Page 29 of 267 results (0.005 seconds)

CVSS: 2.1EPSS: 0%CPEs: 37EXPL: 0

CVE-2015-7971

https://notcve.org/view.php?id=CVE-2015-7971

Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, which are not properly handled in the do_xenoprof_op function in common/xenoprof.c, or (2) HYPERVISOR_xenpmu_op hypercalls, which are not properly handled in the do_xenpmu_op function in arch/x86/cpu/vpmu.c. Xen 3.2.x hasta la versión 4.6.x no limita el número de mensajes de la consola printk cuando incia sesión cierto pmu y hypercalls de perfilado, lo que permite a invitados locales provocar una denegación de servicio a través de una secuencia de hypercalls manipuladas (1) HYPERCALL_xenoprof_op, que no son manejadas adecuadamente en la función do_xenoprof_op en common/xenoprof.c o (2) HYPERVISOR_xenpmu_op, que no son manejadas adecuadamente en la función do_xenpmu_op en arch/x86/cpu/vpmu.c. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html http://support.citrix.com/article/CTX202404 http://www.debian.org/security/2015/dsa-3414 http://www.securityfocus.com/bid/77363 http://www.securitytracker.com/id/1034035 http://xenbits. • CWE-19: Data Processing Errors •

CVSS: 2.1EPSS: 0%CPEs: 30EXPL: 0

CVE-2015-7972

https://notcve.org/view.php?id=CVE-2015-7972

The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors related to "heavy memory pressure." La función (1) libxl_set_memory_target en tools/libxl/libxl.c y (2) libxl__build_post en tools/libxl/libxl_dom.c en Xen 3.4.x hasta la versión 4.6.x no calcula correctamente el tamaño del globo cuando utilizan el sistema populate-on-demand (PoD), lo que permite a usuarios invitados HVM locales provocar una denegación de servicio (caída de invitados) a través de vectores no especificados relacionados con 'heavy memory pressure.' • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171082.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171185.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171249.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html http://support.citrix.com/article/CTX202404 http://www.debian.org/security/2015/dsa-3414 http://www.securityfocus.com/bid/77365 http://www.securitytracker.com/id/1034036 http://xenbits. • CWE-399: Resource Management Errors •

CVSS: 3.6EPSS: 0%CPEs: 23EXPL: 0

CVE-2015-7311

https://notcve.org/view.php?id=CVE-2015-7311

libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. libxl en Xen 4.1.x hasta la versión 4.6.x no maneja correctamente el indicador de solo lectura en los discos cuando se utiliza el dispositivo modelo qemu-xen, lo que permite a usuarios invitados locales escribir a una imagen de disco de sólo lectura. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167077.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html http://www.debian.org/security/2015/dsa-3414 http://www.securityfocus.com/bid/76823 http://www.securitytracker.com/id/1033633 http://xenbits.xen.org/xsa/advisory-142.html https:// • CWE-17: DEPRECATED: Code •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

CVE-2015-5166

https://notcve.org/view.php?id=CVE-2015-5166

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. Vulnerabilidad de uso después de liberación en la memoria en QEMU en Xen 4.5.x y versiones anteriores, no desconecta completamente los dispositivos de bloque emulados, lo que permite a usuarios invitados HVM locales obtener privilegios desconectando un dispositivo de bloque dos veces. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html http://www.securityfocus.com/bid/76152 http://www.securitytracker.com/id/1033175 http://xenbits.xen.org/xsa/advisory-139.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 0%CPEs: 65EXPL: 0

CVE-2015-5165 – Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)

https://notcve.org/view.php?id=CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors. Vulnerabilidad en la emulación de modo offload C+ en el modelo de tarjeta de red del dispositivo RTL8139 en QEMU, tal y como se utiliza en Xen 4.5.x y versiones anteriores, permite a atacantes remotos leer la memoria dinámica del proceso a través de vectores no especificados. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html http://rhn.redhat.com/errata/RHSA-2015-1674.html http://rhn.redhat.com/errata/RHSA-2015-1683.html http: • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •