2101 matches found
USN-3186-1: iucode-tool vulnerability
It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute...
USN-3186-1 iucode-tool vulnerability
It was discovered that iucode-tool incorrectly handled certain microcodes when using the -tr loader. If a user were tricked into processing a specially crafted microcode, a remote attacker could use this issue to cause iucode-tool to crash, resulting in a denial of service, or possibly execute...
MC Coming Soon Arbitrary File Upload / Improper Access Restrictions
Vulnerability: Improper Access Restrictions Date: 15.01.2017 Vendor Homepage: http://microcode.ws/ Script Name: MC Coming Soon Script Script Buy Now: http://microcode.ws/product/mc-coming-soon-php-script/3880 Author: Adeghsan Aencan Author Web: http://ihsan.net Mail : ihsanbeygirihsannoktanet...
MC Real Estate Pro Insecure Direct Object Reference
Vulnerability: Improper Access Restrictions Date: 15.01.2017 Vendor Homepage: http://microcode.ws/ Script Name: MC Real Estate Pro Script Buy Now: http://microcode.ws/product/mc-real-estate-pro-php-script/3858 Author: Adeghsan Aencan Author Web: http://ihsan.net Mail : ihsanbeygirihsannoktanet...
MC Buy and Sell Cars Script 1.1 - SQL Injection
Vulnerability: SQL Injection Web Vulnerability Date: 15.01.2017 Vendor Homepage: http://microcode.ws/ Script Name: MC Buy and Sell Cars Script Script Version: V1.1 Script Buy Now: http://microcode.ws/product/mc-buy-and-sell-cars-php-script/3878 Author: İhsan Şencan Author Web: http://ihsan.net Ma...
MC Buy and Sell Cars Script 1.1 - SQL Injection
MC Buy and Sell Cars Script 1.1 - SQL Injection Vulnerability: SQL Injection Web Vulnerability Date: 15.01.2017 Vendor Homepage: http://microcode.ws/ Script Name: MC Buy and Sell Cars Script Script Version: V1.1 Script Buy Now: http://microcode.ws/product/mc-buy-and-sell-cars-php-script/3878...
MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions
Vulnerability: Improper Access Restrictions Date: 15.01.2017 Vendor Homepage: http://microcode.ws/ Script Name: MC Coming Soon Script Script Buy Now: http://microcode.ws/product/mc-coming-soon-php-script/3880 Author: İhsan Şencan Author Web: http://ihsan.net Mail : ihsanbeygirihsannoktanet Direct...
Updated dracut packages fix security vulnerability
A local information disclosure issue was found in dracut when generating initramfs images with world-readable permissions when "early cpio" is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or...
MGASA-2016-0387 Updated dracut packages fix security vulnerability
A local information disclosure issue was found in dracut when generating initramfs images with world-readable permissions when "early cpio" is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or...
Fedora 23 : kernel (2016-784d5526d8)
Update to latest upstream stable release, Linux v4.6.4 For those with Skylake CPUs, please note that there may be instability with a recent microcode update. Read https://www.happyassassin.net/2016/07/07/psa-failure-to-boot-after-ker nel-update-on-skylake-systems/ and look for a system firmware...
Fedora 24 : kernel (2016-9a16b2e14e)
Update to latest upstream stable release, Linux v4.6.4 For those with Skylake CPUs, please note that there may be instability with a recent microcode update. Read https://www.happyassassin.net/2016/07/07/psa-failure-to-boot-after-ker nel-update-on-skylake-systems/ and look for a system firmware...
Fedora 21 : kernel-4.1.13-100.fc21 (2015-f2c534bc12)
kernel-4.1.13-100.fc21 - Linux v4.1.13 - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception rhbz 1278496 1279691 - CVE-2015-5307 kvm: DoS infinite loop in microcode AC exception rhbz 1277172 1279688 Note that Tenable Network Security has extracted the preceding description block...
Fedora 23 : kernel-4.2.6-300.fc23 (2015-115c302856)
The 4.2.6 stable update contains a number of important fixes across the tree. kernel-4.2.6-300.fc23 - Fix incorrect size calculations in megaraid with 64K pages rhbz 1269300 - CVE-2015-8104 kvm: DoS infinite loop in microcode DB exception rhbz 1278496 1279691 - CVE-2015-5307 kvm: DoS infinite loo...
virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...
virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...
virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...
Unbreakable Enterprise kernel security update
kernel-uek 2.6.32-400.37.15uek - ipc/sem.c: fully initialize semarray before making it visible Manfred Spraul Orabug: 22250043 CVE-2015-7613 - Initialize msg/shm IPC objects before doing ipcaddid Linus Torvalds Orabug: 22250043 CVE-2015-7613 - crypto: add missing crypto module aliases Mathias...
virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception
It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception is handled. A privileg...