Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection

The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to depl...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988717 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid hvvpindex...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...

EUVD-2022-54509

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

Update Rollup 3 for System Center 2022 Data Protection Manager

Update Rollup 3 for System Center 2022 Data Protection Manager Applies to: System Center 2022 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center Data Protection Manager 2022. It also contains the installation...

SUSE-SU-2025:3751-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled...

kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...

CVE-2025-55328

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

EUVD-2022-55150

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Deactivate sysctlrecordpanicmsg by default in isolated guests hvpanicpage might contain guest-sensitive information, do not dump it over to Hyper-V by default in isolated guests. While at it, update some...

EUVD-2025-34344

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-55328

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-55328

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

CVE-2025-55328 Windows Hyper-V Elevation of Privilege Vulnerability

...

CVE-2025-55328 Windows Hyper-V Elevation of Privilege Vulnerability

...

CVE-2025-55328

Vulnerability summary (CVE-2025-55328) : A race condition in Windows Hyper-V involving a shared resource can be exploited by an authorized local attacker to elevate privileges. The issue is categorized under Windows Hyper-V with a high impact (local, privilege escalation) and a high base score in...

Windows Hyper-V Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Hyper-V allows an authorized attacker to elevate privileges locally...

PT-2025-42014

Name of the Vulnerable Software and Affected Versions Microsoft Windows Hyper-V affected versions not specified Description A race condition exists in Windows Hyper-V during concurrent execution using shared resources with improper synchronization. This allows a locally authorized attacker to...

Microsoft Hyper-V 竞争条件问题漏洞

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. Microsoft Hyper-V suffers from a Competing Conditions Issue vulnerability that originates from an attacker's ability to elevate privileges by...

SUSE CVE-2023-53647

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...

CVE-2023-53647

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the Fixes: tag below the VMBus client driver is walking the ACPI namespace up from the VMBus ACPI device to the ACPI namespace root obje...