kernel security update

An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Linux Distros Unpatched Vulnerability : CVE-2026-46131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect...

RLSA-2026:19568 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

UBUNTU-CVE-2026-46032

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if restore host CR3 fails on nested VMEXIT If loading L1's CR3 fails on a nested VMEXIT, nestedsvmvmexit returns an error code that is ignored by most callers, and continues to run L1 with corrupted state....

Linux Distros Unpatched Vulnerability : CVE-2017-1000252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via an...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2026-43133 KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation Commit cc3ed80ae69f "KVM: nSVM: always use vmcb01 to for vmsave/vmload of guest state" made KVM always use vmcb01 for the fields controlled by VMSAVE/VMLOAD, but it missed...

Astra Linux - уязвимость в linux-5.10

A NULL pointer dereference issue was discovered in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, resulting in a kernel oops condition that causes a denial of service...

RockyLinux 8 : virt:rhel and virt-devel:rhel (RLSA-2026:5578)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:5578 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the RockyLinux security...

CVE-2026-32291 GL-iNet Comet (GL-RM1) KVM unauthenticated root access via UART serial console

The GL-iNet Comet GL-RM1 KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...

ANGEET ES3 KVM 安全漏洞

ANGEET ES3 KVM is a KVM switch device from the ANGEET company that enables remote control of keyboards, video, and mice via the network. The Angeet ES3 KVM has a security vulnerability, which stems from improper cleanup of variables provided by users. This vulnerability could allow authenticated...

qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

MiracleLinux 4 : kernel-2.6.32-358.11.1.el6 (AXSA:2013-540:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-540:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001340 advisory. An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still...

MiracleLinux 7 : qemu-kvm-1.5.3-141.el7.6 (AXSA:2018-2500:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2500:01 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used...

MiracleLinux 3 : kvm-83-262.0.1.AXS3.3 (AXSA:2013-449:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-449:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

MiracleLinux 4 : kernel-2.6.32-358.11.1.el6 (AXSA:2013-571:06)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-571:06 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002389 advisory. The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003054 advisory. The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS user...