Ash.Type.Module.cast_input/2 atom exhaustion via unchecked Module.concat allows BEAM VM crash

Summary Ash.Type.Module.castinput/2 unconditionally creates a new Erlang atom via Module.concatvalue for any user-supplied binary string that starts with "Elixir.", before verifying whether the referenced module exists. Because Erlang atoms are never garbage-collected and the BEAM atom table has ...

php: heap-based buffer overflow in array_merge()

A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...

php: heap-based buffer overflow in array_merge()

A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...

Linux Distros Unpatched Vulnerability : CVE-2019-18425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missin...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.503.1.el7 - bpf, x86: Validate computation of branch displacements for x86-64 Piotr Krysiuk Orabug: 32759961 CVE-2021-29154 - uek-rpm: Add Amazon Elastic Network Adapter module to nano rpm. Somasundaram Krishnasamy Orabug: 32781585 - ext4: handle error of ext4setupsystemzone on remou...

CVE-2021-0224

A vulnerability in the handling of internal resources necessary to bring up a large number of Layer 2 broadband remote access subscriber BRAS nodes in Juniper Networks Junos OS can cause the Access Node Control Protocol daemon ANCPD to crash and restart, leading to a Denial of Service DoS...

Updated xen packages fix security vulnerability

- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods XSA-306 - x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 - TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 - VCPUOPinitialise DoS XSA-296, CVE-2019-18420...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:0334-1)

This update for xen fixes the following issues : CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host bsc1161181. CVE-2019-19579: Device quarantine for alternate pci assignment methods bsc1157888. CVE-2019-19581: findnextbit issues bsc1158003...

Fedora 30 : xen (2019-cbb732f760)

add missing XSA-299 patches x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 ---- VCPUOPinitialise DoS XSA-296, CVE-2019-18420 missing descriptor table limit checking in x86 PV emulation XSA-298,...

Fedora 29 : xen (2019-865bb16900)

VCPUOPinitialise DoS XSA-296, CVE-2019-18420 missing descriptor table limit checking in x86 PV emulation XSA-298, CVE-2019-18425 Issues with restartable PV type change operations XSA-299, CVE-2019-18421 1767726 add-to-physmap can be abused to DoS Arm hosts XSA-301, CVE-2019-18423 passed through P...

Code injection

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...

UBUNTU-CVE-2019-18425

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...

CVE-2019-18425

An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest operations, descriptor table accesses are performe...

CVE-2019-18425

CVE-2019-18425 affects Xen across 3.2+ and enables privilege escalation in 32-bit PV guests due to missing descriptor table limit checks in x86 PV emulation. The vulnerability is limited to 32-bit PV guest user mode; HVM/PVH/64-bit PV guests and ARM are not affected. Exploitation would let a gues...

PT-2019-4839 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions 3.2 through 4.12.x Description: The issue is related to an error in the x86 PV emulation of the Xen hypervisor, specifically a missing check for the descriptor table limit. This could allow a remote attacker to access confidentia...

Linux kernel KVM virtualization subsystem elevation of privilege vulnerability

Linux kernel is the kernel used by Linux, the operating system released by the Linux Foundation in the U.S. The KVM virtualization subsystem is one of the KVM Kernel-based Virtual Machine virtualization subsystems. A security vulnerability exists in the KVM virtualization subsystem of the Linux...

CVE-2018-10901

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cp...

PT-2018-2205 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel's KVM virtualization subsystem affected versions not specified Description: A flaw in the Linux kernel's KVM virtualization subsystem is related to inadequate access control. The issue is caused by the VMX code not restoring the...

Nmap NSE net: ms-sql-tables

Queries Microsoft SQL Server ms-sql for a list of tables per database. The sysdatabase table should be accessible by more or less everyone The script attempts to use the sa account over any other if it has the password in the registry. If not the first account in the registry is used. Once we hav...