EUVD-2010-0340

Malware in sbrugna...

EUVD-2010-0466

Malware in sbrugna...

EUVD-2010-0329

Malware in sbrugna...

CBL Mariner 2.0 Security Update: kernel (CVE-2010-0298)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-0298 advisory. - The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in...

Oracle Linux 5 : kvm (ELSA-2010-0271)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0271 advisory. - Resolves: bz563465 EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check rhel-5.5 -...

openSUSE Security Update : kernel (openSUSE-SU-2011:0004-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable 'customdebug' file, allowing local privilege escalation. CVE-2010-4258: A local attack...

CentOS Update for kvm-83-164.el5_ CESA-2010:0898 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for kvm-83-105.el5_ CESA-2009:1465 centos5 i386

Check for the Version of kvm-83-105.el5 OpenVAS Vulnerability Test CentOS Update for kvm-83-105.el5 CESA-2009:1465 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

CentOS Update for kvm-83-164.el5_ CESA-2010:0898 centos5 i386

Check for the Version of kvm-83-164.el5 OpenVAS Vulnerability Test CentOS Update for kvm-83-164.el5 CESA-2010:0898 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

CentOS Update for kvm-83-105.el5_ CESA-2009:1465 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Null pointer dereference

QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or possibly gain privileg...

CVE-2010-0741

The virtionetbadfeatures function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service guest OS crash, and an associated qemu-kvm process exit by...

Design/Logic Flaw

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...

Design/Logic Flaw

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not use the Current Privilege Level CPL and I/O Privilege Level IOPL to restrict instruction execution, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the...

Design/Logic Flaw

The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging access to a 1 IO...

Design/Logic Flaw

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

CVE-2010-0309

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

CVE-2010-0298

The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging access to a 1 IO...

CVE-2010-0306

The connected MiracleLinux AXSA advisory references CVE-2010-0306, describing a vulnerability in the KVM x86 emulator: when a guest is SMP-configured, CPL/IOPL checks are not applied to memory access for CPL3 code. This allows guest OS users to crash the guest or potentially gain privileges by ab...

CVE-2010-0309

The CVE concerns the pit_ioport_read function in the PIT emulation (i8254.c) of KVM 83, where improper use of the pit_state data structure can be exploited by a guest to trigger a host denial-of-service (host crash or hang) by reading /dev/port. Affected component is KVM's PIT emulation; impact i...