Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-045)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - hw: Special Register Buffer Data Sampling SRBDS. Note that Tenable Network Security has extracted the...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-037)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause...

Virtuozzo 7 : readykernel-patch (VZA-2019-085)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - 3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21 Page cache side channel attacks via mincore. It was discovered...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-011)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Kernel: KVM: OOB memory access via mmio ring buffer. This issue is not critical for Virtuozzo 6.0, as it do...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - hw: Machine Check Error on Page Size Change IFU - hw: Intel GPU blitter manipulation can allow for...

Virtuozzo 7 : readykernel-patch (VZA-2018-045)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an...

Design/Logic Flaw

The openbyhandleat function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAPDACREADSEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem...

CVE-2014-3519

The CVE-2014-3519 details: OpenVZ modification for the Linux kernel 2.6.32, before 042stab090.5, with simfs, exposes open_by_handle_at in vzkernel to local container users with CAP_DAC_READ_SEARCH, bypassing container protections and enabling access to arbitrary files via file_handle-related vect...

CVE-2014-3519

The openbyhandleat function in vzkernel before 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAPDACREADSEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-002)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-114)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resources...

Virtuozzo 7 : readykernel-patch (VZA-2017-109)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resources associated with th...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-107)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A use-after-free vulnerability was found when issuing an ioctl to a sound device. This could allow a user t...

Virtuozzo 7 : readykernel-patch (VZA-2017-099)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was found that fanoutadd in 'net/packet/afpacket.c' in the Linux kernel, before version 4.13.6, allows local users ...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-090)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-085)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Kernel crash due to missing error handling for negatively instantiated keys. - A stack buffer overflow...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-061)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - An updated fix for CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations. The fix...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-037)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for t...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-031)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - It was found that keyctlsetreqkeykeyring function leaked thread keyring which could allow an unprivileged...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-001)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - Fixed handling of stored error in a negatively instantiated user key. Key management subsystems could be...