MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-7332:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7332:01 advisory. QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free CVE-2021-3750 QEMU: net: triggerable assertion due to race condition in hot-unplug...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2021-1660:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1660:01 advisory. QEMU: Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm CVE-2021-20295 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-8558:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8558:01 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a US-based company. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization across both desktops and data centers. VM VirtualBox is one of th...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a US-based company. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization across both desktops and data centers. VM VirtualBox is one of th...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a company in the United States. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization from desktops to data centers. VM VirtualBox is one o...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a US-based company. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization across both desktops and data centers. VM VirtualBox is one of th...

MiracleLinux 9 : kernel-5.14.0-427.35.1.el9_4 (AXSA:2024-8827:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8827:29 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: nfsd: fix RELEASELOCKOWNER CVE-2024-26629 kernel:...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2023-6448:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6448:01 advisory. QEMU: VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service CVE-2023-3354 NTFS-3G: buffer overflow...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-3808:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3808:01 advisory. QEMU: QXL: integer overflow in cursoralloc can lead to heap buffer overflow CVE-2021-4206 QEMU: QXL: double fetch in qxlcursor can lead to heap buff...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a company in the United States. This product is used for the unified management of the entire hardware and software system, from applications to disks, enabling virtualization from desktops to data centers. VM VirtualBox is o...

MiracleLinux 8 : kernel-4.18.0-305.25.1.el8_4 (AXSA:2021-2534:24)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2534:24 advisory. kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 kernel: out-of-bounds write due to a heap buffer overflow...

MiracleLinux 9 : qemu-kvm-8.2.0-11.el9_4.4 (AXSA:2024-8508:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8508:05 advisory. qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467 Tenable has extracted the preceding description block directly from the...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a US-based company. This product is used for unified management of the entire hardware and software system, from applications to disks, enabling virtualization across both desktops and data centers. VM VirtualBox is one of th...

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.3 (AXSA:2021-1371:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1371:01 advisory. QEMU: loader: OOB access while loading registered ROM may lead to code execution CVE-2020-13765 QEMU: reachable assertion failure in...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2021-2165:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2165:01 advisory. libvirt: double free in qemuAgentGetInterfaces in qemuagent.c CVE-2020- 25637 QEMU: heap buffer overflow in msixtablemmiowrite in hw/pci/msix.c...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.491.AXS4.7 (AXSA:2017-1309:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1309:02 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine

In this paper, the authors present StackWarp, a software-based architectural attack exploiting the stack engine on AMD Zen CPUs to modify the stack pointer within an SEV-SNP guest, fully breaking integrity...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.160.AXS4.8 (AXSA:2011-600:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-600:02 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

MiracleLinux 8 : virt:rhel (AXSA:2020-322:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-322:01 advisory. QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server CVE-2020-1711 QEMU: slirp: OOB buffer access while emulating tcp...