kernel: kvm: pit timer with no irqchip crashes the system

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

[SECURITY] [DSA 2389-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2389-1 [email protected] http://www.debian.org/security/ Dann Frazier January 15, 2012 http://www.debian.org/security/faq -...

SA-CONTRIB-2011-058 - Support Timer - Cross Site Scripting (XSS)

The Support Timer module adds a javascript-based timer to the Support Ticketing System for tracking how long users are working on support tickets, as well as administrative reports. The module does not properly sanitize user-supplied content, resulting in multiple Cross-Site Scripting XSS...

Design/Logic Flaw

The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service system hang via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs...

CVE-2011-3982

The Fibre Channel driver for QLogic adapters in IBM AIX 6.1 and 7.1 does not properly handle DMA resource limitations, which allows local users to cause a denial of service system hang via vectors that generate a large amount of DMA I/O, related to a deadlock in timer processing across CPUs...

CentOS Update for kernel CESA-2009:1455 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

VirtualBox 4.1 Final for Linux Released

VirtualBox 4.1 Final for Linux Released VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use. This version is a major update. The following major new features were added: Support for cloning of VMs bug 5853, see the manual for more...

RHEL 5 : java-1.4.2-ibm (RHSA-2011:0490)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0490 advisory. - JDK unspecified vulnerability in Deployment component CVE-2010-4447, CVE-2010-4466, CVE-2010-4475 - OpenJDK DNS cache poisoning by untrust...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0155-1)

Multiple vulnerabilities were fixed in java-160-openjdk : - CVE-2010-4448: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N: DNS cache poisoning by untrusted applets - CVE-2010-4450: CVSS v2 Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P: Launcher incorrect processing of empty library path entries ...

OpenJDK Swing timer-based security manager bypass (6907662)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, an...

CentOS Update for kernel CESA-2010:0936 centos4 i386

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2010:0936 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS 4 : kernel (CESA-2010:0936)

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

RedHat Update for kernel RHSA-2010:0936-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2010:0936-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

kernel security and bug fix update

2.6.18-194.26.1.0.1.el5 - xen check to see if hypervisor supports memory reservation change Chuck Anderson orabug 7556514 - Add entropy support to igb John Sobecki orabug 7607479 - nfs convert ENETUNREACH to ENOTCONN orabug 7689332 - NET Add xen pv/bonding netconsole support Tina Yang orabug...

CVE-2010-3886

The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory...

CVE-2010-3886

The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory...

Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak

mshtml.dll CTimeoutEventList::InsertIntoTimeoutList Timer ID Pointer leak - Rubén Santamarta www.reversemode.com var i = 1; // counter function LeakOrDie var t; t=setInterval"foo",2000; t-=i; document.getElementById'atun'.innerHTML = ' Pointer leaked: '+'0x'+t.toString16; i++; function foo return...

[SECURITY] Fedora 11 Update: kdetoys-4.4.3-1.fc11.1

kdetoys includes: amor: Amusing Misuse Of Resources put's comic figures above your windows kteatime: makes sure your tea does not get too strong ktux: Tux-in-a-Spaceship screen saver kweather: display the current weather outside...

[SECURITY] Fedora 12 Update: kdetoys-4.4.3-1.fc12.1

kdetoys includes: amor: Amusing Misuse Of Resources put's comic figures above your windows kteatime: makes sure your tea does not get too strong ktux: Tux-in-a-Spaceship screen saver kweather: display the current weather outside...