32 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...
EUVD-2023-60469
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
UBUNTU-CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172 x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
CVE-2023-54172 affects the Linux kernel's x86/hyperv integration. The vulnerability arose because Hyper-V VMs with ConfigVersion 9.3+ support IBT in the guest, but the hypercall page could be missing ENDBR64. Since hypercalls use an indirect call to the hypercall page, this caused an exception an...
CVE-2023-54172 x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of an ENDBR instruction on the hypercall page, which could lead to a kernel panic...
Linux Distros Unpatched Vulnerability : CVE-2023-54172
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 o...
kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...
ALSA-2025:20518 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990300)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990300 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989449)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989449 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...
EUVD-2024-51913
Malicious code in bioql PyPI...
RockyLinux 8 : kernel (RLSA-2025:3893)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:3893 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: ALSA: usb-audio: Fix out of bounds...
Security update for xen
This update for xen fixes the following issues: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device...
SUSE-SU-2025:01860-1 Security update for xen
This update for xen fixes the following issues: - CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 - CVE-2024-53241: Fixed Xen hypercall page unsafe against speculative attacks XSA-466 bsc1234282 - CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI...
AlmaLinux 8 : kernel-rt (ALSA-2025:3894)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3894 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: ALSA: usb-audio: Fix out of bounds rea...
Oracle Linux 8 : kernel (ELSA-2025-3893)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3893 advisory. - ALSA: usb-audio: Fix out of bounds reads when finding clock sources Jarod Wilson RHEL-86737 CVE-2024-53150 - x86/xen: remove hypercall page Vitaly...