3354 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/hyperv: Fixed a NULL dereference in sethvtscchangecb if the Hyper-V setup fails. Check for a valid hvvpindex array before dereferencing hvvpindex when setting Hyper-V’s TSC change callback. If Hyper-V setup fails in...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still encounter this issue with gcc-9: In the file included from include/linux/string.h:254, from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus: Disabled the option to deactivate sysctlrecordpanicmsg by default in isolated guests. hvpanicpage might contain information sensitive to guests; do not dump this information to Hyper-V by default in isolate...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them as SCSI devices in a guest VM. I/O operations to the vFC device are...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed double calls to idafree in the hvpciprobe error path. If hvpciprobe fails after storing the domain number in hbus-bridge-domainNr, a call to free this domainNr is made via pciBusReleaseEmulDomainNr. However, during...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Do not dereference the ACPI root object handle Since the commit referenced in the Fixes section below the VMBus client driver attempts to traverse the ACPI namespace from the VMBus ACPI device to the ACPI...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed potential crashes during module unloading. The vmbus driver relies on the panic notifier infrastructure to perform certain operations when a panic event is detected. Since vmbus can be built as a module,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: added the missing negotiatefeatures operation to the Hyper-V ops table. The commit a7075f501bd3 “ixgbevf: fixed mailbox API compatibility by negotiating supported features” added the.negotiatefeatures callback to...
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
EUVD-2026-29663
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
CVE-2026-40402
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
CVE-2026-40402 Windows Hyper-V Elevation of Privilege Vulnerability
...
CVE-2026-40402 Windows Hyper-V Elevation of Privilege Vulnerability
...
CVE-2026-40402
The CVE-2026-40402 entry describes a use-after-free in Windows Hyper-V that enables local privilege escalation by an unauthenticated attacker. The vulnerability affects Hyper-V components and, per multiple connected sources, has been addressed by May 2026 security updates (e.g., KB5087420/KB50874...
Windows Hyper-V Elevation of Privilege Vulnerability
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally...
SUSE CVE-2026-43475
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPTRT This resolves the follow splat and lock-up when running with PREEMPTRT enabled on Hyper-V: 415.140818 BUG: scheduling while atomic: stress-ng-iomix/1048/0x00000002 415.14082...
Microsoft Hyper-V 资源管理错误漏洞
Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. There is a resource management vulnerability in Microsoft Hyper-V. Attackers can exploit this vulnerability to gain elevated...