8 matches found
x86 HVM I/O port list traversal
ISSUE DESCRIPTION HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses...
SUSE CVE-2010-0419
The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...
SUSE CVE-2016-1922
QEMU aka Quick Emulator built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'currentcpu' remains null, which leads to the null pointer dereference. A user or...
Kernel: KVM: DoS via write flood to I/O port 0x80
Linux kernel Virtualization Module CONFIGKVM for the Intel processor family CONFIGKVMINTEL is vulnerable to a DoS issue. It could occur if a guest was to flood the I/O port 0x80 with write requests. A guest user could use this flaw to crash the host kernel resulting in DoS...
qemu: incorrect banked access bounds checking in vga module
An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...
Qemu Memory Misreference Vulnerability
QEMU is an open source emulator software. A memory misreference vulnerability exists when Qemu, which supports IDE Emulation PCI PIIX3/4, writes data to a client I/O port, which can be exploited by a client user to cause a Qemu instance to crash, resulting in a denial of service...
kvm: emulator privilege escalation segment selector check
The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution
webdesproxy 0.0.1 - exec-shield GET Remote Code Execution / Fedora Core 6 exec-shield based Webdesproxy webdesproxy-0.0.1.tgz remote root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...