CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

492 matches found

OSV•added 2025/09/15 3:15 p.m.•3 views

DEBIAN-CVE-2023-53208

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...

5.5CVSS5.4AI score0.00017EPSS

Exploits0References1

OSV•added 2025/09/15 3:15 p.m.•3 views

UBUNTU-CVE-2023-53208

5.5CVSS5.7AI score0.00017EPSS

Exploits0References6

CVE•added 2025/09/15 2:21 p.m.•17 views

CVE-2023-53208

CVE-2023-53208 : Linux kernel KVM nested virtualization flaw where L1’s TSC multiplier is loaded based on L1 state instead of L2, causing a mismatch that userspace can trigger via MSR writes and guest CPUID changes. The fix ensures L1’s multiplier is loaded when exiting nested VM, preventing the ...

5.5CVSS6.1AI score0.00017EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/09/15 2:21 p.m.•1 views

CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state

6.1AI score0.00017EPSS

Exploits0References3

Tenable Nessus•added 2025/08/15 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...

8.8CVSS6.8AI score0.00066EPSS

Exploits0References2

Tenable Nessus•added 2025/08/11 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-45869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service host OS crash or host OS memory...

5.5CVSS6.6AI score0.00014EPSS

Exploits1References2

Tenable Nessus•added 2025/08/11 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2020-2732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some...

6.8CVSS6.7AI score0.00438EPSS

Exploits1References2

Tenable Nessus•added 2025/08/07 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2017-12188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest...

7.8CVSS7.8AI score0.00055EPSS

Exploits0References2

Tenable Nessus•added 2025/08/07 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2022-2196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1...

8.8CVSS7.2AI score0.00033EPSS

Exploits0References2

Tenable Nessus•added 2025/08/05 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-3653

8.8CVSS6.8AI score0.00015EPSS

Exploits1References2

OSV•added 2025/05/01 1:15 p.m.•0 views

UBUNTU-CVE-2025-23141

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

5.5CVSS6.1AI score0.00035EPSS

Exploits0References28

SUSE CVE•added 2025/03/08 2:50 a.m.•1 views

SUSE CVE-2025-21839

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

5.5CVSS6.6AI score0.00025EPSS

Exploits0References21

OSV•added 2025/03/07 9:15 a.m.•2 views

UBUNTU-CVE-2025-21839

5.5CVSS6.2AI score0.00025EPSS

Exploits0References25

OSV•added 2025/02/26 7:1 a.m.•0 views

UBUNTU-CVE-2022-49559

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...

5.5CVSS6AI score0.00048EPSS

Exploits0References7

Positive Technologies•added 2025/02/12 12:0 a.m.•4 views

PT-2025-10071

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel's KVM Kernel-based Virtual Machine implementation allows the guest's DR6 value to be clobbered when the guest modifies DR6 and then a fastpath VM-Exit occurs...

5.5CVSS5.5AI score0.00025EPSS

Exploits0

RedHat Linux•added 2024/12/19 12:58 a.m.•2 views

kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...

7.1CVSS6.7AI score0.00014EPSS

Exploits0References5