2 matches found
CVE-2013-2239
The CVE affects vzkernel in the OpenVZ modification of Linux kernel 2.6.32, where uninitialized length variables in two paths allow local information disclosure from kernel stack memory. The vulnerable components are: (1) ploop_getdevice_ioc in drivers/block/ploop/dev.c (via a crafted ploop ioctl...
CVE-2014-3519
The CVE-2014-3519 details: OpenVZ modification for the Linux kernel 2.6.32, before 042stab090.5, with simfs, exposes open_by_handle_at in vzkernel to local container users with CAP_DAC_READ_SEARCH, bypassing container protections and enabling access to arbitrary files via file_handle-related vect...