Astra Linux - уязвимость в qemu

It was found that the patch for CVE-2020-17380/CVE-2020-25085 is ineffective. As a result, QEMU becomes vulnerable to out-of-bounds read/write access issues that were previously identified in the SDHCI controller emulation code. This flaw allows a malicious privileged attacker to crash the QEMU...

ALPINE-CVE-2026-23557

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

CVE-2026-23557 Xenstored DoS via XS_RESET_WATCHES command

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

CVE-2026-43483

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM leaves the interception enabled after AVIC is activated. E.g. if KVM...

CVE-2026-43483 KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM leaves the interception enabled after AVIC is activated. E.g. if KVM...

PT-2026-40690

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM SVM implementation where CR8 write interception remains enabled after AVIC Advanced Virtual Interrupt Controller is activated. This occurs because the...

Linux Distros Unpatched Vulnerability : CVE-2020-15564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from the possibility that Guest VMs may make improper GPU system calls, which could result in the GPU being unavailable to other Guests...

AZL-51288 CVE-2024-49863 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: vhost/scsi: null-ptr-dereference in vhostscsigetreq Since commit 3f8ca2e115e5 "vhost/scsi: Extract common handling code from control queue handler" a null pointer dereference bug can be triggered when guest sends an SCSI AN...

SUSE CVE-2020-27616

ati2dblt in hw/display/ati2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process...

DEBIAN-CVE-2022-42321

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations e.g. for deleting a sub-tree of Xenstore nodes. With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored...

CVE-2022-42314

Xenstore: guests can let run xenstored out of memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service...

Linux 竞争条件问题漏洞

Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...

Vulnerabilities fixed in QEMU

Several vulnerabilities have been fixed in QEMU. A malicious person can exploit the vulnerabilities to cause a denial-of-service cause, both in the guest system and the host system. Also a malicious party could potentially access memory that is allocated to guest systems other than his own. -= SU...

Kernel: KVM: DoS via write flood to I/O port 0x80

Linux kernel Virtualization Module CONFIGKVM for the Intel processor family CONFIGKVMINTEL is vulnerable to a DoS issue. It could occur if a guest was to flood the I/O port 0x80 with write requests. A guest user could use this flaw to crash the host kernel resulting in DoS...

Qemu: virtio: unbounded memory allocation on host via guest leading to DoS

Quick Emulator QEMU built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation ...

kernel: kvm: out-of-bounds access in ioapic indirect register reads

The ioapicreadindirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPICREGSELECT and IOAPICREGWINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of...

qemu: acpi_piix4: missing hotplug check during device removal

The pciejwrite function in hw/acpipiix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service guest crash and possibly execute arbitrary code by sendin...