EUVD-2026-32872

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the PTE update for kernel memory on radix. When adding a PTE, a ptesync is required to ensure that the PTE update is performed correctly before subsequent accesses. Otherwise, a spurious fault may occur...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000419)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000419 advisory. Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to potentially enable...

SUSE CVE-2025-68179

In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCHWANTOPTIMIZEHUGETLBVMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing corresponding TLB entries. Even ...

CVE-2025-68179 s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP

In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCHWANTOPTIMIZEHUGETLBVMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing corresponding TLB entries. Even ...

CVE-2022-50393

CVE-2022-50393 affects the Linux kernel in the AMDGPU SDMA update path. The root cause is SDMA updating page tables from an unlocked context, triggering a warning in dma_resv_iter_next and related functions (amdgpu_vm_sdma_update, amdgpu_vm_ptes_update, etc.). The issue is mitigated by using an u...

CVE-2023-53248

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update fences are unused. Install stub fence into these fence pointers instead of NULL to avoid NULL dereference when...

CVE-2023-53248

CVE-2023-53248 affects the Linux kernel DRM/AMDGPU subsystem. The fix installs a stub fence into potentially unused page-table update fences instead of NULL to avoid NULL dereferences when dma_fence_wait() is called on those pointers during CPU-based page-table updates. This targets the scenario ...

SUSE CVE-2016-1570

The PV superpage functionality in arch/x86/mm.c in Xen 3.4.0, 3.4.1, and 4.1.x through 4.6.x allows local PV guests to obtain sensitive information, cause a denial of service, gain privileges, or have unspecified other impact via a crafted page identifier MFN to the 1 MMUEXTMARKSUPER or 2...

SUSE CVE-2018-12207

Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to potentially enable denial of service of the host system via local access...

SUSE CVE-2022-1158

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

Ubuntu: Security Advisory (USN-5467-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2022-0075)

The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities: - The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maxim...

Fedora 31 : xen (2020-6dd36a716c)

revised patch for XSA-286 mitigating performance impact ---- x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286, CVE-2020-27674 1891092 ---- x86: Race condition in Xen mapping code XSA-345 undue deferral of IOMMU TLB flushes XSA-346 unsafe AMD IOMMU page table updates XSA-347 No...

openSUSE Security Update : xen (openSUSE-2020-1844)

This update for xen fixes the following issues : - bsc1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries XSA-286 - bsc1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code XSA-345 - bsc1177413 - VUL-0: CVE-2020-27671: xen: undue...

CVE-2020-27670

A flaw was found in Xen in the AMD IOMMU page table updates. This flaw allows a malicious guest to cause a denial of service, host data corruption, or potential privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Updated microcode packages fix security vulnerabilities

NOTE! This is a refresh of the 20191112 security update we released as MGASA-2019-0334. This update provides the Intel 20191115 microcode release that adds more microcode side fixes and mitigations for the Core Gen 6 to Core gen 10, some Xeon E series, adressing at least the following security...

Xen elevation of privilege vulnerability (CNVD-2020-07296)

Xen is an open source virtual machine monitor product. An elevation of privilege vulnerability exists in Xen 4.12. and earlier versions. The vulnerability stems from a race condition in page table upgrade and downgrade operations. An attacker could exploit this vulnerability to gain privileges on...

MGASA-2019-0333 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. A...