84 matches found
Astra Linux – Vulnerability in virglrenderer
A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer from version 0.8.0 allows guest OS users to cause a denial of service, or a QEMU guest-to-host escape and code execution, through VIRGLCCMDRESOURCEINLINEWRITE commands...
Astra Linux – Vulnerability in Linux
A issue was discovered in the Linux kernel, specifically with versions up to 5.9.1, when used with Xen in versions up to 4.14.x. Users of guest operating systems may experience a denial of service where the host operating system hangs due to a high rate of events affecting dom0, also known as...
Astra Linux – Vulnerability in Qemu
A stack overflow vulnerability was discovered in the Intel HD Audio device intel-hda of QEMU. A malicious guest could exploit this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The greatest threat posed by this vulnerability is to system availability. Thi...
CVE-2026-45890
In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...
Linux Distros Unpatched Vulnerability : CVE-2026-45890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write 0 to the xenbus key multi-queue-num-queues. The connect functio...
PT-2026-43757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the xen-netback component allows a malicious or buggy Xen guest to cause a guest-to-host denial of service on systems where panic on warn is set to 1. The issue occurs because...
Linux Distros Unpatched Vulnerability : CVE-2017-1000252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via an...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004756)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004756 advisory. A NULL pointer dereference flaw was found in the Linux kernels KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. Thi...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000543)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000543 advisory. The apicgettmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002302 advisory. The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, whic...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002158)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002158 advisory. Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application th...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002093)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002093 advisory. The WRMSR processing functionality in the KVM subsystem in the Linux kernel through 3.17.2 does not properly handle the writing of a non-canonical address to a...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002462)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002462 advisory. Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service host OS memory corruption or...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002179)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002179 advisory. arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial o...
MiracleLinux 3 : kvm-84-7AXS3 (AXSA:2009-490:03)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-490:03 advisory. This package provides the kvm kernel modules built for the Linux kernel CVE-2009-3638 Integer overflow in the kvmdevioctlgetsupportedcpuid function i...
EUVD-2019-7758
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-5158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of...
USN-7100-1 linux, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux-xilinx-zynqmp vulnerabilities
Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a deni...
kernel: KVM: x86/mmu: race condition in direct_page_fault()
A flaw was found in the Linux kernel in the KVM. A race condition in directpagefault allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization and the TDP MMU are enabled...
kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...