Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5765 advisory. - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31446720 CVE-2020-0543 - x86/speculation: Add Special Regist...

XENMEM_aquire_resources Error Path DoS (XSA-334)

A denial of service DoS vulnerability exists in Xen servers XENMEMacquireresource due to an error path exiting without releasing an RCU Read, Copy, Update reference. An authenticated, local attacker can exploit this issue, via a malicious HVM stubdomain which can cause an RCU reference to be...

CVE-2020-25598

An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEMacquireresource error path. The RCU Read, Copy, Update mechanism is a synchronisation primitive. A buggy error path in the XENMEMacquireresource exits without releasing an RCU reference, which is conceptually similar to...

CVE-2020-2024

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS...

CVE-2020-2024

CVE-2020-2024 affects Kata Containers prior to 1.11.0. The vulnerability is an improper link resolution in kata-runtime that a malicious guest can exploit to trick the host into unmounting any mount point (and sub-mounts) on the host, potentially causing a host DoS. Impact is described as HIGH av...

Xen arch_domain_create() Function Local APIC Assumption NULL Pointer Dereference Guest-to-host DoS (XSA-256)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches we...

x86: infinite loop due to missing PoD error checking

ISSUE DESCRIPTION Failure to recognize errors being returned from low level functions in Populate on Demand PoD code may result in higher level code entering an infinite loop. IMPACT A malicious HVM guest can cause one pcpu to permanently hang. This normally cascades into the whole system freezin...

CVE-2016-9912

Quick Emulator Qemu built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtiogpuresourcedestroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...

SuSE 11.1 Security Update : Xen (SAT Patch Number 6653)

Xen was updated to fix several security issues : - A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. CVE-2012-3433 - A xen HVM guest user mode MMIO emulation DoS was fixed. CVE-2012-3432 - The xen pv bootloader doesn't check th...