DEBIAN-CVE-2025-21779

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

AZL-57959 CVE-2025-21779 affecting package kernel for versions less than 6.6.79.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

CVE-2025-21779

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

UBUNTU-CVE-2025-21779

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

SUSE CVE-2022-49098

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required...

SUSE CVE-2022-49124

In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following conditions are met due to an erratum on fast string copy instructions: 1 An uncorrected error. 2 That err...

SUSE CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

CVE-2025-21779

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

CVE-2025-21779 KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

CVE-2025-21779

The CVE-2025-21779 entry concerns Linux kernel KVM on x86 where Hyper-V SEND_IPI/SEND_IPI_EX hypercalls are advertised only when the local APIC is emulated/virtualized by KVM. The fix rejects these hypercalls if the local APIC is emulated in userspace, preventing a NULL-pointer dereference when H...

CVE-2025-21779 KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the KVM not properly handling Hyper-V's SENDIPI hypercalls, which could lead to null pointer dereferences...

DEBIAN-CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

UBUNTU-CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

DEBIAN-CVE-2022-49098

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix potential crash on module unload The vmbus driver relies on the panic notifier infrastructure to perform some operations when a panic event is detected. Since vmbus can be built as module, it is required...

DEBIAN-CVE-2022-49054

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctlrecordpanicmsg by default in isolated guests hvpanicpage might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While at it, update some...

CVE-2022-49054

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctlrecordpanicmsg by default in isolated guests hvpanicpage might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While at it, update some...

UBUNTU-CVE-2022-49054

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctlrecordpanicmsg by default in isolated guests hvpanicpage might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While at it, update some...

CVE-2022-49726 clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...