4436 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000186)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000186 advisory. A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between...
Malicious Package
Overview evm-gateway-contracts-private is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
EUVD-2026-1104
Malicious code in evm-gateway-contracts-private npm...
PT-2026-28510
Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus, a system container and virtual machine manager, has an issue in its API for retrieving VM screenshots. This API uses a temporary file for QEMU to write the screenshot to, which is then sent to...
PT-2026-5531
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak within the KVM Kernel-based Virtual Machine component on LoongArch architecture. Specifically, the kvm device structure is not properly freed in t...
PT-2026-5532
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel related to KVM Kernel-based Virtual Machine functionality on LoongArch architecture. Specifically, the kvm device structure allocated in kvm ioct...
SUSE CVE-2023-54296
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only hoses the guest, it...
CVE-2023-54296
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only hoses the guest, it...
UBUNTU-CVE-2023-54241
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 "MIPS: Remove KVMTE support" we get a NULL pointer dereference when creating a KVM guest: 146.243409 Starting KVM with MIPS VZ extensions 149.849151 CP...
CVE-2023-54296 KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only hoses the guest, it...
CVE-2023-54241
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 "MIPS: Remove KVMTE support" we get a NULL pointer dereference when creating a KVM guest: 146.243409 Starting KVM with MIPS VZ extensions 149.849151 CP...
CVE-2022-50827
CVE-2022-50827 — Linux kernel (lpfc SCSI driver) memory leak fix : The issue arose in lpfc_create_port() after VMID allocations were introduced by a VMID-related patch. On VMID allocation failure, the code branched to an ‘out’ path that returned NULL without unwinding VMID resources, bypassing sc...
CVE-2022-50827 scsi: lpfc: Fix memory leak in lpfc_create_port()
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix memory leak in lpfccreateport Commit 5e633302ace1 "scsi: lpfc: vmid: Add support for VMID in mailbox command" introduced allocations for the VMID resources in lpfccreateport after the call to scsihostalloc. Upon...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from obtaining the source vCPU from the target VM, which could result in a null pointer dereference...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992686)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992686 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if new route isn't postable Restore an IRTE back to host...
SUSE CVE-2023-54024
In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kvmiobusunregisterdev does not destroy the targ...
SUSE CVE-2023-54081
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...
SUSE CVE-2023-54092
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...
EUVD-2023-60364
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...
CVE-2023-54092
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...