Page 72 of 364 results (0.011 seconds)

CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access. La función fixup_page_fault en arch/x86/traps.c en Xen v.4.0.1 y anteriores sobre plataformas 64-bit, cuando se activa la paravirtualización, no verifica que el modo kernel está usado para llamar a la función handle_gdt_ldt_mapping_fault, lo que permite a los usuarios invitados del sistema operativo provocar una denegación de servicio (host OS BUG_ON) a través de un acceso de memoria manipulado. • http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html http://openwall.com/lists/oss-security/2010/11/30/5 http://openwall.com/lists/oss-security/2010/11/30/8 http://secunia.com/advisories/42884 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0017.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.vmware.com/security/advisories/VMSA-2011-0012.html https://bugzilla.redhat.com/show_bug •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, and possibly other versions, allows guest OS users to cause a denial of service (infinite loop and CPU consumption) via a large production request index to the blkback or blktap back-end drivers. NOTE: some of these details are obtained from third party information. La función do_block_io_op en (1) ldrivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c en Xen anterior a v3.4.0 para el kernel Linux v2.6.18, y posiblemente otras versiones, permite a los usuarios invitados del sistema operativo causar una denegación de servicio (bucle infinito y el consumo de CPU) a través de un gran índice de producción de peticiones a los controladores blkback o blktap back-end. NOTA: algunos de estos detalles han sido obtenidos de información de terceros. • http://secunia.com/advisories/35093 http://secunia.com/advisories/42789 http://secunia.com/advisories/46397 http://www.openwall.com/lists/oss-security/2010/11/23/1 http://www.openwall.com/lists/oss-security/2010/11/24/8 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45029 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://www.vupen.com/ • CWE-20: Improper Input Validation •

CVSS: 2.7EPSS: 0%CPEs: 16EXPL: 0

The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, causes a hang in zenwatch, or prevents unspecified xm commands from working properly, related to (1) netback, (2) blkback, or (3) blktap. El driver backend en Xen v3.x permite a usuarios del OS causar una denegación de servicio a través de una fuga en el hilo del kernel, lo que evita que el dispositivo y el invitado OS sean apagados o se cree un dominio zombie, causando una caída en zenwatch, o impida que comandos sin especificar xm trabajen de forma adecuada, relacionado con (1) netback, (2) blkback, o (3) blktap. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html http://secunia.com/advisories/42372 http://secunia.com/advisories/42789 http://secunia.com/advisories/43056 http://secunia.com/advisories/46397 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.securityfocus.com/archive/1/520102/100/0/threaded http://www.securityfocus.com/bid/45039 http://www.securitytracker.com/id?1024786 http://www.vmware.com/security/advisories/VMSA-2011-0012.html ht • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742. arch/ia64/xen/faults.c en Xen v3.4 y v4.0 en el kernel de Linux v2.6.18, y posiblemente otras versiones, cuando se ejecuta sobre arquitecturas IA-64, permite a usuarios locales provocar una denegación de servicio y "activar BE mediante la modificación de la máscara de usuario del PSR". Como se ha demostrado explotando el CVE-2006-0742. • http://osvdb.org/65541 http://secunia.com/advisories/43315 http://www.openwall.com/lists/oss-security/2010/06/10/2 http://www.redhat.com/support/errata/RHSA-2010-0610.html http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www.securityfocus.com/bid/40776 http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://xenbits.xensource.com/xen-4.0-testing.hg?rev/42caadb14edb https://bugzilla.redhat.com/show_bug.cgi?id=586415 https://exchange •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 5

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password. El pyGrub en Xen v3.0.3, v3.3.0, y Xen-3.3.1 no soporta la opción password en grub.conf para las invitaciones "para-virtualized", lo que permite a atacantes con acceso a la consola invitada para-virtualized iniciar la invitación o modificar los parámetros de arranque del kernel del invitado sin proporcionar el password esperado. • https://www.exploit-db.com/exploits/33255 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html http://secunia.com/advisories/36908 http://www.openwall.com/lists/oss-security/2009/09/25/1 http://www.redhat.com/support/errata/RHSA-2009-1472.html http://www.securityfocus.com/bid/36523 http://www.securitytracker.com/id?1022950 http://xenbits.xensource.com/xen-unstable.hg?rev/8f783adc0ee3 https://bugzilla.redhat.com/show_bug.cgi?id=525740 https://bugzilla&# • CWE-264: Permissions, Privileges, and Access Controls •