UBUNTU-CVE-2026-45890

In the Linux kernel, the following vulnerability has been resolved: xen-netback: reject zero-queue configuration from guest A malicious or buggy Xen guest can write "0" to the xenbus key "multi-queue-num-queues". The connect function in the backend only validates the upper bound requestednumqueue...

Astra Linux - уязвимость в qemu

A heap-based buffer overflow was discovered in QEMU version 5.0.0 in the SDHCI device emulation support. This vulnerability could occur during a multi-block SDMA transfer using the sdhcisdmatransfermultiBlocks routine in the hw/sd/sdhci.c file. A malicious user or process could exploit this flaw ...

CVE-2026-43214

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for x86 architectures. When reading Page Directory Pointer Table Registers PDPTRs in the getsregs2 function, the system fails to use proper Sleepable Read-Copy Update SRCU protection. This oversight can lead to incorrect memo...

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

CVE-2023-31364

Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine VM to flood a host with writes, potentially causing a fatal machine check error resulting in denial of service...

PT-2026-22189

Name of the Vulnerable Software and Affected Versions versions affected versions not specified Description A flaw exists due to improper handling of direct memory writes in the input-output memory management unit. A malicious guest virtual machine VM could potentially overwhelm the host with writ...

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2026-1067)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 throug...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002295 advisory. The getrxbufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux RHEL 6 does n...

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2026-1087)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 throug...

AZL-70547 CVE-2025-31133 affecting package kubernetes for versions less than 1.28.4-21

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount i.e., the container's /dev/null was...

CVE-2025-31133

CVE-2025-31133 (runc) affects the runc runtime when using certain bind-mount sources, where verification of the source inode for "/dev/null" could be bypassed. Affected versions include 1.2.7 and earlier, 1.3.0-rc.1 through 1.3.1, and 1.4.0-rc.1 and 1.4.0-rc.2. The issue enables an attacker to pe...

runc 安全漏洞

runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions 1.2.7 and earlier, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1, and 1.4.0-rc.2, which stems from...

UBUNTU-CVE-2025-12464

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...

EUVD-2020-22051

Malware in sbrugna...

EUVD-2022-30325

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-0079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user in a guest VM can cause a NULL-pointer dereferen...

Linux Distros Unpatched Vulnerability : CVE-2025-1376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elfstrptr in the library /libelf/elfstrptr.c ...

Linux Distros Unpatched Vulnerability : CVE-2025-53901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions ca...

SUSE CVE-2024-3447

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a...

kernel: KVM: nVMX: missing consistency checks for CR0 and CR4

A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...