[SECURITY] [DSA 4469-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4469-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2019 https://www.debian.org/security/faq -...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of service vulnerability. The vulnerability exists in Linux kernel built with KVM virtualisationCONFIGKVM support with Virtual Function I/O feature CONFIGVFIO enabled. A malicious guest device could send a virtual interrupt guest IRQ with a larger 1024 index...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1498)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow vulnerability was found in the ringbufferresize calculations in which a privileged user can adjust the size o...

Arbitrary Code Execution

kernel-rt is vulnerable to arbitrary code execution attacks. The vulnerability exists as arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users...

[SECURITY] [DSA 4137-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4137-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 14, 2018 https://www.debian.org/security/faq -...

kernel-tmb update provides 4.14 series and fixes security vulnerabilities

This kernel-tmb update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in...

MGASA-2018-0062 kernel update provides 4.14 series and fixes security vulnerabilities

This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...

kernel-linus update provides 4.14 series and fixes security vulnerabilities

This kernel-linus update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function i...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1271)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to...

Virtuozzo 7 : readykernel-patch (VZA-2017-098)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel built with the KVM virtualisation support CONFIGKVM, with nested virtualisation nVMX feature enabled...

[SECURITY] [DSA 4003-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4003-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 19, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4003-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4003-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 19, 2017 https://www.debian.org/security/faq -...

Stack overflow

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service incorrect index...

CVE-2017-12188

CVE-2017-12188 affects arch/x86/kvm/mmu.c in the Linux kernel up to 4.13.5 where nested virtualization can mis-traverse guest page tables, enabling L1 guests to run arbitrary host code or trigger host denial of service. Connected advisories ( MiracleLinux AXSA-2018-2625, Unity Linux UTSA advisori...

CVE-2017-12188

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service incorrect index...

CVE-2017-12188

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service incorrect index...

[SECURITY] [DSA 3613-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3613-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3519-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3519-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3519-1 (xen - security update)

Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information disclosure. The oldstable distribution wheezy will be updated in a separate DSA. OpenVAS Vulnerability Test $Id: deb3519.nasl 8008 2017-12-06 10:53:07Z teissa $...

Debian DSA-3454-1 : virtualbox - security update

Multiple vulnerabilities have been discovered in VirtualBox, an x86 virtualisation solution. Upstream support for the 4.1 release series has ended and since no information is available which would allow backports of isolated security fixes, security support for virtualbox in wheezy/oldstable need...