ROS-20260121-73-0015

A vulnerability in the KVM component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 8 : kernel-4.18.0-305.25.1.el8_4 (AXSA:2021-2534:24)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2534:24 advisory. kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.491.AXS4.7 (AXSA:2017-1309:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1309:02 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.448.AXS4.2 (AXSA:2015-125:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-125:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.415.AXS4.8 (AXSA:2014-285:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-285:04 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.448.AXS4.4 (AXSA:2015-153:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-153:03 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000996)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000996 advisory. The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003975)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003975 advisory. A NULL pointer dereference flaw was found in the Linux kernels KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. Thi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004187)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004187 advisory. An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a setmemoryregiontest infinite loop for certain nested page faults, aka...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000901 advisory. arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the BP and OF exceptions, which allows guest OS users to cause a denial of service guest OS crash by...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000804)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000804 advisory. Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execu...

MiracleLinux 7 : kernel-3.10.0-957.12.1.el7 (AXSA:2019-3871:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3871:03 advisory. Kernel: KVM: potential use-after-free via kvmioctlcreatedevice CVE-2019-6974 Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.448.AXS4.3 (AXSA:2015-140:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-140:02 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Security issues fixed with this release: CVE-2015-3456 Tenab...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004317 advisory. A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002559 advisory. A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilegeCPL lev...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002231)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002231 advisory. The recalculateapicmap function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service ho...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002025 advisory. Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002101)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002101 advisory. The emsysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to ga...

CVE-2025-71104 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

CVE-2025-71104

The CVE-2025-71104 entry concerns the Linux kernel KVM on x86 with the HV timer. Root cause: when advancing the guest APIC timer expiration in periodic mode, adding a period to a past target expiration can create an unbounded sequence of hrtimer IRQs; if the guest is paused, this can trigger host...