16 matches found
EUVD-2018-17452
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-12134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obta...
K22572754: QEMU vulnerability CVE-2017-15289
Security Advisory Description The mode4and5 write functions in hw/display/cirrusvga.c in Qemu allow local OS guest privileged users to cause a denial of service out-of-bounds write access and Qemu process crash via vectors related to dst calculation. CVE-2017-15289 Impact There is no impact; F5...
Denial Of Service (Dos)
qemu is vulnerable to denial of service. Mishandling of the seccomp policy for threads other than the main thread allows local OS guest users to crash the application...
CVE-2018-5683
The vgadrawtext function in Qemu allows local OS guest privileged users to cause a denial of service out-of-bounds read and QEMU process crash by leveraging improper memory address validation...
CVE-2017-15289
CVE-2017-15289 affects QEMU with Cirrus CLGD VGA support, where the mode4and5 write functions in hw/display/cirrus_vga.c can be exploited by a privileged guest user to trigger an out-of-bounds write and crash the QEMU process, causing a Denial of Service. The issue stems from dst calculation in V...
CVE-2017-15289
The mode4and5 write functions in hw/display/cirrusvga.c in Qemu allow local OS guest privileged users to cause a denial of service out-of-bounds write access and Qemu process crash via vectors related to dst calculation...
Information disclosure
Xen allows local OS guest users to cause a denial of service crash or possibly obtain sensitive information or gain privileges via vectors involving transitive grants...
CVE-2017-12135
Xen allows local OS guest users to cause a denial of service crash or possibly obtain sensitive information or gain privileges via vectors involving transitive grants...
CVE-2017-12134
The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability...
CVE-2017-12134
The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability...
CVE-2012-3496
XENMEMpopulatephysmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service BUG triggered and host crash via invalid flags such as MEMFpopulateondemand...
CVE-2012-4411
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998...
Design/Logic Flaw
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998...
Design/Logic Flaw
The setdebugreg hypercall in include/asm-x86/debugreg.h in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when running on x86-64 systems, allows local OS guest users to cause a denial of service host crash by writing to the reserved bits of the DR7 debug control register...
CVE-2012-3494
The CVE-2012-3494 issue affects Xen hypervisor code, specifically the set_debugreg hypercall in include/asm-x86/debugreg.h, impacting Xen 4.0–4.2 and Citrix XenServer 6.0.2 and earlier on x86-64. The vulnerability arises when a guest OS user can write to the reserved bits of the DR7 debug control...