Linux Distros Unpatched Vulnerability : CVE-2024-4693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to ...

CVE-2024-51564

The CVE-2024-51564 issue is in the bhyve hypervisor’s device models, specifically a guest-triggered infinite loop in the hda audio driver. The FreeBSD VuXML advisory and related reports flag this as part of a set of bhyve vulnerabilities (CVE-2024-51562..51566) that can allow a malicious guest to...

CVE-2022-3643

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an unwritten? assumption in the rest of the Linux network stack that packet...

ARM guests may induce host asynchronous abort

ISSUE DESCRIPTION Depending on how the hardware and firmware have been integrated, guest-triggered asynchronous aborts SError on ARMv8 may be received by the hypervisor. The current action is to crash the host. A guest might trigger an asynchronous abort when accessing memory mapped hardware in a...

FreeBSD : xen-kernel -- arm: vgic: incorrect rate limiting of guest triggered logging (912cb7f7-27df-11e5-a4a5-002590263bf5)

The Xen Project reports : On ARM systems the code which deals with virtualizing the GIC distributor would, under various circumstances, log messages on a guest accessible code path without appropriate rate limiting. A malicious guest could cause repeated logging to the hypervisor console, leading...