14 matches found
EUVD-2017-11772
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-2596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS...
Kernel: KVM: leak of uninitialized stack contents to guest
An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object hold...
EulerOS Virtualization 2.5.3 : kvm (EulerOS-SA-2019-1369)
According to the version of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructio...
Denial Of Service (DoS)
Linux kernel is vulnerable to denial of service DoS attacks. This occurs while emulating VMXON instruction in 'handlevmon' improperly. An L1 guest user could use this flaw to leak host memory potentially resulting in a system crash...
Kernel: kvm: page reference leakage in handle_vmon
Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...
USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...
USN-3312-2 linux-lts-xenial vulnerabilities
USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did no...
USN-3312-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAPNETADMIN capability could use this to expose sensitive information or cause a denial of service. CVE-2016-7917 Qian Zhang discovered a heap-based...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3312-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3312-1 advisory. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the...
DEBIAN-CVE-2017-2596
The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...
CVE-2017-2596
CVE-2017-2596 affects the Linux kernel’s KVM VMX handling. The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c through kernel 4.9.8 incorrectly emulates the VMXON instruction, enabling a local L1 guest user to cause host memory exhaustion and a denial of service by abusing mishandled page r...
CVE-2017-2596
The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...
UBUNTU-CVE-2017-2596
The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...