Page 49 of 390 results (0.010 seconds)

CVSS: 1.9EPSS: 0%CPEs: 4EXPL: 0

Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY environment variable, when compiled with SDL support, or connecting to the VNC server on (2) ::1 or (3) 127.0.0.1, when not compiled with SDL support. Xen 4.5.x y anteriores capacita a ciertos backends por defecto cuando emula un dispositivo VGA para una gemu invitado de x86 HVM incluso cuando la configuración las descapacite, lo que permite a usuarios locales invitados obtener acceso a la consola VGA mediante (1) la configuración de la variable de entorno DISPLAY, cuando esté compilada con el soporte SDL, o la conexión al servidor VNC server en (2) ::1 o (3) 127.0.0.1, cuando no esté compilado con el soporte SDL. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://www.securityfocus.com/bid/73068 http://www.securitytracker.com/id/1031806 http://www.securitytracker.com/id/1031919 http://xenbits.xen.org/xsa/advisory-119.html https://security& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.9EPSS: 0%CPEs: 32EXPL: 0

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response. Xen 3.3.x hasta la versión 4.5.x y en el kernel de Linux hasta la versión 3.19.1 no restringe adecuadamente el acceso al registro de comandos PCI, lo que podría permitir a usuarios locales del SO invitados provocar una denegación de servicio (interrupción no enmascarable y caída del host) deshabilitando (1) la memoria o (2) la descodificación I/O para un dispositivo PCI Express posteriormente accediendo al dispositivo, lo que desencadena una respuesta Unsupported Request (UR). • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=af6fc858a35b90e89ea7a7ee58e66628c55c776b http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155804.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155854.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155908.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00001.html http • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.1EPSS: 0%CPEs: 38EXPL: 0

The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors. La hiperllamada HYPERVISOR_xen_version en Xen 3.2.x hasta 4.5.x ni inicializa correctamente las estructuras de datos, lo que permite a usuarios locales invitados obtener información sensible a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://support.citrix.com/article/CTX200484 http://www.debian.org/security/2015/dsa-3181 http://www.securityfocus.com/bid/72955 http://www.securitytracker.com/id/1031806 http://www. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.2EPSS: 0%CPEs: 38EXPL: 0

The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors. El emulador x86 en Xen 3.2.x hasta 4.5.x no ignora correctamente las anulaciones de segmentos para instrucciones con operandos del registro, lo que permite a usuarios locales invitados obtener información sensible, causar una denegación de servicio (corrupción de memoria), o posiblemente ejecutar código arbitrario a través de vectores no especificados. It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://support.citrix.com/article/CTX200484 http://www.debian.org/security/2015/dsa-3181 http://www.oracle.com/technetwork/ • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0

The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size. Las rutinas de emulación para dispositivos X86 no especificados en Xen 3.2.x hasta 4.5.x no inicializa correctamente los datos, lo que permite a usuarios locales invitados HVM obtener información sensible a través de vectores que involucran un tamaño de acceso no soportado. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html http://support.citrix.com/article/CTX200484 http://www.debian.org/security/2015/dsa-3181 http://www.securityfocus.com/bid/72954 http://www.securitytracker.com/id/1031806 http://www. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •