EUVD-2015-2261

Malware in sbrugna...

EUVD-2010-0450

Malware in sbrugna...

EUVD-2010-0329

Malware in sbrugna...

CBL Mariner 2.0 Security Update: kernel (CVE-2010-0298)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-0298 advisory. - The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in...

SUSE CVE-2010-0306

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not use the Current Privilege Level CPL and I/O Privilege Level IOPL to restrict instruction execution, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the...

SUSE CVE-2010-0419

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not properly restrict writing of segment selectors to segment registers, which might allow guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging...

GSD-2022-1002875 KVM: x86: avoid calling x86 emulator without a decoded instruction

KVM: x86: avoid calling x86 emulator without a decoded instruction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.2 by commit...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.307.3.5 - KVM: x86: avoid calling x86 emulator without a decoded instruction Sean Christopherson Orabug: 34211496 CVE-2022-1852...

UVI-2021-1000999 KVM: X86: Fix x86_emulator slab cache leak

KVM: X86: Fix x86emulator slab cache leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.46 by commit...

The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region a related issue to CVE-2010-0306.

...

Microsoft MsMpEng - mpengine x86 Emulator Heap Corruption in VFS API Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1282&desc=2 In issue 1260 I discussed Microsoft's "apicall" instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in al...

Microsoft Malware Protection Engine < 1.1.13804 Multiple Vulnerabilities

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13804.0. It is, therefore, affected by multiple vulnerabilities : - Multiple denial of service vulnerabilities exist due to improper scanning of specially crafted files. An unauthenticated...

Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands

Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1260 MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT...

CVE-2016-9386

The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values...

FreeBSD : xen-kernel -- x86 null segments not always treated as unusable (50ac2e96-ba4d-11e6-ae1b-002590263bf5)

The Xen Project reports : The Xen x86 emulator erroneously failed to consider the unusability of segments when performing memory accesses. The intended behaviour is as follows: The user data segment %ds, %es, %fs and %gs selectors may be NULL in 32-bit to prevent access. In 64-bit, NULL has a...

Debian DLA-720-1 : xen security update

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-9379, CVE-2016-9380 XSA-198 pygrub, the boot loader emulator, fails to quote or sanity check its results when reporting them to its...

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=738 A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated...

Comodo Antivirus - Integer Overflow Leading to Heap Overflow in Win32 Emulation

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=738 A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated programs CreateFile...

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=738 A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated programs CreateFile, LoadLibrary, etc. The emulator itself is located ...

Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans

Exploit for windows platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=769 Comodo Antivirus includes a x86 emulator that is used to unpack and monitor obfuscated executables, this is common practice among antivirus products. The idea is that...