Page 380 of 2992 results (0.017 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references. La función nested_vmx_check_vmptr en arch/x86/kvm/vmx.c en el kernel de Linux hasta la versión 4.9.8 emula indebidamente la instrucción VMXON, lo que permite a usuarios del SO invitado KVM L1 provocar una denegación de servicio (consumo de memoria del SO anfitrión) aprovechando el manejo incorrecto de referencia de páginas. Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handle_vmon'. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS. • http://www.debian.org/security/2017/dsa-3791 http://www.openwall.com/lists/oss-security/2017/01/31/4 http://www.securityfocus.com/bid/95878 https://access.redhat.com/errata/RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:2077 https://bugzilla.redhat.com/show_bug.cgi?id=1417812 https://access.redhat.com/security/cve/CVE-2017-2596 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application. La implementación de load_segment_descriptor en arc/x86/kvm/emulate.c en el kernel de Linux en versiones anteriores a 4.9.5 emula indebidamente una instrucción "MOV SS, NULL selector", lo que permite a usuarios del SO invitado provocar una denegación de servicio (caída del SO invitado) u obteniendo privilegios de SO invitado a través de una aplicación manipulada. Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3 http://www.debian.org/security/2017/dsa-3791 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 http://www.openwall.com/lists/oss-security/2017/01/19/2 http://www.securityfocus.com/bid/95673 https://access.redhat.com/errata/RHSA-2017:1615 https://access.redhat.com/errata/RHSA-2017:1616 https://bugzilla.redhat.com/show_bug.cgi?id=1414735 https:/ • CWE-250: Execution with Unnecessary Privileges •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

include/linux/init_task.h in the Linux kernel before 2.6.35 does not prevent signals with a process group ID of zero from reaching the swapper process, which allows local users to cause a denial of service (system crash) by leveraging access to this process group. include/linux/init_task.h en el kernel de Linux en versiones anteriores a 2.6.35 no impide que las señales con un ID de grupo de proceso de cero alcancen el proceso swapper, lo que permite a usuarios locales provocar una denegación de servicio (caída del sistema) aprovechando el acceso a este grupo de procesos. • http://ftp.naist.jp/pub/linux/kernel/v2.6/ChangeLog-2.6.35 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f106eee10038c2ee5b6056aaf3f6d5229be6dcdd http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f20011457f41c11edb5ea5038ad0c8ea9f392023 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fa2755e20ab0c7215d99c2dc7c262e98a09b01df http://www.openwall.com/lists/oss-security/2017/01/21/2 http://www.securityfocus.com/bid/97103 http • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call. La función vc4_get_bcl en drivers/gpc/drm/vc4/vc4_gem.c en el controlador VideoCore DRM en el kernel de Linux en versiones anteriores a 4.9.7 no establece un valor errno sobre ciertas detecciones de desbordamiento, lo que permite a usuarios locales provocar una denegación de servicio (referencia incorrecta al puntero y OOPS) a través de valores de tamaño inconsistentes en una llamada ioctl VC4_SUBMIT_CL. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b8ac63847bc2f958dd93c09edc941a0118992d9 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.7 http://www.openwall.com/lists/oss-security/2017/01/21/7 http://www.securityfocus.com/bid/95765 https://bugzilla.redhat.com/show_bug.cgi?id=1416437 https://github.com/torvalds/linux/commit/6b8ac63847bc2f958dd93c09edc941a0118992d9 https://lkml.org/lkml/2017/1/17/759 • CWE-388: 7PK - Errors •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log. La función klsi_105_get_line_state en drivers/usb/serial/kl5kusb105.c en el kernel de Linux en versiones anteriores a 4.9.5 coloca los contenidos de memoria de pila no inicializados en una entrada de registro sobre un fallo para leer el estado de la línea, lo que permite a usuarios locales obtener información sensible leyendo el registro. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410 http://www.debian.org/security/2017/dsa-3791 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 http://www.openwall.com/lists/oss-security/2017/01/21/3 http://www.securityfocus.com/bid/95715 https://bugzilla.redhat.com/show_bug.cgi?id=1416114 https://github.com/torvalds/linux/commit/146cc8a17a3b4996f6805ee5c080e7101277c410 https://usn.ubuntu.com/3754-1 • CWE-532: Insertion of Sensitive Information into Log File •