5606 matches found
CVE-2024-49842 Improper Access Control in Hypervisor
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions...
CVE-2024-49841 Detection of Error Condition Without Action in Hypervisor
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...
CVE-2024-49841 Detection of Error Condition Without Action in Hypervisor
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling...
Qemu-kvm: net: assertion failure in update_sctp_checksum()
...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-21690)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21690 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to...
CVE-2023-53108
In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...
CVE-2023-53108
In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...
CVE-2023-53108
In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...
CVE-2023-53108 net/iucv: Fix size of interrupt data
In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...
The vulnerability of Xen hypervisors, related to the mutual blocking of execution flows, allows a malicious actor to cause a service failure.
The vulnerability of Xen hypervisors is related to the mutual blocking of execution threads. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of Xen hypervisors relates to the incorrect sequence of processor instructions, allowing attackers to gain unauthorized access to protected information.
The vulnerability of Xen hypervisors is related to an incorrect sequence of processor instructions, due to the absence of the ENDBR instruction and a prologue/eepilog for CFI schemes based on hash. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access ...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler CVE-2021-47247 In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check return value when calling devsetname...
Citrix DaaS - Hosting Connection "Username and Password Not Recognized" Error
When attempting to establish or test a hosting connection within your virtualization environment, the system reports an authentication failure with the following error message: "The username and password combination supplied for this connection was not recognized." This error indicates that the...
Regulating AI Behavior with a Hypervisor
Interesting research: "Guillotine: Hypervisors for Isolating Malicious AIs." Abstract :As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a...
Guillotine: Hypervisors for Isolating Malicious AIs
As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for sandboxing powerful AI models -- models that, by accident o...
dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...