14 matches found
EUVD-2023-37225
Malicious code in bioql PyPI...
CVE-2023-33036
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call...
NVIDIA vGPU Software Security Vulnerability
NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...
kernel: untrusted VMM can trigger int80 syscall handling
A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...
SUSE CVE-2023-52874
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDXHYPERCALL macro In the TDXHYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...
kernel: untrusted VMM can trigger int80 syscall handling
A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...
kernel: untrusted VMM can trigger int80 syscall handling
A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...
kernel: untrusted VMM can trigger int80 syscall handling
A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...
SUSE CVE-2024-25744
In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...
AZL-48786 CVE-2024-25744 affecting package kernel 5.15.200.1-1
In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...
PT-2024-12379 · Unknown · Hypervisor
Name of the Vulnerable Software and Affected Versions: Hypervisor affected versions not specified Description: The issue involves a permanent denial of service DOS in the Hypervisor when an untrusted virtual machine VM without Power State Coordination Interface PSCI support makes a PSCI call. Thi...
SUSE CVE-2018-1000026
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pa...
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
...
Xen DoS using IOMMU faults from PCI-passthrough guest
ISSUE DESCRIPTION A VM that controls a PCIE device directly can cause it to issue DMA requests to invalid addresses. Although these requests are denied by the IOMMU, the hypervisor needs to handle the interrupt and clear the error from the IOMMU, and this can be used to live-lock a CPU and...