Vulnerability & Exploit Database

Displaying all 10 entries

Results for: CVE-2018-0638 Back to search

SUSE: CVE-2018-5683: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 23, 2018

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

SUSE: CVE-2017-18030: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: January 23, 2018

The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

SUSE: CVE-2017-5753: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 04, 2018

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

SUSE: CVE-2017-5715: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 04, 2018

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

SUSE: CVE-2017-5754: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: January 03, 2018

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

SUSE: CVE-2017-17566: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: December 12, 2017

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.

SUSE: CVE-2017-17565: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: December 12, 2017

An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P.

SUSE: CVE-2017-17564: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: December 12, 2017

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode.

SUSE: CVE-2017-17563: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: December 12, 2017

An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode.

SUSE: CVE-2017-15595: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: October 18, 2017

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking.