CVE-2016-8441

Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR1027769...

CVE-2016-8441

Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR1027769...

CVE-2016-8442

Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR1038173...

CVE-2016-8443

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR964185...

CVE-2016-8438

Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass Peripheral Image Loader PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR1023638...

CVE-2016-8443

CVE-2016-8443 details (from provided documents): Android kernel 3.18 vulnerability that could allow possible unauthorized memory access in the hypervisor. The issue arises from an incorrect configuration that provides access to subsystem page tables. Affected product: Android; kernel version: 3.1...

CVE-2016-8442

CVE-2016-8442 describes a memory access vulnerability in the Android kernel (version 3.18) allowing a local attacker to access hypervisor memory due to insufficient input validation. Impact is local and memory confidentiality/integrity/availability can be affected. Mitigation is via Android secur...

CVE-2016-8440

CVE-2016-8440 details (Android kernel 3.18): A buffer overflow in the SMMU system call, caused by improper input validation in the ADSP SID2CB system call, may lead to hypervisor memory overwrite. The vulnerability affects Android on Kernel 3.18 and is described with a high-severity impact (poten...

CVE-2016-8441

CVE-2016-8441 : Possible buffer overflow in the Android hypervisor due to inappropriate use of a static array in Kernel 3.18. Impact: local code execution with high severity (CVSS2 7.2, CVSS3 7.8). Connected documents confirm product/versions but do not provide a concrete patch/remediation detail...

CVE-2016-8438

CVE-2016-8438 describes an integer overflow in the Android kernel’s Peripheral Image Loader (PIL) path that leads to a TOCTOU condition, potentially bypassing PIL authentication. Affected product: Android (kernel 3.18). Root cause is an integer overflow exposing a race condition; impact is descri...

Updated xen packages fix security vulnerability

This xen update is based on upstream 4.5.5 maintenance release, and fixes the following security issues: The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr CVE-2014-3672 The xrstor...

openSUSE: Security Advisory for xen (openSUSE-SU-2017:0008-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit the Credentials Present in Files and Memory: PowerMemory

PowerMemory is a PowerShell post-exploitation tool. It uses Microsoft binaries and therefore is able to execute on a machine, even after the Device Guard Policies have been set. In the same way, it will bypass antivirus detection. PowerMemory can retrieve credentials information and manipulate...

Citrix XenServer Multiple Security Updates (CTX219378)

Security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running within a guest VM to read a small part of hypervisor memory and allow privileged-mode code running within a guest VM to hang or crash the host. SPDX-FileCopyrightText: 2017 Greenbone AG Some te...

openSUSE Security Update : xen (openSUSE-2017-2)

This update for xen fixes the following issues : - A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation. XSA-204, bsc1016340, CVE-2016-10013 - CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure...

Security update for xen (important)

This updates xen to version 4.4.406 to fix the following issues: - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...

Security update for xen (important)

This updates xen to version 4.5.5 to fix the following issues: - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...

Security update for xen (important)

This update for xen fixes the following issues: - A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation. XSA-204, bsc1016340, CVE-2016-10013 - CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure...

CVE-2016-8438

Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass Peripheral Image Loader PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR1023638...

CVE-2016-8443

Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR964185...