8 matches found
EUVD-2017-14038
Malware in sbrugna...
kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...
Hashicorp Packer 安全漏洞
HashiCorp Hashicorp Packer is a free and open source tool from the US company HashiCorp. It is used to create gold images for multiple platforms from a single source configuration. A security vulnerability exists in Hashicorp Packer versions prior to 2.3.1, which stems from the fact that the...
DEBIAN-CVE-2021-41103
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory...
Kernel: KVM: OOB memory access via mmio ring buffer
An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host user-space...
Kernel: KVM: OOB memory access via mmio ring buffer
An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host user-space...
CVE-2017-4922
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical...
Information disclosure
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical...