11898 matches found
CVE-2025-63384
A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...
CVE-2025-63384
A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...
USN-7865-1 linux-fips vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7862-2 linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-raspi vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7862-2: Linux kernel vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7860-5 linux-hwe-6.14 vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7860-5: Linux kernel (HWE) vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
CVE-2025-63384
CVE-2025-63384 affects RISC-V Rocket-Chip v1.6 and earlier. The SRET instruction fails to downgrade from M-mode to S-mode as dictated by sstatus.SPP, causing a privilege retention vulnerability where execution remains in Machine mode. Impact is described as high confidentiality risk with no repor...
CVE-2025-63384
A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...
PT-2025-46191
Name of the Vulnerable Software and Affected Versions RISC-V Rocket-Chip versions 1.6 and earlier Description A flaw exists in the handling of the SRET Supervisor-mode Exception Return instruction within the processor. Instead of correctly transitioning from Machine-mode M-mode to Supervisor-mode...
KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
...
KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can disrupt control over a running virtual machine instance by creating a pod with identical labels to the legitimate virt-launcher pod, misleading the controller into associating the fake pod with t...
AZL-69967 CVE-2025-64436 affecting package kubevirt 0.59.0-38
KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This vulnerability could...
AZL-69802 CVE-2025-64435 affecting package kubevirt for versions less than 1.6.3-1
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
CVE-2025-64435
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
AZL-69964 CVE-2025-64435 affecting package kubevirt for versions less than 0.59.0-33
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw in the virt-controller allows an attacker to disrupt the control over a running VMI by creating a pod with the same labels as the legitimate virt-launcher pod associated with the VMI. This can...
CVE-2025-64433 KubeVirt Arbitrary Container File Read
KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod's file system. This issue stems from improper symlink handling when mounting PVC disks into a VM...