CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 0CVE-2017-2615 – Qemu: display: cirrus: oob access while doing bitblt copy backward mode
https://notcve.org/view.php?id=CVE-2017-2615
21 Feb 2017 — Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. Quick emulator (QEMU) con soporte integrado para el emulador Cirrus CLGD 54xx VGA es vulnerable a un problema de acceso fuera ... • http://rhn.redhat.com/errata/RHSA-2017-0309.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10013 – Debian Security Advisory 3847-1
https://notcve.org/view.php?id=CVE-2016-10013
26 Jan 2017 — Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Xen hasta la versión 4.8.x permite a usuarios locales 64-bit x86 HVM invitados del SO obtener privilegios aprovechando el manejo incorrecto de singlestep SYSCALL durante la emulación. Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information ... • http://www.debian.org/security/2017/dsa-3847 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.3EPSS: 0%CPEs: 45EXPL: 0CVE-2016-9932 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-9932
02 Jan 2017 — CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix. Emulación CMPXCHG8B en Xen 3.3.x hasta la versión 4.7.x en sistemas x86 permite a usuarios locales HVM invitados del SO obtener información sensible de la memoria basada en pila del anfitrión a través de un prefijo de tamaño de operando "supuestamente ignorado". Jan Beulich and Jann Horn discovered multiple vulner... • http://www.debian.org/security/2017/dsa-3847 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.0EPSS: 0%CPEs: 20EXPL: 0CVE-2016-9385 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-9385
02 Jan 2017 — The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks. La funcionalidad de emulación de escritura de base de segmento x86 en Xen 4.4.x hasta la versión 4.7.x permite a administradores locales del SO invitado x86 PV provocar una denegación de servicio (caída del host) aprovechando la falta de verificación de direcciones canónicas. Multiple vulnerabilitie... • http://www.securityfocus.com/bid/94472 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2016-9378 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-9378
02 Jan 2017 — Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery. Xen 4.5.x hasta la versión 4.7.x en sistemas AMD sin la funcionalidad NRip, cuando se emulan instrucciones que generan interrupciones de software, permite a usuarios locales de SO huésped HVM provocar una denegación de servicio (caída del inv... • http://www.securityfocus.com/bid/94475 • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2016-10024 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-10024
02 Jan 2017 — Xen through 4.8.x allows local x86 PV guest OS kernel administrators to cause a denial of service (host hang or crash) by modifying the instruction stream asynchronously while performing certain kernel operations. Xen hasta la versión 4.8.x permite a administradores del kernel locales x86 PV invitados del SO provocar una denegación de servicio (cuelgue del anfitrión o caída) modificando el flujo de instrucciones asincrónicamente mientras se llevan a cabo ciertas operaciones del kernel. Jan Beulich and Jann ... • http://www.debian.org/security/2017/dsa-3847 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 43EXPL: 0CVE-2016-9382 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-9382
02 Jan 2017 — Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode. Xen 4.0.x hasta la versión 4.7.x administra mal los conmutadores de tareas x86 para el modo VM86, lo que permite a usuarios locales del SO invitado x86 HVM de 32-bit obtener privilegios o provocar una denegación de... • http://www.securityfocus.com/bid/94470 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2016-9377 – Gentoo Linux Security Advisory 201612-56
https://notcve.org/view.php?id=CVE-2016-9377
02 Jan 2017 — Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. Xen 4.5.x hasta la versión 4.7.x en sistemas AMD sin la funcionalidad NRip, cuando se emulan instrucciones que generan interrupciones de software, permite a usuarios locales de SO huésped HVM provocar una denegación de servicio (caída del invitado) aprovechando error d... • http://www.securityfocus.com/bid/94475 • CWE-682: Incorrect Calculation •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7777 – Gentoo Linux Security Advisory 201611-09
https://notcve.org/view.php?id=CVE-2016-7777
07 Oct 2016 — Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which allows local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it. Xen 4.7.x y versiones anteriores no respeta adecuadamente CR0.TS y CR0.EM, lo que permite a usuarios locales x86 HVM del SO invitado leer o modificar información del estado de registro FPU, MMX o XMM que pertenece a tareas a... • http://www.securityfocus.com/bid/93344 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7093 – Gentoo Linux Security Advisory 201611-09
https://notcve.org/view.php?id=CVE-2016-7093
21 Sep 2016 — Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation. Xen 4.5.3, 4.6.3 y 4.7.x permiten a administradores locales del SO invitado HVM sobreescribir memoria del hipervisor y consecuentemente obtener privilegios del SO anfitrión aprovechando el mal manejo del truncamiento del puntero de instrucción durante la emulación. Multiple vulnerabilities hav... • http://support.citrix.com/article/CTX216071 • CWE-264: Permissions, Privileges, and Access Controls •