5611 matches found
CVE-2024-21431 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
...
CVE-2024-21431 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
...
CVE-2024-21431
CVE-2024-21431 is a Microsoft Windows vulnerability titled “Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability.” Connected sources identify this as a local, high-severity issue affecting the HVCI mechanism, with a CVSS score in the high range (confidentiality, integr...
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
...
Microsoft Hypervisor-Protected Code Integrity Security Vulnerability
Microsoft Hypervisor-Protected Code Integrity is a security feature of Windows from Microsoft Corporation USA that makes it difficult for malicious programs to hijack computers using low-level drivers. A security vulnerability exists in Microsoft Hypervisor-Protected Code Integrity. An attacker...
PT-2024-2186 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in security settings of the Hypervisor-protected Code Integrity HVCI security feature in the Windows operating system. This allows an attacker to bypass...
Debian dla-3759 : qemu - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3759 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3759-1 [email protected]...
Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix
VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...
hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem
A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...
RHEL 8 : linux-firmware (RHSA-2024:1112)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1112 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel:...
SUSE CVE-2023-46841
Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and return addresses...
CLSA-2024-1709203515 kernel: Fix of 7 CVEs
KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...
CVE-2021-47008
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Make sure GHCB is mapped before updating Access to the GHCB is mainly in the VMGEXIT path and it is known that the GHCB will be mapped. But there are two paths where it is possible the GHCB might not be mapped. The...
UBUNTU-CVE-2021-47008
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Make sure GHCB is mapped before updating Access to the GHCB is mainly in the VMGEXIT path and it is known that the GHCB will be mapped. But there are two paths where it is possible the GHCB might not be mapped. The...
x86: shadow stack vs exceptions from emulation stubs
ISSUE DESCRIPTION Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and...
hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem
A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...
Driver Disk for Cisco fnic 2.0.0.90-252.0 - For Citrix Hypervisor 8.2 LTSR
Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Cisco's fnic driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- fnic| FC and NVME HBA Driver/| 2.0.0.90-252.0 Issues...
PT-2024-13384 · Xen +2 · Xen +2
Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is related to the interaction between the Control-flow Enforcement Technology CET and the Xen emulation. CET is a hardware feature designed to protect against Return Oriented...
hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory integrity problem
A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity...
Driver Disk for Cisco enic 4.5.0.7-939.23 - For Citrix Hypervisor 8.2 LTSR
Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Cisco's enic driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- enic| Ethernet/NIC| 4.5.0.7-939.23 Issues resolved in...