10 matches found
EUVD-2023-24770
Malicious code in bioql PyPI...
CVE-2023-31351
CVE-2023-31351 involves AMD IOMMU restrictions allowing a malicious hypervisor to access guest private memory, risking integrity loss on affected AMD EPYC/server platforms. Documents confirm this is tied to IOMMU operations and that mitigations are provided via Platform Initialization (PI) firmwa...
CVE-2023-21264
In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
kernel: vmxnet3: disable rx data ring on dma allocation failure
A vulnerability was found in the Linux kernel's vmxnet3 driver in the vmxnet3rqcreate function, where this issue occurs when memory allocation fails for the RX data ring, leading to an improper reference size that may cause the hypervisor to access invalid memory during packet reception, which ca...
CVE-2024-21978
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption...
CVE-2023-21264
In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21264
In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21264
In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2017-7228
An issue known as XSA-212 was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arra...
CVE-2017-7228
An issue known as XSA-212 was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEMexchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arra...