CVE-2023-31351

CVE-2023-31351 involves AMD IOMMU restrictions allowing a malicious hypervisor to access guest private memory, risking integrity loss on affected AMD EPYC/server platforms. Documents confirm this is tied to IOMMU operations and that mitigations are provided via Platform Initialization (PI) firmwa...

PT-2025-36382

Name of the Vulnerable Software and Affected Versions: versions prior to 12.0 Hotfix 91155 Description: Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory, resulting in a loss of integrity. Recommendations: At the moment, there is no...

FuzzBox: Blending Fuzzing into Emulation for Binary-Only Embedded Targets

Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial systems remains challenging, due to proprietary and...

OESA-2025-2133 libtpms security update

A library providing TPM functionality for VMs. Targeted for integration into Qemu. Security Fixes: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by th...

KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush

...

The provided one-time code is incorrect. Check if the backup server time is correct.

Challenge When attempting to connect to the Veeam Host Management Console, after entering the MFA TOTP code, the following error occurs: The provided one-time code is incorrect. Check if the backup server time is correct. Solution There are two potential causes for time mismatch: Cause 1:...

Linux Distros Unpatched Vulnerability : CVE-2022-49955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An exampl...

Linux Distros Unpatched Vulnerability : CVE-2019-10142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioct...

Linux Distros Unpatched Vulnerability : CVE-2018-7541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service hypervisor crash or gain privileges by triggering a grant-tab...

Linux Distros Unpatched Vulnerability : CVE-2023-46840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of...

Linux Distros Unpatched Vulnerability : CVE-2022-23034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would ha...

Linux Distros Unpatched Vulnerability : CVE-2019-18420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall...

Linux Distros Unpatched Vulnerability : CVE-2019-19577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering...

Ubuntu 25.04 : Linux kernel (Azure) vulnerabilities (USN-7721-1)

"The remote Ubuntu 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7721-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...

USN-7721-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x...

Linux Distros Unpatched Vulnerability : CVE-2020-11740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users without active profiling to obtain sensitive information about other guests...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.3)

The version of AHV installed on the remote host is prior to AHV-10.0.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.3 advisory. - LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting application...

Linux Distros Unpatched Vulnerability : CVE-2020-27672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain...

Linux Distros Unpatched Vulnerability : CVE-2019-19582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service infinite loop because certain bit iteration is mishandled...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103068)

The version of AHV installed on the remote host is prior to 20230302.103068. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103068 advisory. - The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17,...