CLSA-2024-1709204660 kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

CVE-2021-46978

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

UBUNTU-CVE-2021-46977

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a user return MSR via RDSMR/WRMSR. If the MSR holds a different value per logical CPU, the WRMSR could corrupt the host's value if KVM is...

DEBIAN-CVE-2023-34326

The caching invalidation guidelines from the AMD-Vi specification 48882—Rev 3.07-PUB—Oct 2022 is incorrect on some hardware, as devices will malfunction see stale DMA mappings if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory range...

Xen Buffer Error Vulnerability

Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. Xen suffers from a security vulnerability th...

virt:ol and virt-devel:rhel security, bug fix, and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...

Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

...

SUSE CVE-2023-20566

Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity...

Oracle Virtualization Security Vulnerability

Oracle Virtualization and Oracle VM VirtualBox are both products of Oracle Corporation.Oracle Virtualization is a suite of virtualization solutions. Oracle Virtualization is a suite of virtualization solutions used to unify the management of the entire hardware and software architecture, from...

Oracle Virtualization 安全漏洞

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtu...

DEBIAN-CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

SUSE CVE-2014-0182

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

SUSE CVE-2014-4021

Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors...

SUSE CVE-2015-0236

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the virDomainSnapshotGetXMLDesc interface or 2 image to the virDomainSaveImageGetXMLDesc interface...

SUSE CVE-2019-8934

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest...

Drop What You're Doing and Update iOS, Android, and Windows

Plus: Major patches dropped this month for Chrome, Firefox, VMware, Cisco, Citrix, and SAP...

PT-2022-35132 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue concerns the propagation of PERF GLOBAL CTRL settings from vmcs12 to vmcs02 in the nVMX component of KVM. The actual impact and attack plausibility have not yet been proven...

PT-2022-35371 · Linux · Kvm

Name of the Vulnerable Software and Affected Versions: KVM versions prior to v5.15.75 Description: The issue concerns the propagation of PERF GLOBAL CTRL settings from vmcs12 to vmcs02 in nVMX. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior...

AZL-35163 CVE-2022-3872 affecting package qemu for versions less than 6.2.0-18

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

ALPINE-CVE-2022-42323

Xenstore: Cooperating guests can create arbitrary numbers of nodes This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by...