CVE-2025-27032 Improper Access Control Applied to Mirrored or Aliased Memory Regions in Hypervisor

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency...

CVE-2025-27032 Improper Access Control Applied to Mirrored or Aliased Memory Regions in Hypervisor

memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency...

CVE-2025-21476 Buffer Copy Without Checking Size of Input in Computer Vision

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

CVE-2025-21476

CVE-2025-21476 concerns memory corruption when passing parameters to the Trusted Virtual Machine during the handshake on Qualcomm chipsets. The vulnerability is characterized by a Local attack with Low complexity, Low privileges required, no user interaction, and a high impact on Confidentiality,...

CVE-2025-21476 Buffer Copy Without Checking Size of Input in Computer Vision

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing guest VM messages...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which arises from memory corruption when processing duplicate memory unmapping requests from a guest virtual machine...

PT-2025-39276

Name of the Vulnerable Software and Affected Versions versions prior to 2025-27077 Description A memory corruption issue exists when processing messages within a guest virtual machine. The issue may lead to unpredictable behavior or system compromise. Recommendations At the moment, there is no...

PT-2025-39266

Name of the Vulnerable Software and Affected Versions Versions prior to 2025 Description A memory corruption issue exists when parameters are passed to the Trusted Virtual Machine during the handshake process. Recommendations At the moment, there is no information about a newer version that...

PT-2025-39272

Name of the Vulnerable Software and Affected Versions versions prior to 2025-27032 Description A memory corruption issue exists when loading a Picture Interchange Language PIL authenticated Virtual Machine VM. This occurs when an authenticated VM image is loaded without maintaining cache coherenc...

PT-2025-39278

Name of the Vulnerable Software and Affected Versions versions prior to 2025-47315 Description A memory corruption issue exists when handling repeated memory unmap requests originating from a guest virtual machine. Recommendations At the moment, there is no information about a newer version that...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption that occurs when parameters are passed to the Trusted Virtual Machine during a handshake...

nightmare

This repository is an introduction to binary exploitation and reverse engineering course based on CTF challenges, called "Nightmare". It contains a large amount of content, with over 90 challenges, laid out in a linear fashion, and well-documented write-ups explaining how to go from being handed...

Unbreakable Enterprise kernel security update

5.15.0-312.187.5.3 - HID: core: do not bypass hidhwrawrequest Benjamin Tissoires Orabug: 38454666 CVE-2025-38494 - vsock: Do not allow binding to VMADDRPORTANY Budimir Markovic Orabug: 38454665 CVE-2025-38618 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Al Viro...

KVM: x86: use array_index_nospec with indices that come from guest

...

CVE-2023-53319

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

CVE-2023-53319 KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

AZL-67419 CVE-2025-39823 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks clamps these values to mitigate speculative execution side-channels...

CVE-2025-39811 drm/xe/vm: Clear the scratch_pt pointer on error

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xevmfreescratch by clearing any scratchpt error pointer. cherry picked from commit...

CVE-2023-53273

In the Linux kernel vulnerability CVE-2023-53273, the issue lies in the vmbus driver’s channel handling. The function relid2channel() assumes the vmbus channel array is allocated, but in multi-kernel scenarios (e.g., kdump/kexec), not all relids are reset by the host. If a guest receives a vmbus ...