(Pwn2Own) Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the DevVGA...

(Pwn2Own) Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

AZL-42727 CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

AZL-42688 CVE-2023-6237 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

[SECURITY] Fedora 39 Update: xen-4.17.4-1.fc39

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 40 Update: xen-4.18.2-1.fc40

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2024-26908

Removed by vendor...

Citrix Releases Security Updates for XenServer and Citrix Hypervisor

Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review and apply the necessary updates:...

XenServer and Citrix Hypervisor Security Update for CVE-2023-46842, CVE-2024-2201 and CVE-2024-31142

Description of Problem Two issues have been identified that affect XenServer and Citrix Hypervisor; each issue may allow malicious unprivileged code in a guest VM to infer the contents of memory belonging to its own or other VMs on the same host. These issues have the following identifiers:...

SUSE CVE-2023-46842

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...

Driver Disk for Microsemi smartpqi 2.1.28_025 - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- smartpqi| SAS/Storage Controller| 2.1.28025...

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12276)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12276 advisory. - Fixes: CVE-2022-40284 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-dbus...

x86 HVM hypercalls may trigger Xen bug check

ISSUE DESCRIPTION Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of...

SUSE CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

Driver Disk for Qlogic qla2xxx 10.02.11.00-k - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- qla2xxx| Fibre Channel HBA/Storage Controller|...

Driver Disk for Intel ice 1.11.17.1 - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Intel's ice driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- ice| Ethernet/NIC| 1.11.17.1 Issues resolved in this...

PT-2024-6307 · Xen +3 · Xen +3

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the x86 HVM hypercall handler in the Xen hypervisor. HVM guests can switch freely between 64-bit and other modes, allowing them to set registers used to pass 32-bit-mode...

AZL-42700 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

AZL-42765 CVE-2024-2511 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

CVE-2024-25743

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...