A buggy or malicious guest repeatedly invoking such operations may result in the host disk to fill up, possibly leading to a Denial...

PT-2014-2798 · Openstack +1 · Openstack Compute +1

Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions Folsom through Havana Description: The issue allows local users to cause a denial of service, specifically host file system disk consumption, via a compressed QCOW2 image. This is due to the incomplete...