PT-2021-5824 · Unknown +2 · Cpu Products +2

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified CPU products affected versions not specified Description: The issue is related to a potential speculative code store bypass in CPU products, which, in conjunction with software vulnerabilities related to...

Xen 资源管理错误漏洞

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen, whic...

The vulnerability of the GNTTABOP_map_grant component in Xen hypervisors allows a perpetrator to trigger a service failure.

The vulnerability of the GNTTABOPmapgrant component in Xen hypervisors is related to errors in returned values. Exploiting this vulnerability can allow an attacker to cause a service failure...

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Hypervisor.stake does not transfer tokens

Handle cmichel Vulnerability details Vulnerability Details The Hypervisor's stake action states: token transfer: transfer staking tokens from msg.sender to vault But no tokens are ever transferred. Impact Anyone with a permission can lock any amount of tokens. Recommended Mitigation Steps Transfe...

Hypervisor.stake does not transfer tokens

Handle cmichel Vulnerability details Vulnerability Details The Hypervisor's stake action states: token transfer: transfer staking tokens from msg.sender to vault But no tokens are ever transferred. Impact Anyone with a permission can lock any amount of tokens. Recommended Mitigation Steps Transfe...

CVE-2020-12967

The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor...

CVE-2021-26311

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to...

Design/Logic Flaw

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to...

Design/Logic Flaw

The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor...

CVE-2021-26311

CVE-2021-26311 concerns AMD SEV/SEV-ES where memory can be rearranged in the guest address space without attestation detection, potentially enabling arbitrary code execution in a guest VM if a malicious administrator with server-hypervisor access acts. Documents cite the vulnerability in SEV/SEV-...

CVE-2021-26311 AMD Secure Encrypted Virtualization

In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to...

CVE-2020-12967 AMD Secure Encrypted Virtualization

The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor...

Hotfix XS82E020 - For Citrix Hypervisor 8.2

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| Restart the XAPI Toolstack Content live patchable| No Baselines for Live Patch| N/A Revision History|...

How to upgrade NVIDIA drivers on Citrix Hypervisor

How to upgrade NVIDIA drivers on Citrix Hypervisor...

AMD Secure Encrypted Virtualization

Bulletin ID: AMD-SB-1004 Potential Impact: Arbitrary Code Execution Severity: Medium Summary AMD is aware of 2 research papers related to AMD’s Secure Encrypted Virtualization SEV which will be presented at this year’s 15th IEEE Workshop on Offensive Technologies WOOT’21. In the paper titled...

2019.2 IPU – Intel® Processor Machine Check Error Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow denial of service. Intel has coordinated with OS and hypervisor vendors to provide updates which will mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12207 Description: Improper...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0025)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the...

Parallels Desktop Elevation of Privilege Vulnerability

Parallels Desktop is a virtual machine software that runs on Mac computers. An elevation of privilege vulnerability exists in the e1000e virtual appliance in Parallels Desktop version 16.1.1-49141. The vulnerability stems from a lack of proper locking when performing operations on objects. An...