401 matches found
OpenSSL: Side channel attack on modular exponentiation
A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...
kernel: kvm: vmx: invvpid vm exit not handled
It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid Invalidate Translations Based on VPID instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest...
kernel: kvm: vmx: invept vm exit not handled
It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept Invalidate Translations Derived from EPT instructions. On hosts with an Intel processor and invept VM exit support, an unprivileged guest user could use these instructions to crash the guest...
RHEL 6 : kernel (RHSA-2014:1843)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the way the Linux...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
kernel: kvm: vmx: invvpid vm exit not handled
It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid Invalidate Translations Based on VPID instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest...
[SECURITY] [DSA 3060-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3060-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 31, 2014 http://www.debian.org/security/faq -...
DSA-3060-1 linux - security update
Bulletin has no description...
kernel: x86_64: ptrace: sysret to non-canonical address
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially...
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microso...
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microso...
Code injection
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microso...
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microso...
kernel: perf, x86: fix Intel fixed counters base initialization
The x86assignhwevent function in arch/x86/kernel/cpu/perfevent.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service panic via the perf program...
kernel security update
CentOS Errata and Security Advisory CESA-2011:0927 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...
Linux Kernel 'x86_assign_hw_event()'本地拒绝服务漏洞
Bugtraq ID: 48580 CVE ID:CVE-2011-2521 Linux是一款开放源代码的操作系统。 Linux Kernel 'x86assignhwevent'存在安全漏洞,允许本地攻击者破坏Intel处理器计数器的计算,可导致拒绝服务攻击。 Linux kernel 2.6.38 Linux kernel 2.6.38.6 Linux kernel 2.6.38.4 Linux kernel 2.6.38.3 Linux kernel 2.6.38.2 Linux kernel 2.6.38-rc7 Linux kernel 2.6.38-rc4 Linux...
Code injection
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...
CVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...
CVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table IDT entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more...
information disclosure when using HTT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:09.htt Security Advisory The FreeBSD Project Topic: information disclosure when using HTT Category: core Module: sys Announced: 2005-05-13 Revised: 2005-05-13...