250 matches found
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2024-21961
CVE-2024-21961: Severity 6.0 (MEDIUM) CVSS v4 shows network vector with attacker in a guest VM who can trigger a denial-of-service on the host via improper restriction of operations within PCIe Link memory buffers. Connected sources (Red Hat, NVD, AMD bulletins) confirm the flaw exists in PCIe Li...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2024-21961
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
PT-2026-7945
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack against the host resulting in loss of availability...
CVE-2025-48508
Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service...
CVE-2025-48508
CVE-2025-48508 concerns an issue in the GPU GFX Hardware IP block where improper hardware reset flow logic could let a privileged attacker in a guest VM take control of the reset operation, potentially crashing the host or GPU and causing denial of service. The vulnerability is described with a l...
CVE-2025-48508
Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service...
CVE-2026-24843
melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries...
EUVD-2026-5373
melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries...
melange QEMU runner could write files outside workspace directory
An attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries without validating that paths stay within the workspace, allowing Path Traversal via ../ sequences. Fix:...
GHSA-QXX2-7H4C-83F4 melange QEMU runner could write files outside workspace directory
An attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries without validating that paths stay within the workspace, allowing Path Traversal via ../ sequences. Fix:...
open-vm-tools: Insecure file handling
A vulnerability was found in open-vm-tools. A malicious actor with non-administrative privileges on a guest virtual machine VM may tamper with the local files to trigger insecure file operations within that VM...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004477)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004477 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001588)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001588 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...
USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7939-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7910-2: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...