166 matches found
CVE-2020-27777
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...
Memory corruption
In VMware ESXi 6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x before 15.1.0, Fusion 11.x before 11.1.0, the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigg...
[SECURITY] Fedora 32 Update: libslirp-4.3.1-1.fc32
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
Fedora: Security Advisory for libslirp (FEDORA-2020-1608d52724)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: libslirp-4.1.0-2.fc31
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
Fedora: Security Advisory for libslirp (FEDORA-2020-30c45be10c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: libslirp-4.2.0-2.fc32
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
The vulnerability of Xen hypervisors arises from synchronization errors when using shared resources, allowing a malicious actor to cause service failures or increase their privileges.
The vulnerability of Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures or increase their privileges by adding a device with persistent communication capabilities...
The vulnerability of Xen hypervisors relates to insufficient validation of input data. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Xen hypervisors is related to the limited support for linear tables: a page can either point to itself or to another table at the same level. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service...
The vulnerability of Xen hypervisors arises from the simultaneous execution using a shared resource with incorrect synchronization. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Xen hypervisors relates to the simultaneous use of common resources. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...
F5 Networks BIG-IP : vCMP vulnerability (K05765031)
vCMP hypervisors incorrectly expose the plaintext unit key for their vCMP guests on the file system.CVE-2019-6670 Impact An attacker may use this vulnerability to extract the master key of vCMP guests. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
CVE-2019-6670
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem...
Design/Logic Flaw
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem...
Debian DSA-4566-1 : qemu - security update
This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors cf. DSA 4564-1. C Tenable Network Security, Inc...
[SECURITY] [DSA 4566-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4566-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 12, 2019 https://www.debian.org/security/faq -...
Fedora Update for libslirp FEDORA-2019-77bafc4454
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: libslirp-4.0.0-2.fc30
A general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services...
The vulnerability in the implementation of 3D-acceleration functions for hypervisors such as VMware ESXi, VMware Fusion, and Vmware Workstation allows a attacker to cause service failures.
The vulnerability of the 3D-acceleration function implementation in VMware ESXi, VMware Fusion, and Vmware Workstation relates to uncontrolled resource consumption. Exploiting this vulnerability can allow attackers to cause service failures...
The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation lies in synchronization errors when using shared resources (“Race Conditions”), allowing a attacker to execute arbitrary code.
The vulnerability of VMware ESXi, VMware Fusion, and Vmware Workstation hypervisors is related to synchronization errors when using shared resources. Exploiting this vulnerability allows an attacker to execute arbitrary code by using a virtual USB controller...
Security Bulletin: Speculative Store Bypass (SSB) vulnerability also known as SpectreNG or Variant 4 affects IBM Spectrum Protect Plus (CVE-2018-3639)
Summary IBM Spectrum Protect Plus may be affected by the Speculative Storage Bypass SSB vulnerability which is also known as SpetreNG or Variant 4. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by...