Lucene search
K

462 matches found

CVE
CVE
added 5 days ago17 views

CVE-2025-58151

CVE-2025-58151 affects varstored, a Xen/Xapi component that handles UEFI variables and maps guest memory to OVMF. The vulnerability arises from TOCTOU due to insufficient compiler barriers in the shared buffer, with exploitation depending on compiler-generated code, and the attacker potentially c...

9.4CVSS6.2AI score0.0012EPSS
Exploits0References3
OSV
OSV
added 2026/07/04 12:17 p.m.4 views

UBUNTU-CVE-2026-53360

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...

6.6AI score0.00267EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 11:53 a.m.10 views

EUVD-2026-41667

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...

6AI score0.00267EPSS
Exploits0References4
CVE
CVE
added 2026/07/01 1:32 p.m.22 views

CVE-2026-53345

The CVE describes a Linux kernel KVM issue where a page dirty operation could warn about a missing running vCPU even when the VM is dying. The behavior was tied to the VM’s refcount and the state of SEV-ES guests; if a guest memory page remained dirty while the VM is dying and userspace had no ac...

5.8AI score0.00156EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/19 4:23 p.m.8 views

EUVD-2026-38042

An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...

5.5CVSS5.9AI score0.00102EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in amd64-microcode

Incomplete system memory cleanup in the SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...

4.4CVSS6.2AI score0.00199EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 12:32 a.m.11 views

EUVD-2024-55617

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 11:16 p.m.9 views

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS0.00222EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 9:54 p.m.10 views

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 9:54 p.m.28 views

CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

5.3CVSS0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 9:54 p.m.21 views

CVE-2024-21944

CVE-2024-21944 maps to an AMD SEV-SNP/ASP issue where SPD metadata can be improperly validated. Research show BadRAM-style exploits that can cause a memory module to misreport size, enabling a local attacker with ring0 or physical access to overwrite guest memory and compromise guest data integri...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.24 views

PT-2026-45766

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.8AI score0.00118EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.15 views

kernel: mm: thp: deny THP for files on anonymous inodes

A flaw was found in the Linux kernel's Transparent Huge Pages THP mechanism. This vulnerability occurs because the filethpenabled function incorrectly allows THP for files on anonymous inodes, which are not designed for this feature. An attacker could potentially exploit this by manipulating...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Both valid and invalid roots are cleared when unmapping a gfn range. KVM must ensure that it does not hold any references to the freed page after the unmapping...

7.8CVSS6.1AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is dropped/zapped even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it’s shadow-present. While the commit a54aa15c6bda3 was...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Mark the target gfn of the emulated atomic instruction as dirty When emulating an atomic access on behalf of the guest, mark the target gfn as dirty if the CMPXCHG instruction attempts to be executed and fails without ...

5.5CVSS6.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fixed a potential NULL dereference during nested migration. It turns out that due to feedback from reviews and/or changes in relocation locations, I accidentally moved the call to nestedsvmloadcr3 too early, befor...

5.5CVSS5.3AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: kvm: Avoid speculative attacks from out-of-range memslot accesses. KVM’s mechanism for accessing guest memory converts a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn and a...

7.1CVSS6.5AI score0.00259EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: memblock: The memory allocated before it is used in memblockdoublearray was accepted. When increasing the array size in memblockdoublearray, if the slab is not yet available, a call to memblockfindinrange is used to...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-43214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Add SRCU protection for reading PDPTRs in getsregs2 Add SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigge...

7.8CVSS6.4AI score0.00139EPSS
Exploits0References3
Rows per page
Query Builder