4 matches found
CVE-2019-3900
CVE-2019-3900 is an upstream Linux kernel vulnerability in the vhost_net module causing an infinite loop while handling incoming packets in handle_rx(), which can allow a guest user to stall the vhost_net kernel thread and trigger a DoS. The issue is present in Linux kernel releases up to and inc...
CVE-2019-3882
CVE-2019-3882 affects the Linux kernel vfio interface: a local user owning a vfio device could abuse DMA mappings to memory and exhaust system memory, enabling a denial of service. Publicly available connected documents confirm the vulnerability and its DoS impact; Debian and other advisories inc...
CVE-2019-3901
CVE-2019-3901 describes a race condition in perf_event_open() that can leak data from setuid processes. The root cause is that cred_guard_mutex is not held during the ptrace_may_access() check, allowing a target task to execve() with setuid execution before perf_event_alloc() attaches, bypassing ...
CVE-2016-5711
NetApp Virtual Storage Console for VMware vSphere is affected by CVE-2016-5711. Before version 6.2.1, it uses a non-unique certificate, enabling remote attackers to perform man-in-the-middle attacks via unspecified vectors. The connected sources confirm the vulnerable version range and the MITM r...