CVE-2021-22045

VMware ESXi 7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG, VMware Workstation 16.2.0 and VMware Fusion 12.2.0 contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able t...

Qualcomm 组件 输入验证错误漏洞

The Qualcomm Component is a component of Qualcomm Incorporated USA. An intrinsic part that provides functionality to Qualcomm devices. A security vulnerability exists in the Qualcomm Component that originates from incorrect validation of memory regions in the Hypervisor can lead to incorrect regi...

VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)

1. Impacted Products VMware ESXi VMware Workstation Pro / Player Workstation VMware Fusion VMware Cloud Foundation 2. Introduction A heap-overflow vulnerability in VMware Workstation, Fusion and ESXi was privately reported to VMware. Updates are available to remediate this vulnerability in...

CVE-2021-28713

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service. Mitigation...

CVE-2021-28711

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service. Mitigation...

CVE-2021-28712

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service. Mitigation...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Xen Certain VT-d IOMMUs May Not Work In Shared Page Table Mode (XSA-390)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a vulnerability in the IOMMU that fails to strip tables in shared page table mode. The vulnerability only affects x86 Intel systems. A local, authorized attacker could use this...

GSD-2021-1002685 xen/netfront: harden netfront against event channel storms

xen/netfront: harden netfront against event channel storms This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.168 by commit...

GSD-2021-1002662 xen/blkfront: harden blkfront against event channel storms

xen/blkfront: harden blkfront against event channel storms This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

[SECURITY] [DLA 2843-1] linux security update

Debian LTS Advisory DLA-2843-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 16, 2021 https://wiki.debian.org/LTS Package : linux Version : 4.9.290-1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-0920 CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-36...

IBM PowerVM Hypervisor Denial of Service Vulnerability

IBM PowerVM Hypervisor is an application from IBM USA, Inc. provides a secure and scalable virtualization environment for applications built on the advanced RAS capabilities and leading performance of the Power Systems platform.A denial-of-service vulnerability exists in IBM PowerVM Hypervisor th...

Citrix Security Advisory for CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832.

Citrix is aware offourvulnerabilitiesaffectingApache Log4j2, threeof whichmayallowan attackertoexecute arbitrary code. Thesethreevulnerabilitieshavebeen given the followingidentifiers: CVE-2021-44228 CVE-2021-45046 CVE-2021-44832 Thefourthvulnerabilitymay allowan attackertocause a denial of...

CVE-2021-26340

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer TLB resulting in unexpected behavior inside the virtual machine VM...

Code injection

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer TLB resulting in unexpected behavior inside the virtual machine VM...

CVE-2021-26340

CVE-2021-26340 is a published vulnerability affecting AMD SEV/SEV-ES environments. A malicious hypervisor with an unprivileged attacker process inside a guest VM may fail to flush the TLB, causing unexpected VM behavior and potential loss of integrity and confidentiality. Affected products includ...

CVE-2021-26340

A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer TLB resulting in unexpected behavior inside the virtual machine VM...

CVE-2021-38937

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...

CVE-2021-38937

IBM PowerVM Hypervisor FW940, FW950, and FW1010 could allow an authenticated user to cause the system to crash using a specially crafted IBMi Hypervisor call. IBM X-Force ID: 210894...

CVE-2021-38917

IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of carefully crafted service procedures. IBM X-Force ID: 210018...