CVE-2025-40181

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...

CVE-2024-49927 x86/ioapic: Handle allocation failures gracefully

In the Linux kernel, the following vulnerability has been resolved: x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irqpinlist -1,0,20 Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can...

Unbreakable Enterprise kernel security update

4.14.35-2047.541.4.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37137499 4.14.35-2047.541.4 - selftests: make order checking verbose in msgzerocopy selftest Zijian Zhang Orabug: 37063821 - selftests: fix OOM in msgzerocopy selftest Zijian Zhang Orabug: 37063821 -...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12612)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12612 advisory. 5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.335.4.el8 - mm: memcg/slab: enable kmalloc-cg- caches for x8664. Imran Khan Orabug: 36951041 - printk: add kthread for long-running print Stephen Brennan Orabug: 36456582 - kdb: Use the passed prompt in kdbpositioncursor Douglas Anderson - driver core: Fix ueventshow vs driver detach...

SUSE CVE-2013-4527

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

SUSE CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

SUSE: Security Advisory (SUSE-SU-2018:1177-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to acce...

SUSE-SU-2018:3230-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE-SU-2018:1456-1 Security update for xen

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3639: Spectre V4 – Speculative Store Bypass aka 'Memory Disambiguation' bsc1092631 This feature can be controlled by the 'ssbd=on/off' commandline flag for the XEN hypervisor. - CVE-2018-10982: x86 vHPET interrupt...

SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

Security update for xen (important)

This update for xen to version 4.9.2 fixes several issues. This feature was added: - Added script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU. They are triggered via 'xl vcpu-set domU N' These security issues were fixed: - CVE-2018-8897: Prevent mishandlin...

CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

SUSE SLES11 Security Update : xen (SUSE-SU-2018:1203-1) (Meltdown)

This update for xen fixes several issues. These security issues were fixed : - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 XSA-260, bsc1090820 - Handle HPET timers in IO-APIC mode correctly to prevent malicious or buggy HVM guests from causing a hypervisor crash or potentially...

CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

ALPINE-CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

CVE-2018-10982

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...

Input validation

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service unexpectedly high interrupt number, array overrun, and hypervisor crash or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET...