CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1. An upgraded version of the package is available that resolves this issue...

CLSA-2024-1721659604 Fix of 96 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

Driver Disk for Microsemi smartpqi 2.1.30_031 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- smartpqi| SAS/Storage Controller| 2.1.30031...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6896-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6896-3 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

Virtuozzo Hybrid Infrastructure 6.0 Update 1 Hotfix 9 (6.0.1-102)

This update provides security and stability fixes. Vulnerability id: VSTOR-75009, VSTOR-76816 Stability fixes for the hypervisor. Vulnerability id: VSTOR-86808 Fixed an issue with delayed file creation on NFS. Vulnerability id: VSTOR-88495 Fixed a high availability issue with incorrect paths of N...

Virtuozzo Hybrid Infrastructure 6.1 Update 1 Hotfix 5 (6.1.1-49)

This update provides security and stability fixes. Vulnerability id: VSTOR-75009, VSTOR-76816 Stability fixes for the hypervisor. Vulnerability id: VSTOR-85653, VSTOR-87742 Stability fixes for the chunk service. Vulnerability id: VSTOR-88832 A security fix for networks. Vulnerability id:...

Virtuozzo Hybrid Infrastructure 6.2 Hotfix 2 (6.2.0-142)

This update provides security and stability fixes. Vulnerability id: VSTOR-75009, VSTOR-76816, VSTOR-87057 Stability fixes for the hypervisor. Vulnerability id: VSTOR-87588 Fixed an issue with storage space calculation for the "Other" category in the "Logical space" chart in the admin panel...

CVE-2024-40923

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: disable rx data ring on dma allocation failure When vmxnet3rqcreate fails to allocate memory for rq-dataring.base, the subsequent call to vmxnet3rqdestroyallrxdataring does not reset rq-dataring.descsize for the data rin...

hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...

USN-6896-2: Linux kernel vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

XenServer and Citrix Hypervisor Security Update for CVE-2024-31143 and CVE-2024-31144

Description of Problem Two issues have been identified, the first of which affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and the second of which affects Citrix Hypervisor 8.2 CU1 LTSR only. The first issue, which affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR, may allow...

Hotfix XS82ECU1066 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1. All customers who are affected by the issues described in CTX691115 - XenServer and Citrix Hypervisor Security Update for CVE-2024-31143 and CVE-2024-31144 should install this hotfix...

Backup and restore capabilities in XenServer xsconsole

XenServer hosts store metadata about VMs and associated resources such as storage and networking. This metadata forms a complete view of all VMs available across the pool. You can backup this database to recover from physical hardware failure and other disaster scenarios. The legacy backup and...

Hotfix XS82ECU1070 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1. All customers who are affected by the issues described inCTX691115 - Citrix Hypervisor Security Bulletinshould install this hotfix. Note: This hotfix is available only to customers on...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6898-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6898-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointe...

CBL Mariner 2.0 Security Update: cloud-hypervisor-cvm / hvloader / nodejs18 (CVE-2023-5363)

The version of cloud-hypervisor-cvm / hvloader / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5363 advisory. - Issue summary: A bug has been identified in the processing of key and...

Understanding HA fence due to storage

This article describes how to distinguish High Availability HA storage heartbeat fencing from real host crashes. While the majority of HA fencing events occur as regular reboots and leave clear and easily found log statements identifying the event as a fence, there is one particular type of fence...

Troubleshooting Linux Virtual Machines in XenServer

This article describes about troubleshooting Linux virtual machines in XenServer. Serial console was used to access UNIX server consoles and most of the network devices switches, routes. The simplicity of serial port hardware and its universality make them popular. Serial console apart from...