5614 matches found
USN-3980-2: Linux kernel (HWE) vulnerabilities
USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andre...
Citrix Hypervisor Security Update
Description of Problem A number of security issues have been identified in certain CPU hardware that may allow unprivileged code running on a CPU core to infer the value of memory data belonging to other processes, virtual machines or the hypervisor that are, or have recently been, running on the...
XenServer Hardware Compatibility List Explained
This article provides an understanding of the Hardware Compatibility List HCL for Citrix Hypervisor and XenServer. This article also contains information about how products get qualified for inclusion in the HCL and what listing in the HCL represents from a support perspective. Background The...
VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
3a. Hypervisor-Specific Mitigations for MDS vulnerabilities - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 vCenter Server, ESXi, Workstation, and Fusion updates include Hypervisor-Specific Mitigations for MDS speculative execution vulnerabilities. VMware has evaluated the...
VMSA-2019-0008:VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities
VMware Security Advisories Advisory ID| VMSA-2019-0008.2 ---|--- Advisory Severity| Moderate CVSSv3 Range| 3.8 - 6.5 Synopsis| VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Dat...
EulerOS Virtualization 2.5.3 : kvm (EulerOS-SA-2019-1369)
According to the version of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructio...
EulerOS Virtualization 2.5.3 : kvm (EulerOS-SA-2019-1370)
According to the version of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when...
Fedora Update for xen FEDORA-2018-a24754252a
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Privilege Escalation
The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way Linux kernel's Transparent Huge Pages THP implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent...
Denial Of Service (DoS)
The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file...
Denial Of Service (DoS)
The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to a...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A flaw was found in the way the xenfailsafecallback function in the Linux kernel handled the failed iret interrupt return instruction notification from the Xen hypervisor. An unprivileged user in a 32-bit para-virtualized guest could use this flaw to cra...
EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-1302)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the Linux kernel's ext4 filesystem code. A use-after-free is possible in ext4extremovespace function when mounting and...
(Pwn2Own) Oracle VirtualBox e1000 Integer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
(Pwn2Own) Oracle VirtualBox OHCI Integer Overflow Information Disclosure Vulnerability
WorkstationThis vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
(Pwn2Own) Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...
Design/Logic Flaw
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem...
CVE-2011-3147
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem...
CVE-2011-3147
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem...
CVE-2011-3147
Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem...