15 matches found
EUVD-2007-3834
Malware in sbrugna...
Information Disclosure
kernel is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the eHCA driver on PowerPC architectures that allowed a local user to access 60k of physical address space. This address space could contain sensitive information...
ASPEED AST-series BMC Vulnerability - US
Lenovo Security Advisory: LEN-26252 Potential Impact: Privilege escalation Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2019-6260 Summary Description: An industry-wide vulnerability affecting ASPEED AST-series Baseboard Management Controllers BMCs used in certain servers and...
CVE-2019-6260
The ASPEED ast2400 and ast2500 Baseband Management Controller BMC hardware and firmware implement Advanced High-performance Bus AHB bridges, which allow arbitrary read and write access to the BMC's physical address space from the host or from the network in unusual cases where the BMC console uar...
CVE-2019-6260
The ASPEED ast2400 and ast2500 Baseband Management Controller BMC hardware and firmware implement Advanced High-performance Bus AHB bridges, which allow arbitrary read and write access to the BMC's physical address space from the host or from the network in unusual cases where the BMC console uar...
CVE-2013-1943
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...
CVE-2013-1943
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...
CVE-2013-1943
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...
CVE-2012-3433
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service domain 0 VCPU hang and kernel panic by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown...
CVE-2012-3433
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service domain 0 VCPU hang and kernel panic by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown...
CVE-2012-3433
Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service domain 0 VCPU hang and kernel panic by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
Linux Kernel eHCA驱动物理地址空间信息泄露漏洞
Linux是一款开放源代码的操作系统。 Linux包含的eHCA驱动在映射用户空间资源时存在问题,本地攻击者可以利用漏洞获得物理地址等敏感信息。 部分驱动包含的资源映射到用户空间的大小为4K,如果内核配置使用64K的页,那么在映射过程中会超过60K大小的物理地址空间映射到用户空间,导致敏感信息泄露。 RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux v. 5 server Linux kernel 2.6.18 .4 Linux kernel 2.6.18 .3 Linux kernel 2.6.18 ....