- Home
- CVEs with nessus.description==According+to+the+versions+of+the+parallels-server-bm-release+%2F+vzkernel+%2F+etc+packages+installed%2C+the+Virtuozzo+installation+on+the+remote+host+is+affected+by+the+following+vulnerabilities+%3A%0A%0A++-+An+industry-wide+issue+was+found+in+the+way+many+modern+++++microprocessor+designs+have+implemented+speculative+++++execution+of+instructions+%28a+commonly+used+performance+++++optimization%29.+There+are+three+primary+variants+of+the+++++issue+which+differ+in+the+way+the+speculative+execution+++++can+be+exploited.+Variant+CVE-2017-5754+relies+on+the+++++fact+that%2C+on+impacted+microprocessors%2C+during+++++speculative+execution+of+instruction+permission+faults%2C+++++exception+generation+triggered+by+a+faulting+access+is+++++suppressed+until+the+retirement+of+the+whole+++++instruction+block.+In+a+combination+with+the+fact+that+++++memory+accesses+may+populate+the+cache+even+when+the+++++block+is+being+dropped+and+never+committed+%28executed%29%2C+++++an+unprivileged+local+attacker+could+use+this+flaw+to+++++read+privileged+%28kernel+space%29+memory+by+conducting+++++targeted+cache+side-channel+attacks.+NOTE%3A+This+update+++++fixes+the+32-bit+compatibility+layer+on+x86-64+++++processors%2C+i.e.+when+32-bit+containers+are+executed+on+++++64-bit+processors.%0A%0A++-+A+bug+in+the+32-bit+compatibility+layer+of+the+ioctl+++++handling+code+of+the+v4l2+video+driver+in+the+Linux+++++kernel+has+been+found.+A+memory+protection+mechanism+++++ensuring+that+user-provided+buffers+always+point+to+a+++++userspace+memory+were+disabled%2C+allowing+destination+++++address+to+be+in+a+kernel+space.+This+flaw+could+be+++++exploited+by+an+attacker+to+overwrite+a+kernel+memory+++++from+an+unprivileged+userspace+process%2C+leading+to+++++privilege+escalation.%0A%0A++-+The+KEYS+subsystem+in+the+Linux+kernel+omitted+an+++++access-control+check+when+writing+a+key+to+the+current+++++task%27s+default+keyring%2C+allowing+a+local+user+to+bypass+++++security+checks+to+the+keyring.+This+compromises+the+++++validity+of+the+keyring+for+those+who+rely+on+it.%0A%0A++-+A+flaw+was+found+in+the+processing+of+incoming+L2CAP+++++bluetooth+commands.+Uninitialized+stack+variables+can+++++be+sent+to+an+attacker+leaking+data+in+kernel+address+++++space.%0A%0A++-+Linux+kernel+before+version+4.16-rc7+is+vulnerable+to+a+++++null+pointer+dereference+in+dccp_write_xmit%28%29+function+++++in+net%2Fdccp%2Foutput.c+in+that+allows+a+local+user+to+++++cause+a+denial+of+service+by+a+number+of+certain+++++crafted+system+calls.%0A%0A++-+A+flaw+was+found+in+the+way+the+Linux+kernel+handled+++++exceptions+delivered+after+a+stack+switch+operation+via+++++Mov+SS+or+Pop+SS+instructions.+During+the+stack+switch+++++operation%2C+the+processor+did+not+deliver+interrupts+and+++++exceptions%2C+rather+they+are+delivered+once+the+first+++++instruction+after+the+stack+switch+is+executed.+An+++++unprivileged+system+user+could+use+this+flaw+to+crash+++++the+system+kernel+resulting+in+the+denial+of+service.%0A%0A++-+net%2Fnetfilter%2Fxt_osf.c+in+the+Linux+kernel+through+++++4.14.4+does+not+require+the+CAP_NET_ADMIN+capability+++++for+add_callback+and+remove_callback+operations.+This+++++allows+local+users+to+bypass+intended+access+++++restrictions+because+the+xt_osf_fingers+data+structure+++++is+shared+across+all+network+namespaces.%0A%0A++-+The+futex_requeue+function+in+kernel%2Ffutex.c+in+the+++++Linux+kernel%2C+before+4.14.15%2C+might+allow+attackers+to+++++cause+a+denial+of+service+%28integer+overflow%29+or+++++possibly+have+unspecified+other+impacts+by+triggering+a+++++negative+wake+or+requeue+value.%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+Virtuozzo+security+advisory.%0ATenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top