Lucene search
+L

218 matches found

OSV
OSV
added 2018/12/08 4:29 a.m.3 views

DEBIAN-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS9.3AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2018/12/08 4:29 a.m.4 views

ALPINE-CVE-2018-19965

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service host OS crash because GP0 can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 aka Meltdown mitigation...

5.6CVSS6.6AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2018/12/08 4:29 a.m.4 views

DEBIAN-CVE-2018-19965

An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service host OS crash because GP0 can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 aka Meltdown mitigation...

5.6CVSS6.4AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2018/12/08 4:29 a.m.3 views

ALPINE-CVE-2018-19961

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes...

7.8CVSS7.1AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2018/08/07 6:29 p.m.3 views

DEBIAN-CVE-2018-5953

The swiotlbprintinfo function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call...

5.5CVSS7.1AI score0.00401EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/27 12:0 a.m.7 views

Linux kernel denial of service vulnerability (CNVD-2018-06440)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the Linux kernel prior to 4.14.4. The vulnerability arises because the...

7CVSS7.4AI score0.00378EPSS
Exploits1References1
OSV
OSV
added 2017/10/18 8:29 a.m.1 views

ALPINE-CVE-2017-15588

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to execute arbitrary code on the host OS because of a race condition that can cause a stale TLB entry...

7.8CVSS7.7AI score0.0033EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/03/21 9:6 a.m.4 views

kernel: race condition in the TLB flush logic

A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user coul...

7.4CVSS7.1AI score0.00315EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/11/03 8:8 a.m.4 views

kernel: race condition in the TLB flush logic

A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user coul...

7.4CVSS7.1AI score0.00315EPSS
Exploits0References5
OSV
OSV
added 2016/04/27 5:59 p.m.3 views

DEBIAN-CVE-2016-2069

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU...

7.4CVSS7.2AI score0.00315EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/03/15 12:0 a.m.53 views

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2931-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2931-1 advisory. Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local...

8.4CVSS7.3AI score0.03723EPSS
Exploits11References13
Ubuntu
Ubuntu
added 2016/03/14 5:20 p.m.85 views

USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits22
OSV
OSV
added 2016/03/14 4:47 p.m.2 views

USN-2931-1 linux-lts-utopic vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.2AI score0.03723EPSS
Exploits11References13
Tenable Nessus
Tenable Nessus
added 2014/09/23 12:0 a.m.56 views

RHEL 7 : kernel (RHSA-2014:1281)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1281 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. An out-of-bounds memory access flaw was found in the Linux...

3.3CVSS6.8AI score0.0036EPSS
Exploits0References5
OSV
OSV
added 2013/12/13 6:55 p.m.2 views

DEBIAN-CVE-2013-6400

Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service host crash or...

6.8CVSS6.3AI score0.00661EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.34 views

Debian DSA-466-1 : linux-kernel-2.2.10-powerpc-apus - failing function and TLB flush

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap2 system call. Due to flushing the TLB Translation Lookaside Buffer, an address cache too early it is possible for an attacker to trigger a local...

7.2CVSS5.5AI score0.02434EPSS
Exploits2References3
Debian
Debian
added 2004/03/18 11:22 a.m.52 views

[SECURITY] [DSA 466-1] New Linux 2.2.10 packages fix local root exploit (powerpc/apus)

-------------------------------------------------------------------------- Debian Security Advisory DSA 466-1 [email protected] http://www.debian.org/security/ Martin Schulze March 18th, 2004 http://www.debian.org/security/faq -...

7.2CVSS0.02434EPSS
Exploits2
Debian
Debian
added 2004/03/02 3:51 p.m.28 views

[SECURITY] [DSA 454-1] New Linux 2.2.22 packages fix local root exploit (alpha)

-------------------------------------------------------------------------- Debian Security Advisory DSA 454-1 [email protected] http://www.debian.org/security/ Martin Schulze March 2nd, 2004 http://www.debian.org/security/faq -...

7.2CVSS6.1AI score0.02434EPSS
Exploits4
Rows per page
Query Builder