CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

Cross site request forgery (csrf)

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

UBUNTU-CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

Long latency MMIO mapping operations are not preemptible

ISSUE DESCRIPTION The XENDOMCTLmemorymapping hypercall allows long running operations without implementing preemption. This hypercall is used by the device model as part of the emulation associated with configuration of PCI devices passed through to HVM guests and is therefore indirectly exposed ...

kernel: integer overflow in fb_mmap

An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file /dev/fb could possibly use this flaw to escalate their privileges on the system...

DEBIAN-CVE-2015-1593

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related ...

Kernel: mm/shmem: denial of service

A race condition flaw was found in the way the Linux kernel's mmap2, madvise2, and fallocate2 system calls interacted with each other while operating on virtual memory file system files. A local user could use this flaw to cause a denial of service...

openSUSE Security Update : XEN (openSUSE-SU-2012:1572-1)

This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...

openSUSE Security Update : seamonkey (seamonkey-4074)

Mozilla SeaMonkey was updated to version 2.0.12, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

CVE-2014-1718

Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/rendererhost/softwareframemanager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...

Integer overflow

Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/rendererhost/softwareframemanager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...

CVE-2014-1718

Removed by vendor...

CVE-2010-0430

CVE-2010-0430 affects libspice in QEMU-KVM used by Red Hat Enterprise Virtualization Hypervisor (RHEV-H) prior to 5.5-2.2. The flaw lets a guest OS user read from or write to arbitrary QEMU memory by manipulating the address Cairo uses for memory mappings. Impact is host-guest memory access compr...

CVE-2013-4511

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the 1 au1100fbfbmmap function in...

CVE-2013-4511

CVE-2013-4511 concerns multiple integer overflows in the Linux kernel’s Alchemy LCD frame-buffer drivers (au1100fb_fb_mmap and au1200fb_fb_mmap). The issue allows a local attacker to craft mmap operations to create a read-write mapping of kernel memory, enabling privilege escalation. The descript...

Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities)

Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue CVE-2012-5513 could even lead to privilege escalation from guest to host. Some of the recently published Xen Security Advisories XSA 25 and 28 are not fixed by this update and should be fixed i...

CVE-2013-2596

Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...