Lucene search
K

293 matches found

RedhatCVE
RedhatCVE
added 2020/04/04 5:14 a.m.28 views

CVE-2018-16882

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error while processing posted interrupt address, it unmaps the 'pidescpage' without resetting 'pidesc' descript...

8.8CVSS1.7AI score0.0036EPSS
Exploits0References2
OSV
OSV
added 2020/04/03 10:53 p.m.21 views

MGASA-2020-0158 Updated kernel-linus packages fix security vulnerabilities

This update is based on upstream 5.5.15 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...

7.8CVSS6.6AI score0.0601EPSS
Exploits13References18
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.62 views

EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1368)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can...

7.8CVSS6.4AI score0.0415EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.54 views

EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1342)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow was discovered in the Linux kernel's Marvell WiFi chip driver. The flaw could occur when...

10CVSS7.7AI score0.10114EPSS
Exploits5References18
Ubuntu
Ubuntu
added 2020/03/25 3:12 a.m.202 views

USN-4302-1: Linux kernel vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

6.8CVSS6.5AI score0.02745EPSS
Exploits2
Amazon
Amazon
added 2020/03/23 12:0 a.m.58 views

Important: kernel

Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...

7.1CVSS6.7AI score0.00962EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/03/18 12:0 a.m.228 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4302-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4302-1 advisory. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the...

6.8CVSS6.6AI score0.02745EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2020/03/18 12:0 a.m.55 views

Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-4303-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4303-1 advisory. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent...

6.8CVSS6.6AI score0.00927EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/03/17 1:48 a.m.110 views

USN-4303-1: Linux kernel vulnerability

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information...

6.8CVSS6.7AI score0.00927EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/03/17 1:41 a.m.121 views

USN-4303-2: Linux kernel (HWE) vulnerability

USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel...

6.8CVSS6.7AI score0.00927EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2020/03/13 12:0 a.m.97 views

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:0336-1 Rating: important References: 1046303 1050244 1050549 1051510 1051858 1060463 1061840 1065600 1065729 1071995 1083647 1085030 1086301 1086313 1086314 1088810 1090888 1103989 1103990 1103991...

10CVSS7.3AI score0.12651EPSS
Exploits12References229
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.50 views

openSUSE Security Update : the Linux Kernel (openSUSE-2020-336)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-14615: Insufficient control flow in certain data structures for some IntelR Processors with IntelR Processor Graphics may have allowed an unauthenticated user to...

10CVSS7.7AI score0.12651EPSS
Exploits12References264
Tenable Nessus
Tenable Nessus
added 2020/03/06 12:0 a.m.48 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0584-1)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources bsc1163971. CVE-2019-19338:...

10CVSS6.5AI score0.08667EPSS
Exploits12References293
OSV
OSV
added 2020/02/29 1:42 p.m.9 views

MGASA-2020-0110 Updated kernel packages fix security vulnerability

This update is based on upstream 5.5.6 and fixes at least the following security vulnerability: A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervis...

6.8CVSS7.1AI score0.00927EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2020/02/26 12:0 a.m.30 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5542)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5542 advisory. - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847137 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function...

6.8CVSS6.7AI score0.00927EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/02/26 12:0 a.m.42 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5543)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5543 advisory. - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function...

6.8CVSS6.7AI score0.00927EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/02/25 12:0 a.m.66 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5540)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5540 advisory. - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function...

6.8CVSS6.7AI score0.00927EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2020/02/24 6:0 p.m.34 views

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...

6.8CVSS6.7AI score0.00927EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/02/20 12:0 a.m.36 views

RHEL 8 : virt:8.1 and virt-devel:8.1 (RHSA-2020:0555)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0555 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM hypervisor in environments managed by...

6.5CVSS7.4AI score0.03133EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/02/19 7:0 p.m.87 views

Moderate: Red Hat Security Advisory: virt:8.1 and virt-devel:8.1 security update

An update for the virt:8.1 and virt-devel:8.1 modules is now available for Advanced Virtualization for RHEL 8.1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

6.5CVSS7AI score0.03133EPSS
Exploits0References3
Rows per page
Query Builder