Lucene search
K

16 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in KVM. When updating a guest’s page table entry, vmpgoff was incorrectly used as the offset to obtain the page’s pfn. Since vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region...

7.8CVSS6.7AI score0.00385EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/06 5:34 p.m.11 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003235)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003235 advisory. Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to potentially enable...

6.5CVSS6.8AI score0.00915EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414492 advisory. A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are...

7.8CVSS6.4AI score0.00385EPSS
Exploits1References3
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

DEBIAN-CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.4 views

UBUNTU-CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

5.5CVSS6.1AI score0.00243EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly updating the A/D bits of the guest PTE, which could result in accessing the wrong PFN...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/12/13 4:8 p.m.5 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/12/13 9:37 a.m.5 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/12/06 2:55 p.m.5 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/11/29 2:2 p.m.4 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/11/29 2:1 p.m.14 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.3 views

kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References5
OSV
OSV
added 2022/08/05 5:15 p.m.13 views

AZL-10540 CVE-2022-1158 affecting package kernel for versions less than 5.15.67.1-4

A flaw was found in KVM. When updating a guest's page table entry, vmpgoff was improperly used as the offset to get the page's pfn. As vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and...

7.8CVSS6.6AI score0.00385EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/06/09 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-5467-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.0124EPSS
Exploits8References2
Ubuntu
Ubuntu
added 2022/06/08 4:55 a.m.114 views

USN-5469-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

7.8CVSS7AI score0.0155EPSS
Exploits12
Rows per page
Query Builder