Lucene search
K

36 matches found

RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS6.5AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago5 views

kernel: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS5.9AI score0.00126EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is...

7CVSS6AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38837

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is u64 and the addition is unchecked. The check can be silently bypasse...

5.7AI score0.00147EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.8 views

CVE-2026-52969

CVE-2026-52969 affects the Linux kernel KVM component. The vulnerability stems from an unchecked u64 addition in kvm_reset_dirty_gfn(), where the guard if (!memslot || (offset + __fls(mask)) >= memslot->npages) can be bypassed due to offset being 64‑bit. This can allow an out-of-bounds load...

7CVSS5.7AI score0.00147EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51863

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the kvm reset dirty gfn function within the Kernel-based Virtual Machine KVM component. A local attacker with access to /dev/kvm can manipulate dirty ring...

7CVSS6AI score0.00147EPSS
Exploits0References398
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:8 a.m.18 views

KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

...

8.8CVSS5.4AI score0.00126EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/28 8:22 p.m.22 views

CVE-2026-46113

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 9:35 a.m.16 views

EUVD-2026-32872

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

5.7AI score0.00126EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.12 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the accidental reuse of freed memory due to an unexpected GFN in KVM x86 shadow paging...

8.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.5 views

CVE-2021-28704

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS7.3AI score0.00348EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2025-205219

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins befo...

6AI score0.00155EPSS
Exploits0References4
NVD
NVD
added 2025/12/24 1:16 p.m.6 views

CVE-2025-68743

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins befo...

0.00155EPSS
Exploits0References3
OSV
OSV
added 2025/12/24 1:16 p.m.3 views

UBUNTU-CVE-2025-68743

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins befo...

5.7AI score0.00155EPSS
Exploits0References11
CVE
CVE
added 2025/12/24 12:9 p.m.17 views

CVE-2025-68743

The CVE-2025-68743 entry concerns the Linux kernel: the mshv memory-region creation check was incorrect and could mis-handle regions that start before and end after existing regions. The fix replaces the flawed beginning/end overlap checks with a proper range intersection check against gfns and u...

6.1AI score0.00155EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/24 12:9 p.m.27 views

CVE-2025-68743 mshv: Fix create memory region overlap check

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins befo...

0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock...

4.7CVSS5.1AI score0.00098EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/05/07 2:19 a.m.5 views

SUSE CVE-2022-49884

In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...

4.7CVSS6.3AI score0.00098EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 3:16 p.m.4 views

DEBIAN-CVE-2022-49884

In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...

4.7CVSS5.2AI score0.00098EPSS
Exploits0References1
Rows per page
Query Builder