20 matches found
MINI-VM86-XW8F-R4HR
Bulletin has no description...
MINI-5VR7-VM86-42G8
Bulletin has no description...
CVE-2024-50072
In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...
AZL-52077 CVE-2024-50072 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...
CVE-2024-50072
CVE-2024-50072 affects the Linux kernel on x86 where VERW is used. The issue can trigger a general protection fault (#GP) in 32-bit vm86 contexts when VERW mitigations (e.g., MDS/RFDS) are enabled and the code segment selector is not properly referenced. The root cause is using VERW with an arbit...
SUSE CVE-2016-9382
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service guest OS crash by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode...
Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from userspace for emulating o...
ALPINE-CVE-2016-9382
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service guest OS crash by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode...
DEBIAN-CVE-2016-9382
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service guest OS crash by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode...
Design/Logic Flaw
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service guest OS crash by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode...
CVE-2016-9382
Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service guest OS crash by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode...
Debian DSA-3729-1 : xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-7777 XSA-190 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially...
Fedora 24 : xen (2016-95c104a4c6)
xen : various security flaws 1397383 x86 null segments not always treated as unusable XSA-191, CVE-2016-9386 x86 task switch to VM86 mode mis-handled XSA-192, CVE-2016-9382 x86 segment base write emulation lacking canonical address checks XSA-193, CVE-2016-9385 x86 64-bit bit test instruction...
FreeBSD : xen-kernel -- x86 task switch to VM86 mode mis-handled (523bb0b7-ba4d-11e6-ae1b-002590263bf5)
The Xen Project reports : LDTR, just like TR, is purely a protected mode facility. Hence even when switching to a VM86 mode task, LDTR loading needs to follow protected mode semantics. This was violated by the code. On SVM AMD hardware: a malicious unprivileged guest process can escalate its...
Debian DLA-720-1 : xen security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-9379, CVE-2016-9380 XSA-198 pygrub, the boot loader emulator, fails to quote or sanity check its results when reporting them to its...
x86 task switch to VM86 mode mis-handled
ISSUE DESCRIPTION LDTR, just like TR, is purely a protected mode facility. Hence even when switching to a VM86 mode task, LDTR loading needs to follow protected mode semantics. This was violated by the code. IMPACT On SVM AMD hardware: a malicious unprivileged guest process can escalate its...
xen-kernel -- x86 task switch to VM86 mode mis-handled
The Xen Project reports: LDTR, just like TR, is purely a protected mode facility. Hence even when switching to a VM86 mode task, LDTR loading needs to follow protected mode semantics. This was violated by the code. On SVM AMD hardware: a malicious unprivileged guest process can escalate its...
Linux Kernel vm86 Syscall不能处理FPU异常本地拒绝服务漏洞
Linux Kernel是一款开源的Linux操作系统。 Linux Kernel VM86系统调用存在一个安全漏洞,在任务切换过程中存在不能处理FPU异常,允许本地攻击者可以利用漏洞使系统崩溃。 0 Linux Kernel 目前没有详细解决方案提供: https://kernel.org/ / This software is provided by the copyright owner "as is" and any expressed or implied warranties, including, but not limited to, the implied...
Vm86 - Syscall Task Switch Kernel Panic (Denial of Service) Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic Denial of Service Privilege Escalation Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from...
Vm86 - Syscall Task Switch Kernel Panic Denial of Service / Privilege Escalation
Source: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ Introduction Problem description: The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from userspace for emulating of old 8086 software as done with dosemu, was prone to...