CVE-2024-21481

CVE-2024-21481 involves memory corruption during the preparation of a shared memory notification for a memparcel in Resource Manager. The issue is described as a memory corruption flaw, with no publicly documented exploitation details in the provided sources. The connected documents reference the...

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP suffers from a security vulnerability that stems from incorrect input validation allowing a malicious hypervisor to read or overwrite customer memor...

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP suffers from a security vulnerability that stems from an improper restriction on write operations causing a malicious hypervisor to overwrite the...

AMD SEV-SNP 安全漏洞

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP suffers from a security vulnerability that stems from an improper restriction of write operations allowing a malicious hypervisor to potentially...

PT-2024-12279 · Unknown +1 · Scp-Firmware +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves improper restriction of write operations in SNP firmware. This could allow a malicious hypervisor to overwrite a guest's UMC seed,...

PT-2024-19135 · Amd +1 · Amd Epyc Embedded 9003 Snp Firmware +1

Name of the Vulnerable Software and Affected Versions: AMD EPYC Embedded 9003 SNP Firmware affected versions not specified Description: The issue is related to improper restriction of write operations in SNP firmware, which could allow a malicious hypervisor to potentially overwrite a guest's...

PT-2024-19133 · Amd +1 · Sev-Snp +1

Name of the Vulnerable Software and Affected Versions: SEV-SNP affected versions not specified Description: The issue is related to improper input validation in SEV-SNP, which could allow a malicious hypervisor to read or overwrite guest memory. This could potentially lead to data leakage or data...

Guest Memory Vulnerabilities

AMD ID: AMD-SB-3011 Potential Impact: Confidentiality and Integrity Severity: High Summary A researcher has reported to AMD three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP. The reports detail ways that a malicious hypervisor controlled by the host...

[SECURITY] Fedora 40 Update: xen-4.18.2-4.fc40

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 39 Update: xen-4.17.4-2.fc39

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Virtuozzo Hybrid Infrastructure 6.0 Update 1 Hotfix 10 (6.0.1-105)

This update provides stability fixes. Vulnerability id: VSTOR-76914 A stability and performance improvement for the core storage. Vulnerability id: VSTOR-81226 Improved the size calculation of erasure coding files. Vulnerability id: VSTOR-86571 VM live migration failed due to a missing snapshot...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

Virtuozzo Hybrid Infrastructure 6.1 Update 1 Hotfix 6 (6.1.1-52)

This update provides stability fixes. Vulnerability id: VSTOR-86571 VM live migration failed due to a missing snapshot traceback. Vulnerability id: VSTOR-87057, VSTOR-87531, VSTOR-89251 Stability fixes for the hypervisor. Vulnerability id: VSTOR-89300 Fixed an issue with calculating storage usage...

Virtuozzo Hybrid Infrastructure 6.2 Hotfix 3 (6.2.0-146)

This update provides stability fixes. Vulnerability id: VSTOR-86571 VM live migration failed due to a missing snapshot traceback. Vulnerability id: VSTOR-87531, VSTOR-89251 Stability fixes for the hypervisor. Vulnerability id: VSTOR-88449 An error is triggered after disabling account replication...

Ubuntu: Security Advisory (USN-6921-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6923-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6923-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6921-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6921-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

Ubuntu: Security Advisory (USN-6923-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...