5122 matches found
UBUNTU-CVE-2017-15590
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...
CVE-2017-15590
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...
CVE-2017-15590
An issue was discovered in Xen through 4.9.x allowing x86 guest OS users to cause a denial of service hypervisor crash or possibly gain privileges because MSI mapping was mishandled...
CVE-2017-15302
In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...
multiple MSI mapping issues on x86
ISSUE DESCRIPTION Multiple issues exist with the setup of PCI MSI interrupts: - unprivileged guests were permitted access to devices not owned by them, in particular allowing them to disable MSI or MSI-X on any device - HVM guests can trigger a codepath intended only for PV guests - some failure...
USN-3448-1: OpenStack Keystone vulnerability
Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...
USN-3448-1 keystone vulnerability
Boris Bobrov discovered that OpenStack Keystone incorrectly handled federation mapping when there are rules in which group-based assignments are not used. A remote authenticated user may receive all the roles assigned to a project regardless of the federation mapping, contrary to expectations...
CVE-2017-1000253
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 backported to Linux 3.10.7...
Professional Services for GDPR Compliance
The GDPR effective date is less than seven months away and the stakes are high. GDPR non-compliance penalties have the potential to be quite significant up to 79 times higher than existing guidelines, and GDPR applies to any organization of any size that collects or processes personal data...
Apple's FaceID
This is a good interview with Apple's SVP of Software Engineering about FaceID. Honestly, I don't know what to think. I am confident that Apple is not collecting a photo database, but not optimistic that it can't be hacked with fake faces. I dislike the fact that the police can point the phone at...
openSUSE Security Update : postgresql94 (openSUSE-2017-1020)
This update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684 -...
CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
Code injection
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
ALPINE-CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
DEBIAN-CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
CVE-2017-14319
A grant unmapping issue was discovered in Xen through 4.9.x. When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence ...
insufficient grant unmapping checks for x86 PV guests
ISSUE DESCRIPTION When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were...