exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2015-2150

Status Candidate

Overview

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.

Related Files

Ubuntu Security Notice USN-2632-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2632-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A privilege escalation was discovered in the fork syscall via the int80 entry on 64 bit kernels with 32 bit emulation support. An unprivileged local attacker could exploit this flaw to increase their privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-2150, CVE-2015-2830, CVE-2015-3331, CVE-2015-3636, CVE-2015-4167
SHA-256 | 3ebb55213318d601853a12f0808728a6b4ce09f74d102780213ab5e5f49f8627
Ubuntu Security Notice USN-2631-1
Posted Jun 10, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2631-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A privilege escalation was discovered in the fork syscall via the int80 entry on 64 bit kernels with 32 bit emulation support. An unprivileged local attacker could exploit this flaw to increase their privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-2150, CVE-2015-2830, CVE-2015-3331, CVE-2015-3636, CVE-2015-4167
SHA-256 | dcf2ecac03d8b8b31c3d14dee7a678bcbea7092733daae8ed72b7b8b585b517f
Ubuntu Security Notice USN-2613-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2613-1 - Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715, CVE-2015-2150, CVE-2015-2830, CVE-2015-3331
SHA-256 | b64bb60c18c519b0ed27d58ee2e71d6a5fbd6269a6aab22e4be17fc12e4cf9e1
Ubuntu Security Notice USN-2614-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2614-1 - Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715, CVE-2015-2150, CVE-2015-2830, CVE-2015-3331
SHA-256 | e0987162501d8a55fc1a3e8a6bf474732d7e1427471124e0dc77fe43dbc3b88a
Ubuntu Security Notice USN-2589-1
Posted Apr 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2589-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-2150, CVE-2015-2666, CVE-2015-2830, CVE-2015-2922
SHA-256 | 8282d42fb6583caf6d76b6aee077dd9245ed77e5d04d2fc2bb4a081975c28256
Ubuntu Security Notice USN-2590-1
Posted Apr 30, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2590-1 - Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-2150, CVE-2015-2666, CVE-2015-2830, CVE-2015-2922
SHA-256 | 1b08e536241af42cd68bdd34efa71e59d286ef81926d08113e25aa0e4a6caa10
Debian Security Advisory 3237-1
Posted Apr 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3237-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2014-8159, CVE-2014-9715, CVE-2015-2041, CVE-2015-2042, CVE-2015-2150, CVE-2015-2830, CVE-2015-2922, CVE-2015-3331, CVE-2015-3332, CVE-2015-3339
SHA-256 | aa8f1362fe2b1e520df3774e9b5a3562a1ce08175dfc089a7a41b13a71abdb2e
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close