5613 matches found
[SECURITY] Fedora 30 Update: libosinfo-1.4.0-4.fc30
libosinfo is a library that allows virtualization provisioning tools to determine the optimal device settings for a hypervisor/operating system combination...
CVE-2019-5604
In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350247, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, the emulated XHCI device included with the bhyve hypervisor did not properly validate data provided by the guest,...
CVE-2019-5604
CVE-2019-5604 affects FreeBSD’s bhyve XHCI emulated device. The underlying issue is in the function pci_xhci_device_doorbell(), which does not validate the guest-provided values for the identifiers ‘epid’ and ‘streamid’, allowing an out-of-bounds read. Impact: a misbehaving bhyve guest could cras...
Fedora Update for libosinfo FEDORA-2019-c9fbe3db9c
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
USN-4076-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Serial Attached SCSI SAS implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service system crash or execute arbitrary code. CVE-2018-20836 It was discovered that the ext4 file system implementati...
FreeBSD bhyve buffer overflow vulnerability
FreeBSD is a Unix-like operating system from the FreeBSD Foundation. bhyve is a virtual machine hypervisor used in it. A security vulnerability exists in FreeBSD bhyve that stems from the 'pcixhcidevicedoorbell' function failing to validate the supplied 'epid' and 'streamid'. An attacker could...
Oracle VirtualBox vmsvga3dSetRenderState Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Oracle VirtualBox cr_unpackData Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...
Oracle VirtualBox WINED3DSIH_TEX Opcode Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...
Oracle VirtualBox vertexshader_set_limits Out-Of-Bounds Write Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
Fedora Update for mingw-libosinfo FEDORA-2019-4b8990e4d6
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: mingw-libosinfo-1.2.0-2.fc29
libosinfo is a library that allows virtualization provisioning tools to determine the optimal device settings for a hypervisor/operating system combination...
[SECURITY] Fedora 30 Update: mingw-libosinfo-1.4.0-3.fc30
libosinfo is a library that allows virtualization provisioning tools to determine the optimal device settings for a hypervisor/operating system combination...
libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs
The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...
Citrix Hypervisor Security Update.
Description of Problem A vulnerability has been found in Citrix Hypervisor formerly Citrix XenServer that may allow an unauthenticated attacker with the ability to send traffic to a host over a management or storage network to cause the host to crash. This vulnerability is identified as: •...
The vulnerability in the implementation of 3D-acceleration functions for hypervisors such as VMware ESXi, VMware Fusion, and Vmware Workstation allows attackers to exploit it to disclose sensitive information or cause system failures during maintenance.
The vulnerability of the 3D-acceleration function implementation in VMware ESXi, VMware Fusion, and Vmware Workstation relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause system failur...
Fedora Update for xen FEDORA-2019-899ef6056c
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: xen-4.11.1-6.fc29
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Fedora Update for xen FEDORA-2019-aeda234b68
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: xen-4.11.1-6.fc30
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...