304 matches found
IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2021-03028)
IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. An information disclosure vulnerability exists in IBM Spectrum Protect Plus 10.1.0-10.1.6. An attacker could...
Defining Cloud Workload Protection
Organizations are now turning to an increasingly hybrid cloud infrastructure model to support remote workforces, a trend that has accelerated significantly amid the recent global health crisis. This presents a new challenge as cloud environments both private and public require a purpose-built...
microcode_ctl security, bug fix and enhancement update
3:1.17-33.26.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - set earlymicrocode='no' in virtualized guests to avoid early load...
microcode_ctl security, bug fix and enhancement update
2:2.1-61.6.0.1 - update 06-2d-07 to 0x71a - update 06-55-04 to 0x2006906 - update 06-55-07 to 0x5002f01 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 - do not late...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in fixuppagefault in the Xen hypervisor implementation. If a 64-bit para-virtualized guest accessed a certain area of memory, it could cause a denial of service on the host system running the Xen hyperviso...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A flaw was found in the Xen hypervisor implementation when running a system that has an Intel CPU without Extended Page Tables EPT support. While attempting to dump information about a crashing fully-virtualized guest, the flaw could cause the hypervisor...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as a possible hypervisor panic was found in the Linux kernel. A privileged user of a fully virtualized guest could initiate a stress-test File Transfer Protocol FTP transfer between the guest and the hypervisor, possibly...
Denial Of Service (DoS)
xen is vulnerable to denial of service DoS. The vulnerability exists as it was discovered that the hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description properly. This could allow a privileged user in the unprivileged domain DomU to cause...
Information Disclosure
xen is vulnerable to information disclosure. The vulnerability exists as a flaw was found in the QEMU block format auto-detection, when running fully-virtualized guests and using Qemu images written on removable media USB storage, 3.5" disks. Privileged users of such fully-virtualized guests DomU...
Information Disclosure
xen is vulnerable to information disclosure. A security vulnerability was discovered in the QEMU block format auto-detection, when running fully-virtualized guests. Such fully-virtualized guests, with a raw formatted disk image, were able to write a header to that disk image describing another...
Denial Of Service (DoS)
xen is vulnerable to denial of service. The hypervisor's para-virtualized framebuffer PVFB backend failed to validate the frontend's framebuffer description. This could allow a malicious user to cause a denial of service, or to use a specially crafted frontend to compromise the privileged domain...
Privilege Escalation
e2fsprogs is vulnerable to privilege escalation. The vulnerability exists when a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized...
CVE-2019-14283
A vulnerability was found in the Linux kernel’s floppy disk driver implementation. A local attacker with access to the floppy device could call setgeometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw ma...
Fedora Update for cobbler FEDORA-2019-502f1a2c67
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
microcode_ctl security update
3:1.17-33.19.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618737 3:1.17-33.19.0.1 - merge Oracle changes for early load via dracut - enable late load on install for UEK4 kernels marked safe except BDW-79 - update 06-55-04 to 0x2000065 - update 06-55-07 to...
microcode_ctl security update
2:2.1-53.3.0.4 - set earlymicrocode='no' in virtualized guests to avoid early load bugs Orabug: 30618736 2:2.1-53.3.0.1 - do not late load prior to 3.10.0 - ensure late loading fixes are present on 4.1.12- and 4.14.35- - enable early loading on 06-4f-01 - update 06-55-04 to 0x2000065 - update...
CVE-2019-17347
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...
CVE-2019-17347
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...
[SECURITY] Fedora 29 Update: cobbler-2.8.5-0.1.fc29
Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing...