Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

ALSA-2023:7277 Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

ALSA-2023:7265 Important: open-vm-tools security update

The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fixes: open-vm-tools: SAML token signature bypass CVE-2023-34058...

DEBIAN-CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

Input validation

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

AMD CPU 安全漏洞

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from an improper instruction vulnerability that stems from the fact that incorrect or unexpected behavior of the INVD instruction would allow an attacker with a malicious hypervisor to affect the cache line write-back behavior of the CPU...

Failed to delete VM from Citrix Web Studio

Failed to delete VM from Citrix Web Studio. The virtual machine S-xxxxxxxxxxxxx was deleted. MachineFailure : S-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Internal error: Failed to delete virtual machine ErrorID : Citrix.MachineCreation.DataModel.MachineCreationDiagnosticException TaskErrorInformation ...

SUSE CVE-2023-5090

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

[SECURITY] Fedora 39 Update: open-vm-tools-12.3.0-3.fc39

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

kernel: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvmxeneventfdassign Should not call eventfdctxput in case of error. Introduce new goto target instead. - Paolo...

Fedora 39 : open-vm-tools (2023-20b6ac4b6c)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-20b6ac4b6c advisory. Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867 Tenable has extracted the preceding...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from information disclosure in the Qualcomm IPC when reading values from shared memory in a VM...

PT-2023-21801 · Qualcomm · Qualcomm Ipc

Name of the Vulnerable Software and Affected Versions: Qualcomm IPC affected versions not specified Description: The issue is related to information disclosure in Qualcomm IPC when reading values from shared memory in a virtual machine. Recommendations: At the moment, there is no information abou...

UBUNTU-CVE-2023-5090

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

How to Back Up Virtual Machine Metadata to a USB Device

When migrating a set of Virtual Machines VMs from one XenServer host or pool to another, it is necessary to back up and then restore the Virtual Machine Metadata. It is recommended that the Virtual Machine Metadata be stored on the same Storage Repository as the Virtual Machines. But, it is also...

Debian DSA-5543-1 : open-vm-tools - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5543 advisory. Two security issues have been discovered in the Open VMware Tools, which could result in privilege escalation. For the oldstable distribution bullseye, these...

Low: Red Hat Security Advisory: libguestfs-winsupport security update

An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

ALSA-2023:6167 Low: libguestfs-winsupport security update

The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine VM disk images. Security Fixes: NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS imag...

CVE-2023-34057

VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...