456 matches found
kernel: x86_64: ptrace: sysret to non-canonical address
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
DSA-2833-1 openssl - several
Bulletin has no description...
Fedora 19 : microcode_ctl-2.0-3.1.fc19 (2013-4753)
Intel CPU microcode update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...
CVE-2013-1917
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service hypervisor crash by triggering a GP fault, which is not properly handled by another IRET instruction...
CVE-2013-1917
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service hypervisor crash by triggering a GP fault, which is not properly handled by another IRET instruction...
CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released
The Vulnerability reported on 06/12/2012, dubbed as "CVE-2012-0217" - according to that Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation ...
Intel CPU Vulnerability can provide control of your system to attacker
Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...
kernel: x86-64: avoid sysret to non-canonical address
It was found that the Xen hypervisor implementation as shipped with Red Hat Enterprise Linux 5 did not properly restrict the syscall return addresses in the sysret return path to canonical addresses. An unprivileged user in a 64-bit para-virtualized guest, that is running on a 64-bit host that ha...
Intel CPU Hardware Local Privilege Escalation Vulnerability
Description 64-bit operating systems and virtualization software running on Intel CPU hardware are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to escalate privileges and execute arbitrary code with kernel-level privileges or to do a guest-to-host virtual...
SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware
Overview Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape. Intel claims that this vulnerability...
Linux Kernel Xen Hypervisor实现拒绝服务漏洞
BUGTRAQ ID: 43578 CVE ID: CVE-2010-2938 Linux Kernel是Linux操作系统所使用的内核。 当运行的系统支持无EPT的Intel CPU时,Xen hypervisor实现中存在漏洞。在试图dump有关崩溃的完全虚拟化guest信息时,拥有配置完全虚拟化guest系统权限的用户可以利用这个漏洞导致主机崩溃。 RedHat Enterprise Linux v.5 server RedHat Enterprise Linux Desktop v.5 client 厂商补丁: RedHat ------...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...
FreeBSD Security Advisory (FreeBSD-SA-08:07.amd64.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:07.amd64.asc ADV FreeBSD-SA-08:07.amd64.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-08:07.amd64.asc Authors: Thomas Reinke Copyright: Copyright c 2008 E-So...
FreeBSD Security Advisory (FreeBSD-SA-08:07.amd64.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:07.amd64.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2006-0744
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS...