DEBIAN-CVE-2022-0516

A vulnerability was found in kvms390guestsidaop in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4...

UBUNTU-CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

kernel: KVM: double fetch in nested_svm_vmrun can lead to unrestricted MSR access

A flaw was found in the Linux kernel. A KVM guest on AMD can launch a nested guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nestedsvmvmrun. A malicious guest could use this flaw to gain unrestricted access to host MSRs, possibly leading to guest-to-host esca...

kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c

A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvmiobusunregisterdev upon a kmalloc failure. The highest threat from this vulnerability is to system availability...

kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)

A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is not affected by the MDS issue MDSNO=1, the guest was to...

Kernel: KVM: OOB memory access via mmio ring buffer

An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host user-space...

The vulnerability of the KVM virtualization subsystem in Linux operating systems allows a attacker to increase their privileges or cause service failures.

The vulnerability of the KVM virtualization subsystem in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service interruptions...

The vulnerability of the vcpu_scan_ioapic function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the vcpuscanioapic function arch/x86/kvm/x86.c in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to a system call to the Kernel-Based Virtual Machine KVM...

Linux kernel denial of service vulnerability (CNVD-2017-37597)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the KVM in Linux kernel. An attacker can exploit this vulnerability to...

Kernel: kvm: page reference leakage in handle_vmon

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...

Kernel: Kvm: vmx/svm potential privilege escalation inside guest

Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support was vulnerable to an incorrect segment selectorSS value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resultin...

UBUNTU-CVE-2016-9588

arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the BP and OF exceptions, which allows guest OS users to cause a denial of service guest OS crash by declining to handle an exception thrown by an L2 guest...

USN-2801-1 linux vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

kernel: kvm: vmx: invalid host cr4 handling across vm entries

It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause a denial of service on the system...

PYSEC-2014-111

The icreateimagesandbacking aka createimagesandbacking method in libvirt driver in OpenStack Compute Nova Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users vi...

Moderate: Red Hat Security Advisory: kvm security and bug fix update

Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

PT-2010-2200 · Red Hat · Red Hat Enterprise Virtualization +2

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization RHEV version 2.2 KVM version 83 Description: The issue allows guest OS users to cause a denial of service, resulting in a host OS crash due to a NULL pointer dereference. This occurs when the Intel VT-x...

kvm: emulator privilege escalation IOPL/CPL level check

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not use the Current Privilege Level CPL and I/O Privilege Level IOPL to restrict instruction execution, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the...