Page 33 of 216 results (0.005 seconds)

CVSS: 5.2EPSS: 0%CPEs: 23EXPL: 0

The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to cause a denial of service (host deadlock). La hypercall XEN_DOMCTL_getmemlist en Xen 3.4.x a 4.3.x (posiblemente 4.3.1) no obtiene siempre los bloqueos page_alloc_lock y mm_rwlock en el mismo orden, lo cual permite a administradores locales invitados causar denegación de servicio (bloqueo del host). • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/11/26/8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 2.3EPSS: 0%CPEs: 34EXPL: 0

The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and earlier, when using FS: or GS: segment override, uses an uninitialized variable as a segment base, which allows local 64-bit PV guests to obtain sensitive information (hypervisor stack content) via unspecified vectors related to stale data in a segment register. La instrucción de emulación outs en Xen 3.1.x, 4.2.x, 4.3.x, y anteriores versiones, cuando se usa la anulación del segmento FS: o GS:, utiliza una variable sin inicializar como segmento base, lo que permite a usuarios locales de 64-bit PV obtener información sensible (contenido de la pila de hipervisor) a través de vectores relacionados de datos obsoletos en un registro del segmento. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://rhn.redhat.com/errata/RHSA-2013-1449.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/10 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.1EPSS: 0%CPEs: 23EXPL: 0

The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for the source effective address, which allows local HVM guests to obtain hypervisor stack information by reading the values used by the instruction. La emulación de la instrucción fbld en Xen 3.3.x a 4.3.x no usa la variable correcta para la dirección de origen efectiva, lo cual permite a invitados HVM locales obtener información de la pila del hypervisor mediante la lectura de valores usados por la instrucción. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09/30/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.3EPSS: 0%CPEs: 33EXPL: 0

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. Xen v4.3.x y anterior no maneja correctamente ciertos errores, lo que permite a invitados locales HVM conseguir la memoria de la pila del hypervisor a través de un puerto o escritura de memoria mapeada de I/O u otra operación no especificada relacionada con direcciones sin memoria asociada. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://rhn.redhat.com/errata/RHSA-2013-1790.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 1.2EPSS: 0%CPEs: 16EXPL: 0

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers. Xen 4.0 a 4.3.x, cuando se usan CPUs con capacidad AVX o LWP, no borra apropiadamente datos anteriores de registros al usar XSAVE o XRSTOR para extender el estado de los componentes de una vCPU guardada o restaurada después de tocar otros registros extendidos restaurados, lo cual permite a Sistemas Operativos huésped obtener información sensible mediante lectura de los registros. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09/25/2 http://www.securitytracker.com/id/1029090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •