12691 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virtualization mode when SMM state is toggled The nested virtualization mode is forcibly exited if the user space toggles the SMM state using KVMSETVCPUEVENTS or KVMSYNCX86EVENTS. If the user space...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: Allows the CPU to reschedule while setting per-page memory attributes. When running a SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host may experience CPU soft lockups when performing an operation in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Obtain source vCPUs from the source VM for SEV-ES intrahost migration Fixed a bug where KVM attempts to retrieve source vCPUs from the destination VM during intrahost migration. Retrieving the wrong vCPU not only causes...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush the async PF workqueue when a vCPU is being destroyed. The async PF workqueue for each vCPU must always be flushed when a vCPU is clearing its completion queue, for example, when a VM and all its vCPUs are being...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed double calls to idafree in the hvpciprobe error path. If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, a call to free this domainnr is made via pcibusreleaseemuldomainnr. However, during...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Mark the target gfn of the emulated atomic instruction as dirty When emulating an atomic access on behalf of the guest, mark the target gfn as dirty if the CMPXCHG instruction attempts to be executed and fails without a...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: Fixed a data race on lastboostedvcpu in kvmvcpuonspin. Used READ, WRITEONCE to access kvm-lastboostedvcpu to ensure that reads and writes are atomic. In the extremely unlikely scenario where the compiler introduces errors in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e., even if its file refcount has gone to...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: When masking the value of MSRIA32PEBSENABLE for guests with specific vCPU values, it’s necessary to mask this value with the desired PEBSENABLE value of the vCPU. Simply consulting the host kernel’s host vs...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest has not been configured with a GICv3, and the host is not capable of emulating GICv2, writing to any of the ICCSGIEL1 registers will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn’t valid Skip the WRMSR and HLT fastpaths in SVM’s VM-Exit handler if the next RIP isn’t valid, for example, because KVM is running with nrips=false. SVM must decode and...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with the guest value only before entering the .vcpurun loop. The conditional loading of hardware DR6 with the guest’s DR6 value is moved out of the core .vcpurun loop to fix a bug where KVM may load hardware wi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed the issue where the adapter’s NULL pointer was dereferenced during reboot. With SRIOV enabled, idpf calls idpfremove twice. First, via idpfshutdown; then again when idpfremove calls sriovdisable. This is because th...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify that the target vCPU is online in kvmgetvcpu It is necessary to explicitly verify that the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is “bad”, the nospec clamping...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: KVM: SVM: Do not generate errors if the user space injects an interrupt with GIF=0. Do not generate errors or warnings during interrupt injection when GIF is cleared. It is trivial for the user space to force this situation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of proper checki...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: KVM: VMX: Fixed a crash that occurred due to an uninitialized currentvmcs. KVM enables “Enlightened VMCS” and “Enlightened MSR Bitmap” when running as a nested hypervisor on top of Hyper-V. When the MSR bitmap is updated, the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Correctly handling the kvmarminit failure in finalizepkvm Currently, there is no synchronization between the finalizepkvm and kvmarminit initcalls. finalizepkvm continues to execute even if kvmarminit fails, resulting...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory. kvmdevice-destroy seems to be supposed to free up the kvmdevice structure, but kvmeiointcDestroy does not do this...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...