CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3610 – kernel: kvm: noncanonical MSR writes
https://notcve.org/view.php?id=CVE-2014-3610
The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a model-specific register, which allows guest OS users to cause a denial of service (host OS crash) by leveraging guest OS privileges, related to the wrmsr_interception function in arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c. La funcionalidad de procesamiento WRMSR en el subsistema KVM en el kernel de Linux hasta 3.17.2 no maneja debidamente la escritura de direcciones no canónicas en un registro especifico a modelos, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo anfitrión) mediante el aprovechamiento de los privilegios del sistema operativo invitado, relacionado con la función wrmsr_interception en arch/x86/kvm/svm.c y la función handle_wrmsr en arch/x86/kvm/vmx.c. It was found that KVM's Write to Model Specific Register (WRMSR) instruction emulation would write non-canonical values passed in by the guest to certain MSRs in the host's context. A privileged guest user could use this flaw to crash the host. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-0869.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http://www.securityfocus.com/bid/70742 http://www.ubuntu.com/u • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3647 – kernel: kvm: noncanonical rip after emulation
https://notcve.org/view.php?id=CVE-2014-3647
arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/emulate.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no realiza debidamente los cambios RIP, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de una aplicación manipulada. A flaw was found in the way the Linux kernel's KVM subsystem handled non-canonical addresses when emulating instructions that change the RIP (for example, branches or calls). A guest user with access to an I/O or MMIO region could use this flaw to crash the guest. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=234f3ce485d54017f15cf5e0699cff4100121601 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d1442d85cc30ea75f7d399474ca738e0bc96f715 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http:/ • CWE-248: Uncaught Exception •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-3646 – kernel: kvm: vmx: invvpid vm exit not handled
https://notcve.org/view.php?id=CVE-2014-3646
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2 does not have an exit handler for the INVVPID instruction, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application. arch/x86/kvm/vmx.c en el subsistema KVM en el kernel de Linux hasta 3.17.2 no tiene un manejador de salida para la instrucción INVVPID, lo que permite a usuarios del sistema operativo invitado causar una denegación de servicio (caída del sistema operativo invitado) a través de una aplicación manipulada. It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a642fc305053cc1c6e47e4f4df327895747ab485 http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html http://rhn.redhat.com/errata/RHSA-2015-0126.html http://rhn.redhat.com/errata/RHSA-2015-0284.html http://www.debian.org/security/2014/dsa-3060 http://www.openwall.com/lists/oss-security/2014/10/24/9 http://www. • CWE-248: Uncaught Exception •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-6530 – mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
https://notcve.org/view.php?id=CVE-2014-6530
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.38 y anteriores, y 5.6.19 y anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad, la integridad, y la disponibilidad a través de vectores relacionados con CLIENT:MYSQLDUMP. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.securityfocus.com/bid/70486 https://access.redhat.com/security/cve/CVE-2014-6530 https://bugzilla.redhat.com/show_bug.cgi?id=1153493 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2014-6507 – mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
https://notcve.org/view.php?id=CVE-2014-6507
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML. Vulnerabilidad sin especificar en Oracle MySQL Server 5.5.39 and anteriores, and 5.6.20 and anteriores, permite a usuarios remotos autenticados afectar la confidencialidad, la disponibilidad a través de vectores relacionados con SERVER:DML. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://secunia.com/advisories/61579 http://secunia.com/advisories/62073 http://security.gentoo.org/glsa/glsa-201411-02.xml http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html http://www.securityfocus.com/bid/70550 https://access.redhat.com/security&#x •