Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Do not perform the PV iret hypercall through the hypercall page. Instead of jumping to the Xen hypercall page to execute the iret hypercall, the required sequence is directly coded in xen-asm.S. This is done in preparati...

CVE-2026-0665 Qemu-kvm: heap off-by-one in kvm xen physdevop_map_pirq

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

RockyLinux 10 : kernel (RLSA-2025:20095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20095 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Siemens SCALANCE and RUGGEDCOM Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-53241)

x86/xen: vulnerability due to issues with the PV iret hypercall through the hypercall page, which is fixed by directly coding the sequence in xen-asm.S to avoid problems with speculation mitigations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

ALSA-2025:20518 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

CVE-2025-58148

A flaw was found in Xen. Hypercalls using any input format can cause sendipi to read d-vcpu out-of-bounds, and operate on a wild vCPU pointer. A buggy or malicious guest can cause Denial of Service DoS affecting the entire host, information leaks, or elevation of privilege...

SUSE CVE-2025-58148

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

EUVD-2013-4412

Malware in sbrugna...

EUVD-2012-5417

Malware in sbrugna...

EUVD-2015-2158

Malware in sbrugna...

EUVD-2024-51913

Malicious code in bioql PyPI...

EUVD-2022-28144

Malicious code in bioql PyPI...

RockyLinux 8 : kernel (RLSA-2025:3893)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:3893 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: ALSA: usb-audio: Fix out of bounds...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2025:3893 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: ALSA: usb-audio: Fix out of bounds reads when finding clock sources...

AlmaLinux 8 : kernel-rt (ALSA-2025:3894)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3894 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: ALSA: usb-audio: Fix out of bounds rea...