CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-8333 – openstack-nova: Nova VMware instance in resize state may leak
https://notcve.org/view.php?id=CVE-2014-8333
The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state. El controlador VMware en OpenStack Compute (Nova) anterior a 2014.1.4 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de disco) mediante la eliminación de un instancia en el estado resize. A flaw was found in the OpenStack Compute (nova) VMWare driver, which could allow an authenticated user to delete an instance while it was in the resize state, causing the instance to remain on the back end. A malicious user could use this flaw to cause a denial of service by exhausting all available resources on the system. • http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html http://rhn.redhat.com/errata/RHSA-2015-0843.html http://rhn.redhat.com/errata/RHSA-2015-0844.html http://secunia.com/advisories/60531 https://bugs.launchpad.net/nova/+bug/1359138 https://access.redhat.com/security/cve/CVE-2014-8333 https://bugzilla.redhat.com/show_bug.cgi?id=1154890 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3647 – kernel: kvm: noncanonical rip after emulation
https://notcve.org/view.php?id=CVE-2014-3647
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/emulate.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no realiza debidamente los cambios RIP, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de una aplicación manipulada. A flaw was found in the way the Linux kernel's KVM subsystem handled non-canonical addresses when emulating instructions that change the RIP (for example, branches or calls). A guest user with access to an I/O or MMIO region could use this flaw to crash the guest. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=234f3ce485d54017f15cf5e0699cff4100121601 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d1442d85cc30ea75f7d399474ca738e0bc96f715 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http:/ • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3611 – kernel: kvm: PIT timer race condition
https://notcve.org/view.php?id=CVE-2014-3611
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. Condición de carrera en la función __kvm_migrate_pit_timer en arch/x86/kvm/i8254.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo anfitrión) mediante el aprovechamiento de la emulación PIT incorrecta. A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2febc839133280d5a5e8e1179c94ea674489dae2 http://rhn.redhat.com/errata/RHSA-2015-0126.html http://rhn.redhat.com/errata/RHSA-2015-0284.html http://rhn.redhat.com/errata/RHSA-2015-0869.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http://www.ubuntu.com/usn/USN-2394-1 http://www.ubuntu.com/usn/USN-2417-1 http://www.ubun • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3646 – kernel: kvm: vmx: invvpid vm exit not handled
https://notcve.org/view.php?id=CVE-2014-3646
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/vmx.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no tiene un manejador de salida para la instrucción INVVPID, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de una aplicación manipulada. It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a642fc305053cc1c6e47e4f4df327895747ab485 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-0126.html http://rhn.redhat.com/errata/RHSA-2015-0284.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http://www. • CWE-248: Uncaught Exception •
CVSS: 5.0EPSS: 1%CPEs: 116EXPL: 0CVE-2014-3660 – libxml2: denial of service via recursive entity expansion
https://notcve.org/view.php?id=CVE-2014-3660
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. parser.c en libxml2 anterior a 2.9.2 no previene debidamente la expansión de entidades incluso cuando la substitución de entidades haya sido deshabilitada, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (consumo de CPU) a través de un documento XML manipualdo que contiene un número grande de referencias de entidades anidadas, una variante del ataque del 'billón de risas'. A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html http://rhn.redhat.com/errata/RHSA-2014-1655.html http://rhn.redhat.com/errata/RHSA-2014-1885.html http://secunia.com/advisories/59903 http://s • CWE-400: Uncontrolled Resource Consumption •