EUVD-2010-2623

Malware in sbrugna...

Ubuntu: Security Advisory (USN-1719-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : tboot (openSUSE-2017-1308)

This update for tboot fixes the following issues : Security issues fixed : - CVE-2017-16837: Fix tbootfailed to validate a number of immutable function pointers, which could allow an attacker to bypass the chain of trust and execute arbitrary code boo1068390. - Make tboot package compatible with...

openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

linux: Fix Xen block IO merge-ability calculation

ISSUE DESCRIPTION The block layer in Linux may choose to merge adjacent block IO requests. When Linux is running as a Xen guest, the default merging algorithm is replaced with a Xen-specific one. When Linux is running as an x86 PV guest, some BIO's are erroneously merged, corrupting the data stre...

Ubuntu: Security Advisory (USN-1768-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1728-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1728-1: Linux kernel (EC2) vulnerability

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously...

Ubuntu: Security Advisory (USN-1725-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1725-1: Linux kernel vulnerability

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously...

CVE-2013-0190

The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...

CVE-2013-0190

The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...

CVE-2013-0190

The CVE-2013-0190 entry concerns the xen_failsafe_callback function in the Xen hypervisor on Linux kernels (notably 2.6.23 and related versions). In 32-bit PVOPS guests, a local attacker can trigger an iret fault that leads to an incorrect stack pointer and stack corruption, enabling a denial of ...

Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1719-1)

It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. CVE-2012-2669 Dmitry Monakhov reported a race...

USN-1719-1: Linux kernel (Oneiric backport) vulnerabilities

It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. CVE-2012-2669 Dmitry Monakhov reported a race...

Linux kernel hits general protection if %ds is corrupt for 32-bit PVOPS.

ISSUE DESCRIPTION Linux kernel when returning from an iret assumes that %ds segment is safe and uses it to reference various per-cpu related fields. Unfortunately the user can modify the LDT and provide a NULL one. Whenever an iret is called we end up in xeniret and try to use the %ds segment and...

Unbreakable Enterprise kernel security update

2.6.32-300.39.4 - exec: do not leave bprm-interp on stack Kees Cook Orabug: 16286741 CVE-2012-4530 - exec: use -ELOOP for max recursion depth Kees Cook Orabug: 16286741 CVE-2012-4530 2.6.32-300.39.3 - Xen: Fix stack corruption in xenfailsafecallback for 32bit PVOPS guests. Frediano Ziglio Orabug:...

Medium: kernel, nvidia

Issue Overview: The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service guest crash by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption...

Fedora 18 : kernel-3.7.2-204.fc18 (2013-0952)

This update contains a security fix for users running 32bit PVOPS xen guests CVE-2013-0190 and a number of smaller fixes from the stable queue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Linux stack corruption in xen_failsafe_callback for 32bit PVOPS guests.

ISSUE DESCRIPTION xenfailsafecallback incorrectly sets up its stack if an iret fault is injected by the hypervisor. IMPACT Malicious or buggy unprivileged userspace can cause the guest kernel to crash, or operate erroneously. VULNERABLE SYSTEMS All 32bit PVOPS versions of Linux are affected, sinc...