EUVD-2016-8627

Malware in sbrugna...

EUVD-2023-34873

Malicious code in bioql PyPI...

EUVD-2022-25069

Malicious code in bioql PyPI...

CVE-2024-46721

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile-parent-dentsAAFSPROFDIR could be NULL only if its parent is made from createmissingancestors.. and 'ent-old' is NULL in aareplaceprofiles... In that case, it must return an...

CVE-2024-43899

A NULL pointer dereference vulnerability was found in dcn20getdcccompressioncap function in the dcn20resource.c file in the AMD GPU driver in the Linux Kernel. This issue could allow an attacker to make the system hang when using the mpv media player with specific hardware acceleration options...

CVE-2024-43899

CVE-2024-43899 affects the Linux kernel’s DRM AMD display path. The vulnerability is a NULL pointer dereference in dcn20_resource.c that can cause a hang when MPV runs on a DCN401 dGPU, specifically during fullscreen playback after enabling fullscreen (double click). Affected component/function c...

kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva

A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...

Important: kernel

Issue Overview: kernel: Type confusion in picknextrtentity, which can result in memory corruption. CVE-2023-1077 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-070 (ALASKERNEL-5.4-2024-070)

The version of kernel installed on the remote host is prior to 5.4.238-148.347. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-070 advisory. An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks...

CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlanprocessv6outbound by moving the flowi6 struct used for the route lookup in an non...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2024-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456...

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-2315)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-boundsOOB memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the Linux kerne...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12413)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12413 advisory. - netfilter: nftables: deactivate anonymous set from preparation phase Pablo Neira Ayuso Orabug: 35382084 CVE-2023-32233 - KVM: nVMX: add missing...

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2023-12412)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12412 advisory. - netfilter: nftables: deactivate anonymous set from preparation phase Pablo Neira Ayuso Orabug: 35382084 CVE-2023-32233 - KVM: nVMX: add missing...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12394)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12394 advisory. - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6150-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6150-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-6130-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6130-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...