Page 54 of 400 results (0.006 seconds)

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Xen 4.4.x, when running on an ARM system and "handling an unknown system register access from 64-bit userspace," returns to an instruction of the trap handler for kernel space faults instead of an instruction that is associated with faults in 64-bit userspace, which allows local guest users to cause a denial of service (crash) and possibly gain privileges via a crafted process. Xen 4.4.x, cuando funciona con un sistema ARM y 'maneja un acceso al registro de un sistema desconocido de un espacio de usuario de 64 bits,' vuelve a una instrucción del manejador trap para fallos en espacios del kernel en lugar de una instrucción que está asociada con fallos en el espacio de usuario de 64 bits, lo que permite a usuarios locales invitados causar una denegación de servicio (caída) y posiblemente ganar privilegios a través de un proceso manipulado. • http://secunia.com/advisories/59934 http://www.securityfocus.com/bid/69189 http://www.securitytracker.com/id/1030725 http://xenbits.xenproject.org/xsa/advisory-103.html https://exchange.xforce.ibmcloud.com/vulnerabilities/95233 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 3.3EPSS: 0%CPEs: 19EXPL: 0

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of service (guest crash) via unspecified vectors. La función x86_emulate en arch/x86/x86_emulate/x86_emulate.c en Xen 3.3.x hasta 4.4.x no comprueba los permisos del modo de supervisión para las instrucciones que generan interrupciones de software, lo que permite a usuarios locales huéspedes de HVM causar una denegación de servicio (caída del huésped) a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/61500 http://secunia.com/advisories/61858 http://secunia.com/advisories/61890 http://security.gentoo.org/glsa/glsa-201412-42.xml http://support.citrix.com • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.8EPSS: 0%CPEs: 43EXPL: 0

The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges via vectors involving an (1) HLT, (2) LGDT, (3) LIDT, or (4) LMSW instruction. La función x86_emulate en arch/x86/x86_emulate/x86_emulate.c en Xen 4.4.x y anteriores no comprueba debidamente los permisos del modo de supervisor, lo que permite a usuarios locales de HVM causar una denegación de servicio (caída del huésped) o ganar privilegios del medo del kernel del huésped a través de vectores que involucran una instrucción (1) HLT, (2) LGDT, (3) LIDT, o (4) LMSW. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/61858 http://secunia.com/advisories/61890 http://security.gentoo.org/glsa/glsa-201412-42.xml http://support.citrix.com/article/CTX200218 http://www.debian. • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.1EPSS: 0%CPEs: 21EXPL: 0

Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors. Condición de carrera en HVMOP_track_dirty_vram en Xen 4.0.0 hasta 4.4.x no asegura la posesión del bloqueo de guardar para el seguimiento RAM de vídeos sucios, lo que permite a dominios locales de huésped causar una denegación de servicio a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/61501 http://secunia.com/advisories/61890 http://security.gentoo.org/glsa/glsa-201412-42.xml http://www.debian.org/security/2014/dsa-3041 http://www. • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.3EPSS: 0%CPEs: 16EXPL: 0

The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other guests via unspecified vectors. La función hvm_msr_read_intercept en arch/x86/hvm/hvm.c en Xen 4.1 hasta 4.4.x utiliza un rango MSR indebido para la emulación x2APIC, lo que permite a huéspedes HVM locales causar una denegación de servicio (caída del anfitrión) o leer datos del hipervisor o otros huéspedes a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140199.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html http://secunia.com/advisories/61664 http://secunia.com/advisories/61858 http://secunia.com/advisories/61890 http: • CWE-399: Resource Management Errors •