Lucene search
K

75 matches found

RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.6 views

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...

6.5CVSS6.6AI score0.0047EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2023/04/15 7:0 a.m.7 views

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

...

6.5CVSS7.3AI score0.0047EPSS
Exploits0
OSV
OSV
added 2023/04/10 2:15 a.m.7 views

UBUNTU-CVE-2023-30456

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

6.5CVSS6.7AI score0.0047EPSS
Exploits0References21
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a security issue in arch/x86/kvm/vmx/nested.c, where nVMX on x8664 lacks consistency checks for CR0 and CR4...

6.5CVSS6.6AI score0.0047EPSS
Exploits0References16
OSV
OSV
added 2023/03/04 11:5 a.m.4 views

OESA-2023-1143 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: The Linux kernel does not correctly mitigate SMT attacks, as discovered through a strange pattern in the kernel API using STIBP as a mitigation1 https://docs.kernel.org/userspace-api/specctrl.html, leaving the process exposed for...

7.5CVSS8AI score0.02399EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.4 views

SUSE CVE-2021-28690

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...

5.6CVSS6.7AI score0.01019EPSS
Exploits0References22
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-2420-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.05421EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-2419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.05421EPSS
Exploits1References2
OSV
OSV
added 2021/06/29 12:15 p.m.1 views

UBUNTU-CVE-2021-28690

x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX the default and preferred option requires selecting a...

6.5CVSS5.8AI score0.01019EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/05/19 11:8 p.m.1 views

Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation

A flaw was found in the Linux kernel on s390 architecture. The issue occurs on multiprocessing systems when one s390 CPU is in Secondary Address Mode and another CPU does a kernel page table upgrade. An inter-processor interrupt IPI is then sent to each active CPU to update the control registers...

7CVSS7.1AI score0.00397EPSS
Exploits0References4
OSV
OSV
added 2019/10/08 1:15 a.m.2 views

DEBIAN-CVE-2019-17347

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...

7.8CVSS6.9AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2019/10/08 1:15 a.m.1 views

UBUNTU-CVE-2019-17347

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its virtualised %cr4 in a way that is incompatible with Linux and possibly other guest kernels...

7.8CVSS6.8AI score0.00352EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/07/30 9:16 a.m.5 views

Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualization nVMX feature enabled nested=1, is vulnerable to a crash due to disabled external interrupts. As L2 guest could access r/w hardware CR8 register of the hostL0. In a nested visualization setup, L2 guest user...

7.1CVSS7.2AI score0.00512EPSS
Exploits0References4
OSV
OSV
added 2018/08/17 6:29 p.m.2 views

DEBIAN-CVE-2018-15468

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the...

6CVSS7.4AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2018/08/17 6:29 p.m.4 views

ALPINE-CVE-2018-15468

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the...

6CVSS6.7AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2018/08/17 6:29 p.m.2 views

UBUNTU-CVE-2018-15468

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the...

6CVSS6.7AI score0.00337EPSS
Exploits0References3
NVD
NVD
added 2017/04/02 1:59 a.m.11 views

CVE-2017-2418

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors...

6.5CVSS5.1AI score0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/04/02 1:36 a.m.19 views

CVE-2017-2418

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "Hypervisor" component. It allows guest OS users to obtain sensitive information from the CR8 control register via unspecified vectors...

6.3AI score0.00335EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/03/05 11:13 a.m.3 views

kernel: kvm: vmx: invalid host cr4 handling across vm entries

It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause a denial of service on the system...

5.5CVSS6.3AI score0.00515EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2014/11/25 3:20 a.m.104 views

USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

7.5CVSS6.9AI score0.05421EPSS
Exploits1
Rows per page
Query Builder