2 matches found
CVE-2014-8165
CVE-2014-8165 affects the powerpc-utils-python package used by PowerKVM. The root cause is unsafe use of Python’s Pickle in amsnet.py (AMS server/client path), enabling remote code execution when unpickled data is processed. IBM bulletin lists PowerKVM 2.1 and 3.1 as affected; remediation is to u...
CVE-2014-4040
The CVE-2014-4040 issue affects powerpc-utils, where the snap utility can generate an archive containing fstab and yaboot.conf with cleartext passwords. This could allow local/remote exposure of sensitive data if an attacker gains access to the archive via a data stream. Red Hat and SUSE advisori...