Amazon Web Services EC2 instance enumeration

Provided AWS credentials, this module will call the authenticated API of Amazon Web Services to list all EC2 instances associated with the account This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'aws-sdk-ec2'...

libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...

libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...

CVE-2019-10168

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an...

CVE-2019-12491

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

Unlimited Arm Atomics Operations

ISSUE DESCRIPTION Software targeting pre-Armv8.1-A hardware, Xen included, commonly implements atomics using Load/Store exclusive instructions in a loop that will terminate once the store succeeded. As per the Armv8-A Architecture Reference Manual ARM DDI0487D.a, paragraph 2.9.5 "Load-Exclusive a...

KLA11039 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...

June 2019 Patch Tuesday – 88 Vulns, 21 Critical, Hyper-V Escape, Adobe Vulns

This month's Microsoft Patch Tuesday addresses 88 vulnerabilities with 21 of them labeled as Critical. Of the 21 Critical vulns, 17 are for scripting engines and browsers, and 3 are potential hypervisor escapes in Hyper-V. The remaining vulnerability is an RCE in the Microsoft Speech API. Microso...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to errors in the authentication process in the guest operating system. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

Fedora Update for xen FEDORA-2019-1f5832fc0e

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux 2 : kernel (ALAS-2019-1214)

A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create...

Amazon Linux AMI : kernel (ALAS-2019-1214)

A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or, possibly, create...

[SECURITY] Fedora 29 Update: xen-4.11.1-5.fc29

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Updated kernel packages fix security vulnerabilities

This kernel update provides the upstream 4.14.121. It adds additional fixes to the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities. It also fixes the following security issues: A flaw was found in the Linux kernel's freescale...

EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2019-1633)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - qemu-kvm is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu-kvm acts as a...

VMware Workstation e1000 Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1587)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A malformed SGIO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000...

SUSE-SU-2019:1371-1 Security update for xen

This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...

SUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...

SUSE-SU-2019:1349-1 Security update for xen

This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS -...