Lucene search
K

456 matches found

RedHat Linux
RedHat Linux
added 2014/07/23 3:44 p.m.2 views

kernel: x86_64: ptrace: sysret to non-canonical address

It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially...

6.9CVSS6.7AI score0.02324EPSS
Exploits6References4
RedHat Linux
RedHat Linux
added 2014/07/23 3:44 p.m.53 views

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.9CVSS6.5AI score0.02324EPSS
Exploits12References3
OSV
OSV
added 2014/01/01 12:0 a.m.23 views

DSA-2833-1 openssl - several

Bulletin has no description...

5.8CVSS9.5AI score0.21174EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2013/05/26 12:0 a.m.28 views

Fedora 19 : microcode_ctl-2.0-3.1.fc19 (2013-4753)

Intel CPU microcode update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

5.4AI score
Exploits0References1
OSV
OSV
added 2013/05/13 11:55 p.m.7 views

CVE-2013-1917

Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service hypervisor crash by triggering a GP fault, which is not properly handled by another IRET instruction...

6.2AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2013/05/13 11:55 p.m.32 views

CVE-2013-1917

Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service hypervisor crash by triggering a GP fault, which is not properly handled by another IRET instruction...

1.9CVSS7.2AI score0.00372EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2012/07/24 8:6 p.m.19 views

CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released

The Vulnerability reported on 06/12/2012, dubbed as "CVE-2012-0217" - according to that Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation ...

7.2CVSS6.5AI score0.37212EPSS
Exploits6
The Hacker News
The Hacker News
added 2012/06/20 5:56 p.m.11 views

Intel CPU Vulnerability can provide control of your system to attacker

Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2012/06/12 2:2 p.m.4 views

kernel: x86-64: avoid sysret to non-canonical address

It was found that the Xen hypervisor implementation as shipped with Red Hat Enterprise Linux 5 did not properly restrict the syscall return addresses in the sysret return path to canonical addresses. An unprivileged user in a 64-bit para-virtualized guest, that is running on a 64-bit host that ha...

7.2CVSS7.9AI score0.37212EPSS
Exploits6References4
Symantec
Symantec
added 2012/06/12 12:0 a.m.28 views

Intel CPU Hardware Local Privilege Escalation Vulnerability

Description 64-bit operating systems and virtualization software running on Intel CPU hardware are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to escalate privileges and execute arbitrary code with kernel-level privileges or to do a guest-to-host virtual...

1.4AI score
Exploits0References3Affected Software18
CERT
CERT
added 2012/06/12 12:0 a.m.555 views

SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware

Overview Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape. Intel claims that this vulnerability...

7.2CVSS8.4AI score0.37212EPSS
Exploits6References8
seebug.org
seebug.org
added 2010/09/30 12:0 a.m.50 views

Linux Kernel Xen Hypervisor实现拒绝服务漏洞

BUGTRAQ ID: 43578 CVE ID: CVE-2010-2938 Linux Kernel是Linux操作系统所使用的内核。 当运行的系统支持无EPT的Intel CPU时,Xen hypervisor实现中存在漏洞。在试图dump有关崩溃的完全虚拟化guest信息时,拥有配置完全虚拟化guest系统权限的用户可以利用这个漏洞导致主机崩溃。 RedHat Enterprise Linux v.5 server RedHat Enterprise Linux Desktop v.5 client 厂商补丁: RedHat ------...

4.9CVSS1.2AI score0.00346EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2009/01/14 5:13 p.m.64 views

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

7.8CVSS6.4AI score0.03294EPSS
Exploits7References17
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.26 views

FreeBSD Security Advisory (FreeBSD-SA-08:07.amd64.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:07.amd64.asc ADV FreeBSD-SA-08:07.amd64.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-08:07.amd64.asc Authors: Thomas Reinke Copyright: Copyright c 2008 E-So...

7.2CVSS0.6AI score0.00314EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.24 views

FreeBSD Security Advisory (FreeBSD-SA-08:07.amd64.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:07.amd64.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.2CVSS7AI score0.00314EPSS
Exploits1References1
Cvelist
Cvelist
added 2006/04/18 10:0 a.m.25 views

CVE-2006-0744

Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS...

7.1AI score0.00465EPSS
Exploits0References32
Rows per page
Query Builder