CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

SUSE CVE-2022-49557

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI size of KVM's guest FPU to 'struct kvmxsave', i.e. to KVM's historical uABI size. When saving FPU state for usersapce, KVM well, now th...

DEBIAN-CVE-2022-49610

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPECCTRL value is written, and the vmenter. Balanced returns matched by a preceding call are usually ok, but it's...

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. A security vulnerability exists in AMD SEV-SNP that stems from incorrect signature verification...

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability...

Microsoft Windows Virtualization-Based Security Enclave 输入验证错误漏洞

Microsoft Windows Virtualization-Based Security Enclave Microsoft Windows VBS Enclave is a software-based trusted execution environment within the host application address space from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Windows Virtualization-Base...

The vulnerability of the trusted execution environment of the Virtualization-Based Security (VBS) Enclave in Microsoft Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the trusted execution environment for the Virtualization-Based Security VBS Enclave in Microsoft Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2024-49076

Windows Virtualization-Based Security VBS Enclave Elevation of Privilege Vulnerability...

CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

...

Microsoft Hyper-V 安全漏洞

Microsoft Windows Hyper-V is a virtualization technology developed by Microsoft for creating and managing virtual machines on the Windows operating system, of which the Shared Virtual Disk is one. An elevation of privilege vulnerability exists in Microsoft Windows Hyper-V Shared Virtual Disk, whi...

Microsoft Hyper-V 安全漏洞

Microsoft Windows Hyper-V is a tool from Microsoft USA that provides hardware virtualization. A remote code execution vulnerability exists in Microsoft Windows Hyper-V, which can be exploited by an attacker to perform remote execution...

AZL-49335 CVE-2024-46707 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the ICCSGIEL1 registers is...

kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()

A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem KVM, specifically affecting the Secure Virtual Machine SVM feature used on AMD processors. The issue arises from a use-after-free condition in the svmregisterencregion function, which can lead to...

The vulnerability of the SEV-SNP and SEV-ES security mechanisms in Linux operating systems allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SEV-SNP and SEV-ES protection mechanisms in Linux operating systems is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and...

UBUNTU-CVE-2021-47277

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn an...

ALPINE-CVE-2023-46842

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1624)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Virtualization 安全漏洞

Oracle Virtualization and Oracle VM VirtualBox are both products of Oracle Corporation.Oracle Virtualization is a suite of virtualization solutions. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the...

SUSE CVE-2024-3567

A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition...

Microsoft Hyper-V 安全漏洞

Microsoft Windows Hyper-V is a tool from Microsoft USA that provides hardware virtualization. A denial of service vulnerability exists in Microsoft Windows Hyper-V, which can be exploited by attackers to cause a denial of service...