UBUNTU-CVE-2024-46794

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

CVE-2024-46790 codetag: debug: mark codetags for poisoned page as empty

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: mark codetags for poisoned page as empty When PGhwpoison pages are freed they are treated differently in freepagesprepare and instead of being released they are isolated. Page allocation tag counters are decrement...

RHSA-2016:1000 Red Hat Security Advisory: qemu-kvm-rhev security update

Bulletin has no description...

KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status

...

VICIdial 2.14-917a SQL Injection Vulnerability

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database. Title: VICIdial Unauthenticated SQL Injection Publication URL:...

CVE-2024-43470

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability...

CVE-2024-32668

An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, whic...

SUSE CVE-2024-44978

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Free job before xeexecqueueput Free job depends on job-vm being valid, the last xeexecqueueput can destroy the VM. Prevent UAF by freeing job before xeexecqueueput. cherry picked from commit...

SUSE CVE-2024-44981

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that originates from malware running in a guest VM that can utilize a buffer overflow to enable code execution in a bhyve userspace process typically running as root on the host...

DEBIAN-CVE-2024-44978

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Free job before xeexecqueueput Free job depends on job-vm being valid, the last xeexecqueueput can destroy the VM. Prevent UAF by freeing job before xeexecqueueput. cherry picked from commit...

CVE-2024-44981

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

UBUNTU-CVE-2024-44981

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

CVE-2024-44981 workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask()

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

CVE-2024-44981

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

CVE-2024-44981 workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask()

In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix UBSAN 'subtraction overflow' error in shiftandmask UBSAN reports the following 'subtraction overflow' error when booting in a virtual machine on Android: | Internal error: UBSAN: integer subtraction overflow:...

CVE-2024-45506

creationtimestamp| type| source ---|---|--- 2024-09-04 17:44:46+00:00| seen| https://t.me/cvedetector/4794 2024-09-09 09:27:41+00:00| exploited| https://t.me/HackingInsights/12528 2025-03-14 19:45:02+00:00| exploited| https://t.me/DarkWebInformerCVEAlerts/7632 2026-06-19 12:46:35+00:00| exploited...

PT-2024-8608 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The issue is related to the ctl request sense function in the ctl subsystem of FreeBSD operating systems, which can lead to a buffer overflow in memory. This can allow an attacker to execut...

PT-2024-29640 · Bhyve +1 · Bhyve +1

Name of the Vulnerable Software and Affected Versions: bhyve affected versions not specified Description: Malicious software running in a guest VM can exploit a buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. The bhyve process ru...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...