NotCVE - vendor:"Xen" product:"Xen" version:" <= 4.9.0"

Page 32 of 374 results (0.006 seconds)

CVSS: 9.9EPSS: 0%CPEs: 32EXPL: 0

CVE-2017-2620 – Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

https://notcve.org/view.php?id=CVE-2017-2620

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. Quick emulator (QEMU) en versiones anteriores a la 2.8 construido con el soporte del emulador Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de acceso fuera de límites. El problema puede ocurrir al copiar datos VGA en cirrus_bitblt_cputovideo. • http://rhn.redhat.com/errata/RHSA-2017-0328.html http://rhn.redhat.com/errata/RHSA-2017-0329.html http://rhn.redhat.com/errata/RHSA-2017-0330.html http://rhn.redhat.com/errata/RHSA-2017-0331.html http://rhn.redhat.com/errata/RHSA-2017-0332.html http://rhn.redhat.com/errata/RHSA-2017-0333.html http://rhn.redhat.com/errata/RHSA-2017-0334.html http://rhn.redhat.com/errata/RHSA-2017-0350.html http://rhn.redhat.com/errata/RHSA-2017-0351.html http://rhn • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 0

CVE-2017-2615 – Qemu: display: cirrus: oob access while doing bitblt copy backward mode

https://notcve.org/view.php?id=CVE-2017-2615

Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. Quick emulator (QEMU) con soporte integrado para el emulador Cirrus CLGD 54xx VGA es vulnerable a un problema de acceso fuera de límites. Podría ocurrir mientras se copian datos VGA mediante la copia bitblt en modo backward. • http://rhn.redhat.com/errata/RHSA-2017-0309.html http://rhn.redhat.com/errata/RHSA-2017-0328.html http://rhn.redhat.com/errata/RHSA-2017-0329.html http://rhn.redhat.com/errata/RHSA-2017-0330.html http://rhn.redhat.com/errata/RHSA-2017-0331.html http://rhn.redhat.com/errata/RHSA-2017-0332.html http://rhn.redhat.com/errata/RHSA-2017-0333.html http://rhn.redhat.com/errata/RHSA-2017-0334.html http://rhn.redhat.com/errata/RHSA-2017-0344.html http://rhn • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-10025

https://notcve.org/view.php?id=CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check. Emulación VMFUNC en Xen 4.6.x hasta la versión 4.8.x en sistemas x86 que usan extensiones de virtualización AMD (también conocidas como SVM) permite a usuarios locales HVM invitados del SO provocar una denegación de servicio (bloqueo del hipervisor) aprovechando una verificación perdida del puntero NULL. • http://www.securityfocus.com/bid/95026 http://www.securitytracker.com/id/1037518 http://xenbits.xen.org/xsa/advisory-203.html https://support.citrix.com/article/CTX219378 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-10013

https://notcve.org/view.php?id=CVE-2016-10013

Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. Xen hasta la versión 4.8.x permite a usuarios locales 64-bit x86 HVM invitados del SO obtener privilegios aprovechando el manejo incorrecto de singlestep SYSCALL durante la emulación. • http://www.debian.org/security/2017/dsa-3847 http://www.securityfocus.com/bid/94963 http://www.securitytracker.com/id/1037491 http://xenbits.xen.org/xsa/advisory-204.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

CVE-2016-9377

https://notcve.org/view.php?id=CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging IDT entry miscalculation. Xen 4.5.x hasta la versión 4.7.x en sistemas AMD sin la funcionalidad NRip, cuando se emulan instrucciones que generan interrupciones de software, permite a usuarios locales de SO huésped HVM provocar una denegación de servicio (caída del invitado) aprovechando error de cálculo de entrada IDT. • http://www.securityfocus.com/bid/94475 http://www.securitytracker.com/id/1037345 http://xenbits.xen.org/xsa/advisory-196.html https://security.gentoo.org/glsa/201612-56 • CWE-682: Incorrect Calculation •

1...30 31 32 33 34