13039 matches found
Astra Linux – Vulnerability in Xen
A issue was discovered in Xen through version 4.11.x, allowing users of x86 Intel HVM guest operating systems to obtain unintended read/write DMA access. This could potentially lead to a denial of service causing the host operating system to crash or result in privilege escalation. This issue...
Astra Linux – Vulnerability in Linux
A flaw was discovered in the KVM’s AMD code, which handles SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the “virtext” field, this issue could all...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV – Lock all vCPUs when synchronizing VMSAs for SNP launch completion. Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests. Allowing the user space to manipulate or run a vCPU while its state is being...
Astra Linux – Vulnerability in Linux 6.1
A flaw was discovered in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to the host’s x2apic MSRs when the guest resets its APIC, potentially leading to a denial-of-service condition...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Fixed a stack-out-of-bounds memory access from ioapicwriteindirect. KASAN reports the following issue: BUG: In kvmmakevcpusrequestmask+0x174/0x440 kvm, there is a stack-out-of-bounds situation. A read of size 8 at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protecting of L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs. This ensures that the TDP MMU takes into...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the AMD nested virtualization SVM feature of the KVM. A malicious L1 guest could intentionally fail to intercept the shutdown of a cooperative nested guest L2, potentially causing a page fault and kernel panic in the host L0...
Astra Linux – Vulnerability in Linux
A flaw was discovered in the KVM’s AMD code, responsible for supporting SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest, which is used to spawn or handle a nested guest L2. Due to improper validation of the “intct...
Astra Linux – Vulnerability in Linux
A vulnerability was discovered in the Linux kernel before version 5.9. Arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering the destruction of a large SEV VM, which requires unregistering many encrypted regions. This vulnerability is also known as...
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel through version 5.9.1, as used with Xen up to version 4.14.x. The file drivers/xen/events/eventsbase.c allows for the removal of event channels during the event-handling loop a race condition. This can lead to a use-after-free or NULL pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64 – Fix for host stage-2 PGD refcount The KVM page-table library counts the pages of concatenated stage-2 PGs individually. However, when KVM is running in protected mode, the host’s stage-2 PGD is currently managed by E...
Astra Linux – Vulnerability in amd64-microcode
Secure Encrypted Virtualization SEV on the Advanced Micro Devices AMD Platform Security Processor PSP; also known as AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodation for VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: The user process sets up a gntdev mapping consisting of...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in the implementation of the 9p passthrough filesystem 9pfs in QEMU. The 9pfs server did not prevent the opening of special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...
Astra Linux – Vulnerability in Linux 5.15
A race condition in the x86 KVM subsystem within the Linux kernel, as of 6.1-rc6, allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization is enabled and the TDP MMU is also enabled...
Astra Linux – Vulnerability in Qemu
A use-after-free vulnerability was discovered in the virtio-net device of QEMU. This vulnerability can occur when the address of the descriptor belongs to the non-direct access region, due to the numbuffers being set after the virtqueue elem has been unmapped. A malicious guest can exploit this...
Astra Linux – Vulnerability in Linux 5.15
A NULL pointer dereference flaw was discovered in the Linux kernel’s KVM module. This flaw can lead to a denial of service in the x86emulateinsn function in arch/x86/kvm/emulate.c. The flaw occurs when an illegal instruction is executed on the guest CPU of the Intel model...