924 matches found
UBUNTU-CVE-2026-53345
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying When marking a page dirty, complain about not having a running/loaded vCPU if and only if the VM is still alive, i.e. its refcount is non-zero. This will...
USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...
Astra Linux – Vulnerability in Linux 5.15, Linux
A flaw in memory leak prevention in the Linux kernel’s cpuentryarea mechanism for mapping X86 CPU data to memory was discovered. This flaw allows a local user to guess the locations of exception stacks or other important data. By exploiting this flaw, a local user can gain access to certain...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: For bpf on x86 architecture: Fixed the issue of not releasing bpfprogpack after its use. Syzbot reported several issues with bpfprogpack 1, 2. This issue only occurs when multiple subprogs are involved. In jitsubprogs, we firs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave. The starting uABI size of KVM’s guest FPU is set to struct kvmxsave, which is KVM’s historical uABI size. When saving the FPU state for a user space, KVM or...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/core: Always clear status for idx The variable status which contains the unhandled overflow bits is not being properly masked in some cases, resulting in the following warning: WARNING: CPU: 156 PID: 475601 at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquiring SRCU in KVMGETMPSTATE to protect guest memory accesses Acquiring a lock on kvm-srcu when userspace is obtaining the MP state can lead to a severe edge case where processing APIC events, such as during pending...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: x86: fixed the exception handling annotation in clearuserrepgood This code no longer exists in the mainline, as it was removed in the commit d2c95f9d6802 “x86: do not use REPGOOD or ERMS for user memory clearing” from the upstrea...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.16.0-1.hum1 aarch64, x8664 nodejs24-bin-24.16.0-1.hum1 noarch nodejs24-devel-24.16.0-1.hum1 aarch64, x8664 nodejs24-docs-24.16.0-1.hum1 noarch...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8098-8)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8098-8 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...
Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: syft: syft-1.45.1-0.1.hum1 aarch64, x8664 syft-1.45.1-0.1.hum1.src src...
2026-06 .NET 9.0.17 Security Update for x86 Client (KB5097150)
2026-06 .NET 9.0.17 Security Update for x86 Client KB5097150...
kernel: iommu: disable SVA when CONFIG_X86 is set
A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...
SUSE CVE-2026-46113
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...
UBUNTU-CVE-2026-46174
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...
CVE-2026-46174
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...