Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002109 advisory. The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate ...

EUVD-2014-1716

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-26620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: always filter entire AP matrix The vfioapmdevfiltermatrix function is called...

Security update for xen

This update for xen fixes the following issues: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device...

Security update for xen

This update for xen fixes the following issues: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device...

CVE-2024-41928 bhyve(8) privileged guest escape via TPM device passthrough

Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve...

PT-2024-3785 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the vfio ap mdev filter matrix function in the Linux kernel, which is responsible for updating the guest's AP configuration by filtering the matrix of adapters...

CVE-2022-42335

x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handlin...

SUSE CVE-2013-6375

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean...

SUSE CVE-2014-1642

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service memory corruption and hypervisor crash and possibly...

SUSE CVE-2015-2752

The XENDOMCTLmemorymapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service host CPU consumption via a crafted request to the device model qemu-dm...

DEBIAN-CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both...

DEBIAN-CVE-2019-17341

An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges by leveraging a page-writability race condition during addition of a passed-through PCI device...

kernel security, bug fix, and enhancement update

3.10.0-862.2.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.2.3 - x86 kvm: fix icebp instruction handling Paolo Bonzini 1566849 1566845...

Security update for libvirt (important)

This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

openSUSE Security Update : libvirt (openSUSE-2018-358) (Spectre)

This update for libvirt and virt-manager fixes the following issues : Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

openSUSE: Security Advisory for libvirt (openSUSE-SU-2018:0939-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2018:0920-1) (Spectre)

This update for libvirt and virt-manager fixes the following issues: Security issues fixed : - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...

DEBIAN-CVE-2014-1642

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service memory corruption and hypervisor crash and possibly...

Out-of-memory condition yielding memory corruption during IRQ setup

ISSUE DESCRIPTION When setting up the IRQ for a passed through physical device, a flaw in the error handling could result in a memory allocation being used after it is freed, and then freed a second time. This would typically result in memory corruption. IMPACT Malicious guest administrators can...