32 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...
CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...
CVE-2025-40218
In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: do not repeat pteoffsetmaplock until success DAMON's virtual address space operation set implementation vaddr calls pteoffsetmaplock inside the page table walk callback function. This is for reading and writing pa...
EUVD-2017-7046
Malware in sbrugna...
PT-2025-49032
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s DAMON virtual address space operation set implementation vaddr contains a flaw related to the pte offset map lock function within the page table walk callback. Repeate...
CVE-2025-21816
CVE-2025-21816 affects the Linux kernel hrtimers subsystem. The issue arises when hrtimers queued on an offline CPU can wake up and arm the deadline timer after CPU hotplug stage CPUHP_AP_HRTIMERS_DYING, potentially impacting bandwidth timer handling (notably RCU-related wakeups). The documented ...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from not properly synchronizing the release of resources during CPU hotplugging...
SUSE CVE-2024-57917
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...
DEBIAN-CVE-2024-57917
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...
CVE-2024-57917
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...
CVE-2021-47553
In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringupcpu To hot unplug a CPU, the idle task on that CPU calls a few layers of C code before finally leaving the kernel. When KASAN is in use, poisoned shadow is left around for each of the...
PT-2024-21505 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.6.17+ Description: The issue is related to the Linux kernel's handling of interrupts on non-boot CPUs during hotplug operations. To silence warnings and avoid potential errors due to unexpected interrupts, the kernel no...
KubeVirt vulnerable to arbitrary file read on host
Impact Users with the permission to create VMIs can construct VMI specs which allow them to read arbitrary files on the host. There are three main attack vectors: 1. Some path fields on the VMI spec were not properly validated and allowed passing in relative paths which would have been mounted in...
OPENSUSE-SU-2021:3619-1 Security update for libvirt
This update for libvirt fixes the following issues: - lxc: controller: Fix container launch on cgroup v1. bsc1183247 - supportconfig: Use systemctl command 'is-active' instead of 'is-enabled' when checking if libvirtd is active. - qemu: Do not report error in the logs when processing monitor IO...
Virtuozzo Hybrid Server 7.5 Update 1 Hotfix 5 (7.5.1-742)
The Hotfix 5 for Virtuozzo Hybrid Server 7.5 Update 1 provides stability and usability bug fixes. Vulnerability id: PSBM-131042 OACI After upgrading the host from Virtuozzo Hybrid Server 7.0.14, virtual machines could fail to start due to incorrect firewall settings. Vulnerability id: PSBM-132009...
CVE-2017-15594
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service hypervisor crash or gain privileges because IDT settings are mishandled during CPU hotplugging...
CVE-2017-15594
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service hypervisor crash or gain privileges because IDT settings are mishandled during CPU hotplugging...
ALPINE-CVE-2017-15594
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service hypervisor crash or gain privileges because IDT settings are mishandled during CPU hotplugging...
Design/Logic Flaw
An issue was discovered in Xen through 4.9.x allowing x86 SVM PV guest OS users to cause a denial of service hypervisor crash or gain privileges because IDT settings are mishandled during CPU hotplugging...