171 matches found
UBUNTU-CVE-2018-19407
The vcpuscanioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service NULL pointer dereference and BUG via crafted system calls that reach a situation where ioapic is uninitialized...
ALPINE-CVE-2017-10916
The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...
DEBIAN-CVE-2017-10923
Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...
Xen vCPU context-switch implementation process security bypass vulnerability
Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability in Xen's vCPU context-switch implementation allows an attacker to exploit the vulnerability to compromise ASLR and other protection mechanisms...
DEBIAN-CVE-2016-3713
The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...
DEBIAN-CVE-2012-4535
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service Xen infinite loop and physical CPU consumption by setting a VCPU with an "inappropriate deadline."...
Timer overflow DoS vulnerability
ISSUE DESCRIPTION A guest which sets a VCPU with an inappropriate deadline can cause an infinite loop in Xen, blocking the affected physical CPU indefinitely. IMPACT A malicious guest administrator can trigger the bug. If the Xen watchdog is enabled, the whole system will crash. Otherwise the gue...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1445-1)
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user coul...
kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency
The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service NULL pointer dereference and host OS crash by making a KVMCREATEIRQCHIP ioctl call after a virtual CPU already exists...
UBUNTU-CVE-2012-1601
The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service NULL pointer dereference and host OS crash by making a KVMCREATEIRQCHIP ioctl call after a virtual CPU already exists...
PT-2009-5912 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32-rc1 Description: The issue is related to the KVM subsystem in the Linux kernel, where the update cr8 intercept function does not properly handle the absence of an Advanced Programmable Interrupt Controlle...