EUVD-2025-37346

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

ALPINE-CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

Vulnerabilities fixed in Rockwell Automation FactoryTalk

Rockwell Automation has fixed vulnerabilities in FactoryTalk View Machine Edition. The vulnerabilities include an authentication bypass that allows unauthorized access to the PanelView Plus 7 Series B file system and diagnostic information. In addition, there is a path-traversal vulnerability tha...

KVM: arm64: Prevent access to vCPU events before init

...

MH-1M: A 1.34 Million-Sample Comprehensive Multi-Feature Android Malware Dataset for Machine Learning, Deep Learning, Large Language Models, and Threat Intelligence Research

We present MH-1M, one of the most comprehensive and up-to-date datasets for advanced Android malware research. The dataset comprises 1,340,515 applications, encompassing a wide range of features and extensive metadata. To ensure accurate malware classification, we employ the VirusTotal API,...

Malicious code in cordova-plugin-globalization.moment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 431a9d9edd37d8a5dc80555f3c56e275f5c79162ed66ae419cc7b2450c6ad75c The package cordova-plugin-globalization.moment was found to contain malicious code. Source: ghsa-malware...

Malicious code in tailwindcss-utility (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dc855ea3b9e7fe55f82bc9c967ae3e8789666f58f0a9504975e905a164c5af2 The package tailwindcss-utility was found to contain malicious code. Source: ghsa-malware...

USN-7850-1: Linux kernel vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

CVE-2025-40102

CVE-2025-40102 affects the Linux kernel KVM/ARM64: an attacker could access vCPU events before a vCPU is initialized, leading to misinterpretation of uninitialized data and potential exception handling issues. The description and connected advisories (EulerOS kernel advisories) confirm this as a ...

CVE-2025-40086 drm/xe: Don't allow evicting of BOs in same VM in array of VM binds

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

CVE-2025-40086

CVE-2025-40086 affects the Linux kernel DRM XE path. An array of VM binds could evict other buffer objects (BOs) within the same VM, potentially causing NULL pointer dereferences in the bind pipeline. The fix clears the allow_res_evict flag in xe_bo_validate (and there was a follow‑up commit that...

CVE-2025-40086 drm/xe: Don't allow evicting of BOs in same VM in array of VM binds

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

SUSE CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

Linux Distros Unpatched Vulnerability : CVE-2025-40086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing BOs to be evicted in the same VM, potentially leading to null pointer dereferencing...

Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this...