Lucene search
K

171 matches found

OSV
OSV
added 2018/11/20 12:0 a.m.9 views

UBUNTU-CVE-2018-19407

The vcpuscanioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service NULL pointer dereference and BUG via crafted system calls that reach a situation where ioapic is uninitialized...

5.5CVSS6.7AI score0.00477EPSS
Exploits0References12
OSV
OSV
added 2017/07/05 1:29 a.m.5 views

ALPINE-CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

7.5CVSS6.5AI score0.01349EPSS
Exploits0References1
OSV
OSV
added 2017/07/05 1:29 a.m.2 views

DEBIAN-CVE-2017-10923

Xen through 4.8.x does not validate a vCPU array index upon the sending of an SGI, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-225...

6.5CVSS6.5AI score0.01804EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/05 12:0 a.m.7 views

Xen vCPU context-switch implementation process security bypass vulnerability

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. A security vulnerability in Xen's vCPU context-switch implementation allows an attacker to exploit the vulnerability to compromise ASLR and other protection mechanisms...

7.5CVSS6.7AI score0.01349EPSS
Exploits0References1
OSV
OSV
added 2016/06/27 10:59 a.m.2 views

DEBIAN-CVE-2016-3713

The msrmtrrvalid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvmarchvcpu data structure, and consequently obtain sensitive information or cause a denial of service system crash, via a crafted ioctl call...

7.1CVSS7.1AI score0.00345EPSS
Exploits0References1
OSV
OSV
added 2012/11/21 11:55 p.m.4 views

DEBIAN-CVE-2012-4535

Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service Xen infinite loop and physical CPU consumption by setting a VCPU with an "inappropriate deadline."...

1.9CVSS7.9AI score0.00385EPSS
Exploits0References1
Xen Project
Xen Project
added 2012/11/13 11:56 a.m.10 views

Timer overflow DoS vulnerability

ISSUE DESCRIPTION A guest which sets a VCPU with an inappropriate deadline can cause an infinite loop in Xen, blocking the affected physical CPU indefinitely. IMPACT A malicious guest administrator can trigger the bug. If the Xen watchdog is enabled, the whole system will crash. Otherwise the gue...

1.9CVSS7.2AI score0.00385EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/05/18 12:0 a.m.36 views

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1445-1)

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user coul...

7.2CVSS6.7AI score0.00418EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2012/05/15 8:55 p.m.7 views

kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service NULL pointer dereference and host OS crash by making a KVMCREATEIRQCHIP ioctl call after a virtual CPU already exists...

4.9CVSS6.7AI score0.00411EPSS
Exploits1References4
OSV
OSV
added 2012/03/29 12:0 a.m.4 views

UBUNTU-CVE-2012-1601

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service NULL pointer dereference and host OS crash by making a KVMCREATEIRQCHIP ioctl call after a virtual CPU already exists...

4.9CVSS6.7AI score0.00411EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2009/10/29 12:0 a.m.4 views

PT-2009-5912 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.32-rc1 Description: The issue is related to the KVM subsystem in the Linux kernel, where the update cr8 intercept function does not properly handle the absence of an Advanced Programmable Interrupt Controlle...

4.9CVSS6.5AI score0.00382EPSS
Exploits0References7
Rows per page
Query Builder