CVE-2023-33036 NULL Pointer Dereference in Hypervisor

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service vulnerability in the virtual machine hypervisor...

How to cancel pending power actions

One or more of the pending power actions in the queue to be marked as canceled andcannot be canceled once they have started to be processed by the hypervisor...

QEMU NVMe Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the NVMe...

Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists withi...

Virtuozzo Hybrid Infrastructure 6.0 Hotfix 1 (6.0.0-247)

This update provides important stability fixes. Vulnerability id: VSTOR-59380 Prometheus does not show network traffic for the storage interface if RDMA is enabled. Vulnerability id: VSTOR-76816 A stability fix for the hypervisor. Vulnerability id: VSTOR-78893 Reading erasure coding files over RD...

Exploit for Incorrect Permission Assignment for Critical Resource in Microsoft

CVE-2024-21305 This repo contains the report and PoC of CVE-...

MCS Provisioned VDI shows the wrong Storage Type as HDD

Use MCS to create VDIs on Azure hypervisor and select the storage type as "Standard SSD". After that, the storage type is shown correctly as Standard SSD in Azure Portal. However, when logon VDI and open the Task Manager, the storage type is shown as "HDD"...

CVE-2023-34320

Cortex-A77 cores r0p0 and r1p0 are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register PAREL1 in close...

The vulnerability of the IRQ Handler component in the Xen hypervisor allows a hacker to disclose protected information.

The vulnerability of the IRQ Handler component in the Xen hypervisor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...

The vulnerability of the Parallels Desktop Hypervisor Service allows a attacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the Parallels Desktop Hypervisor Service is related to initialization errors. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

Fedora: Security Advisory for xen (FEDORA-2023-e62da41072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

[SECURITY] Fedora 37 Update: xen-4.16.5-4.fc37

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Fedora: Security Advisory (FEDORA-2023-fa01e4c6ba)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of platforms for server virtualization, such as Citrix Hypervisor and XenServer, arises from deficiencies in access control. This allows attackers to gain unauthorized access to protected information.

The vulnerability of Citrix Hypervisor and XenServer platform-related servers is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

[SECURITY] Fedora 38 Update: xen-4.17.2-5.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 39 Update: xen-4.17.2-5.fc39

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Xen: x86/AMD: Mismatch in IOMMU Quarantine Page Table Levels (XSA-445)

The current setup of quarantine page tables assumes that there are 4 page table levels, however the AMD-Vi IOMMU is configured with 3 page table levels for systems without RAM above the 512 GB boundary. Due to this level mismatch, the sink page the device gets read/write access to is no longer...

Memory Integrity Loss

amd64-microcode AMD CPU microcode patches is vulnerable to Memory Integrity Loss. The vulnerability is caused due to Improper or Unexpected behavior of the INVD instruction in some AMD CPUs. It can allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU...