Page 63 of 400 results (0.004 seconds)

CVSS: 2.3EPSS: 0%CPEs: 33EXPL: 0

Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory. Xen v4.3.x y anterior no maneja correctamente ciertos errores, lo que permite a invitados locales HVM conseguir la memoria de la pila del hypervisor a través de un puerto o escritura de memoria mapeada de I/O u otra operación no especificada relacionada con direcciones sin memoria asociada. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://rhn.redhat.com/errata/RHSA-2013-1790.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 1.2EPSS: 0%CPEs: 16EXPL: 0

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain sensitive information by reading the registers. Xen 4.0 a 4.3.x, cuando se usan CPUs con capacidad AVX o LWP, no borra apropiadamente datos anteriores de registros al usar XSAVE o XRSTOR para extender el estado de los componentes de una vCPU guardada o restaurada después de tocar otros registros extendidos restaurados, lo cual permite a Sistemas Operativos huésped obtener información sensible mediante lectura de los registros. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09/25/2 http://www.securitytracker.com/id/1029090 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 15EXPL: 0

The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction. La librería xenlight (libxl) en Xen 4.0.x a 4.2.x, cuando IOMMU está desactivado, proporciona acceso a un dispositivo de paso PCI con capacidad de control de bus antes de que la configuración IOMMU se complete, lo cual permite a dominios locales HVM invitados obtener privilegios o causar denegación de servicio a través de una instrucción DMA. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://lists.xen.org/archives/html/xen-devel/2013-07/msg00066.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/09/10/4 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0

Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determine portions of the state of floating point instructions of other domains, which can be leveraged to obtain sensitive information such as cryptographic keys, a similar vulnerability to CVE-2006-1056. NOTE: this is the documented behavior of AMD64 processors, but it is inconsistent with Intel processors in a security-relevant fashion that was not addressed by the kernels. Xen v4.0.x, v4.1.x, y v4.2.x, cuando se ejecuta en procesadores AMD64, sólo guarda/restaura los registros FOP, FIP, y FDP x87 en FXSAVE/FXRSTOR cuando una excepción se encuentra pendiente, lo que permite un dominio para determinar las porciones del estado de las instrucciones de punto flotante de otros dominios, por lo que pueden ser aprovechados para obtener información confidencial, como claves criptográficas, una vulnerabilidad similar a CVE-2006-1056. NOTA: este es el comportamiento documentado de procesadores AMD64, pero no es consistente con procesadores Intel de modo relevante para la seguridad que no ha sido resuelto por los kernel. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html http://secunia.com/advisories/55082 http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.debian.org/security/2014/dsa-3006 http://www.openwall.com/lists/oss-security/2013/06/03/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.7EPSS: 0%CPEs: 25EXPL: 0

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from a PCI device that is bus mastering capable that triggers a System Error Reporting (SERR) Non-Maskable Interrupt (NMI). El motor Intel VT-d Interrupt Remapping en Xen 3.3.x a la 4.3.x permite a invitados (guest) locales provocar una denegación de servicio (kernel panic) a través de un Message Signaled Interrupt (MSI) mal formado desde un dispositivo PCI que es capaz de provocar un System Error Reporting (SERR) Non-Maskable Interrupt (NMI). • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00010.html http://osvdb.org/96438 http://secunia.com/advisories/54341 http://www.openwall.com/lists/oss-security/2013/08/20/8 http://www.securityfocus.com/bid/61854 http://www.securitytracker.com/id/1028931 https://security.gentoo.org/glsa/201504-04 • CWE-264: Permissions, Privileges, and Access Controls •