Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: The X86CR4FRED bit was removed from the CR4 pinned bits mask. The commit in “Fixes” added the FRED CR4 bit to the CR4 pinned bits mask, so that whenever other processes modify CR4, that bit remains set. This is a perfect...

CVE-2026-1329

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2026-1329

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2026-1329 Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

AMD CPU security vulnerabilities

AMD CPUs are a series of CPUs produced by Advanced Microelectronics Devices, Inc. AMD. There are security vulnerabilities in AMD CPUs, which stem from write-condition issues. These vulnerabilities could allow administrators with privileges to modify the CPU’s pipeline configuration, thereby...

EUVD-2021-15368

Malware in sbrugna...

TencentOS Server 3: open-vm-tools (TSSA-2023:0197)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0197 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

USN-7508-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled certain file operations. An attacker in a guest could use this issue to perform insecure file operations and possibly elevate privileges in the guest...

Linux Distros Unpatched Vulnerability : CVE-2024-31146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually...

CVE-2024-31146

When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

CVE-2021-20263

A flaw was found in the virtio-fs shared file system daemon virtiofsd of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest to not drop on file write, potentially leading to a modified, privileged executable in the guest. In rare circumstances, this flaw could ...

Fedora 29 : 2:qemu / libvirt (2019-0332a96d31) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Define md-clear CPUID bit. Assuming an updated host kernel and microcode, the md-clear bit will be automatically exposed to guests using the QEMU '-cpu host' arg, or libvirt 'host-model' or 'host-passthrough' configurations. Guests using a named CPU model it must be manually updated to add this...

Fedora 26 : 2:qemu (2017-9149114fba)

Fix usb3 drive issues with windows guests bz 1493196 - CVE-2017-15038: 9p: information disclosure when reading extended attributes bz 1499111 - CVE-2017-15268: potential memory exhaustion via websock connection to VNC bz 1496882 - CVE-2017-14167: multiboot OOB access while loading kernel image bz...