51 matches found
CVE-2021-47390
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvmmakevcpusrequestmask+0x174/0x440 kvm Read of size 8 at addr ffffc9001364f638 by tas...
CVE-2024-26992
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architecturally broken without an obvious/easy path forward, and because exposing adaptive PEBS can leak host...
PT-2025-26153 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the initialization of Xen timers in the KVM Kernel-based Virtual Machine module. The issue occurred when the kvm xen...
CBL Mariner 2.0 Security Update: kernel (CVE-2022-1852)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1852 advisory. - A NULL pointer dereference flaw was found in the Linux kernel's KVM module, which can lead to a denial of...
AlmaLinux 9 : kernel (ALSA-2022:8267)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8267 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...
kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...
kernel: NULL pointer dereference in x86_emulate_insn may lead to DoS
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...
PT-2025-26007 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from the Linux kernel's KVM module not properly handling the unloading of modules, specifically when using try get module. This can lead to fatal errors, such as...
GSD-2022-1005535 KVM: Unconditionally get a ref to /dev/kvm module when creating a VM
KVM: Unconditionally get a ref to /dev/kvm module when creating a VM This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...
PT-2022-33793 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.15.33 through v5.15.62 Description: The issue concerns the KVM module in the Linux Kernel, where a reference to the /dev/kvm module is unconditionally obtained when creating a VM. The actual impact and attack...
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5602-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5602-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-5599-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5599-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-003)
The version of kernel installed on the remote host is prior to 5.15.50-23.125. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-003 advisory. - With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is...
Null pointer dereference
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...
UBUNTU-CVE-2022-1852
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...
CVE-2022-1852
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU...
CVE-2022-1852
CVE-2022-1852 concerns a NULL pointer dereference in the Linux kernel’s KVM module during x86 emulation (x86_emulate_insn) when the guest executes an illegal instruction on Intel CPUs, which can lead to a denial of service. The vulnerability is in the KVM emulation path (arch/x86/kvm/emulate.c) a...
CVE-2022-1852
A NULL pointer dereference flaw was found in the Linux kernel’s KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. Mitigation This flaw can be mitigated by preventing...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9442)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9442 advisory. 5.4.17-2136.307.3.5 - KVM: x86: avoid calling x86 emulator without a decoded instruction Sean Christopherson Orabug: 34211496 CVE-2022-1852 CVE-2022-1852...
CVE-2021-20317
A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while runnin...