Linux Distros Unpatched Vulnerability : CVE-2020-25604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests...

Linux Distros Unpatched Vulnerability : CVE-2020-15564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in...

Linux Distros Unpatched Vulnerability : CVE-2018-15469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest...

Linux Distros Unpatched Vulnerability : CVE-2019-18424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a...

Linux Distros Unpatched Vulnerability : CVE-2018-10471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service out-of-bounds zero write and hypervisor crash via...

USN-7712-1 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.2)

The version of AHV installed on the remote host is prior to AHV-10.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.2 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103053)

The version of AHV installed on the remote host is prior to 20230302.103053. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103053 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging...

USN-7699-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

CVE-2025-38595 xen: fix UAF in dmabuf_exp_from_pages()

In the Linux kernel, the following vulnerability has been resolved: xen: fix UAF in dmabufexpfrompages dmabuffd fixes; no preferences regarding the tree it goes through - up to xen folks As soon as we'd inserted a file reference into descriptor table, another thread could close it. That's fine fo...

ROS-20250819-07

Xen hypervisor vulnerability is related to mutual blocking of execution threads. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

Linux Distros Unpatched Vulnerability : CVE-2022-42335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is...

CVE-2025-38506 KVM: Allow CPU to reschedule while setting per-page memory attributes

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

CVE-2025-48807

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...

ROS-20250813-05

The cross-platform xen hypervisor vulnerability is related to double unlocking when handling x86 guest x86 interrupts. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

PT-2025-32769 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: A missing synchronization flaw in Windows Hyper-V can allow an authorized attacker to cause a denial of service to an adjacent network. Recommendations: At the moment, there is no...

Hypervisor-Based Double Extortion Ransomware Detection Method Using Kitsune Network Features

Double extortion ransomware attacks have become mainstream since many organizations adopt more robust and resilient data backup strategies against conventional crypto-ransomware. This paper presents detailed attack stages, tactics, procedures, and tools used in the double extortion ransomware...

SEV Ciphertext Side Channel Attacks

Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...