Astra Linux - уязвимость в linux, linux-5.10

A guest can force the Linux netback driver to consume a large amount of kernel memory. This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Incoming data packets for a guest in the Linux kernel’s netback driver are buffere...

SUSE CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

MiracleLinux 4 : xorg-x11-drv-qxl-0.0.14-14.AXS4 (AXSA:2013-88:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-88:01 advisory. xorg-x11-qxl-drv is an X11 video driver for the QEMU QXL video accelerator. This driver makes it possible to use Red Hat Enterprise Linux 6 as a guest operatin...

EUVD-2002-2354

Malware in sbrugna...

EUVD-2017-16965

Malware in sbrugna...

EUVD-2018-7347

Malware in sbrugna...

EUVD-2011-1176

Malware in sbrugna...

SUSE CVE-2010-0730

The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux RHEL 5 allows guest OS users to cause a denial of service 32-bit guest OS crash via vectors that trigger an unspecified instruction emulation...

ALPINE-CVE-2022-42325

Xenstore: Guests can create arbitrary number of nodes via transactions This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. In case a node has been created in a transaction and it is later deleted in the same transaction, t...

QEMU: QXL: double fetch in qxl_cursor() can lead to heap buffer overflow

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and cursor-header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use...

Linux 竞争条件问题漏洞

Linux is an open source operating system from the Linux Foundation in the United States. A security vulnerability exists in Linux PV devices that stems from a competitive condition and the lack of return code testing in Linux, where a malicious backend of a PV device front-end driver can access...

Vulnerability fixed in Xen

The developers of the Xen hypervisor have fixed a vulnerability fixed. A local malicious party within a guest system could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause on the host or to obtain elevated privileges. Versions of Xen equal to or high...

UBUNTU-CVE-2019-18389

A heap-based buffer overflow in the vrendrenderertransferwriteiov function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGLCCMDRESOURCEINLINEWRITE commands...

Kernel: KVM: leak of uninitialized stack contents to guest

An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object hold...

Qemu: cirrus: OOB access issue in mode4and5 write functions

Quick emulator QEMU, compiled with the Cirrus CLGD 54xx VGA Emulator support, is vulnerable to an OOB write access issue. The issue could occur while writing to VGA memory via mode4and5 write functions. A privileged user inside guest could use this flaw to crash the QEMU process resulting in Deni...

Missing check for grant table

ISSUE DESCRIPTION The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mapping to the calling domain exists for...

Fedora 16 : xen-4.1.3-1.fc16 (2012-11785)

update to 4.1.3 - fixes untrusted HVM guest can cause the dom0 to hang or crash XSA-11, CVE-2012-3433 843582 remove some unnecessary cache flushing that slow things down 841330 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...