CVE-2026-31591

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...

CVE-2026-31591 KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...

EUVD-2026-25484

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...

CVE-2026-31591

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests, as allowing userspace to manipulate and/or run a vCPU while its state is being...

CVE-2026-31590

The CVE-2026-31590 issue affects the Linux kernel KVM SEV path: sev_pin_memory() would WARN when npages overflowed an int due to KVM_MEMORY_ENCRYPT_REG_REGION with a large size, enabling a local user to trigger a harmless warning via userspace input (e.g., addr=0, size=-1ul). The root cause is th...

CVE-2026-31590

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...

CVE-2026-31588

CVE-2026-31588 concerns the Linux kernel KVM MMIO handling bug where an MMIO write that spans multiple pages could reference on‑stack data, enabling a use‑after‑free path. The root cause is an internal temporary variable path during complete_emulated_mmio when emulated MMIO writes cross page boun...

CVE-2026-31569

The CVE-2026-31569 issue affects the Linux kernel’s LoongArch KVM path, where EIOINTC's coremap can be empty in eiointc_update_sw_coremap(), causing an out-of-bounds access to kvm_arch::phyid_map::phys_map[]. The described impact is system instability or a crash, with potential information disclo...

PT-2026-34943

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM SEV component where vCPUs are not locked during the synchronization and encryption of VMSAs for SNP guests. If userspace manipulates or runs a vCPU while its...

Oracle Database Server (April 2026 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Security-in-Depth issue in the Spatial and Graph SQLite component of Oracle Database Server. This vulnerability cannot be exploited in the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the KVM SEV not locking all vCPUs when SNP completes synchronization and encryption of VMSA. This...

Apache多款产品 输入验证错误漏洞

Apache ActiveMQ, among others, is a product of the Apache Foundation in the United States. Apache ActiveMQ is an open-source messaging middleware. Apache ActiveMQ Broker is a enterprise-level messaging proxy middleware that supports multiple protocols. Apache ActiveMQ All is a complete messaging...

PT-2026-34905

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix the descriptor address in kvm at swap desc Using "u64 user hva + offset" to get the virtual addresses of S1/S2 descriptors looks really wrong, if offset is not zero. What we want to get for swapping is hva + offse...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of stack-local variables as source data during KVM x86 MMIO writes. When writing data tha...

PT-2026-34945

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM component regarding SEV Secure Encrypted Virtualization. The system fails to reject attempts to synchronize the vCPU state to its associated VMSA Virtual Machi...

PT-2026-34944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM SEV component where the sev mem enc register region function is not fully protected by the kvm-lock. Because the sev guest function is unstable unless kvm-lock...

CVE-2026-41270

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and...

Oracle Database Server Java VM Component Data Disclosure Vulnerability

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013515 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI siz...

CVE-2026-35229

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.30 and 21.3-21.21. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability...