Security Bulletin: This Power System update is being released to address CVE-2023-46183

Summary A vulnerability was identifed where sensitive partition data controlled by PowerVM may be accessible to a system administrator. Vulnerability Details CVEID:CVE-2023-46183 DESCRIPTION: IBM PowerVM Hypervisor could allow a system administrator to obtain sensitive partition information. CVSS...

CVE-2023-33851

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135...

CVE-2023-33851

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135...

Design/Logic Flaw

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135...

CVE-2023-33851 IBM PowerVM Hypervisor information disclosure

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135...

CVE-2023-33851 IBM PowerVM Hypervisor information disclosure

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. IBM X-Force ID: 257135...

CVE-2023-33851

CVE-2023-33851 affects IBM PowerVM Hypervisor information disclosure. Vulnerable firmware versions: FW950.00–FW950.90, FW1020.00–FW1020.40, FW1030.00–FW1030.30. Issue: could reveal sensitive partition data to a system administrator. Remediation: upgrade to FW950.A0 (950_145) or newer; FW1020.50 (...

IBM PowerVM Hypervisor 信息泄露漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS capabilities and leading performance of the Power Systems platform. An information disclosure...

Xen: Multiple Vulnerabilities

Background Xen is a bare-metal hypervisor. Description Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...

Security Bulletin: This Power System update is being released to address CVE-2023-33851

Summary A vulnerability was identifed where sensitive partition data may be accessible to a system administrator. Vulnerability Details CVEID:CVE-2023-33851 DESCRIPTION: IBM PowerVM Hypervisor could reveal sensitive partition data to a system administrator. CVSS Base score: 5.3 CVSS Temporal Scor...

Conversion Manager 8.3.1 - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Update? This Conversion Manager virtual appliance update is for customers who use the Conversion Manager feature of Citrix Hypervisor 8.2 CU1. It constitutes the following deliverable: File Name| CitrixHypervisor-8.2.1-vpx-conversion-8.3.1.xva ---|--- Description| This fil...

PT-2024-5040 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.9 Description: The issue is related to the implementation of the SEV-SNP and SEV-ES protective mechanisms in the Linux kernel, which can be exploited by an untrusted hypervisor to inject virtual interrupts and...

AZL-42721 CVE-2024-0727 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...

AZL-42730 CVE-2024-0727 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...

CVE-2023-50711 affecting package cloud-hypervisor for versions less than 32.0-3

CVE-2023-50711 affecting package cloud-hypervisor for versions less than 32.0-3. A patched version of the package is available...

Citrix Hypervisor Security Bulletin for CVE-2023-46838

Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2023-46838 What Customers Should Do We have release...

The vulnerability of the Code Integrity protection function of the Hypervisor-protected Code Integrity mechanism in the Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of the Code Integrity function protected by the Hypervisor in the Windows operating system relates to the bypassing of security measures. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions...

Microsoft Hyper-V Remote Code Execution Vulnerability (CNVD-2024-11160)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A remote code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Windows Multiple Vulnerabilities (KB5034127)

This host is missing an important security update according to Microsoft KB5034127 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2024-21305

Hypervisor-Protected Code Integrity HVCI Security Feature Bypass Vulnerability...