5613 matches found
CVE-2023-20519
CVE-2023-20519 describes a Use-After-Free in the management of an SNP guest context page, which could let a malicious hypervisor masquerade as the guest’s migration agent and potentially lead to loss of guest integrity. Connected sources (SUSE kernel-firmware advisories) reference this CVE among ...
kernel: HID: hyperv: avoid struct memcpy overrun warning
A compiler warning issue was found in the Linux kernel's Hyper-V HID driver that could lead to potential memory safety issues. A local user can trigger this issue when the fortified memcpy implementation detects potential buffer overflows in the mousevsconreceive function, where the compiler cann...
Driver Disk for Microsemi smartpqi 2.1.26_030 - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR
Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- smartpqi| SAS/Storage Controller| 2.1.26030...
AMD EPYC Resource Management Error Vulnerability
AMD EPYC is a line of x86 architecture server microprocessors from AMD, known in Chinese as "霄龙", utilizing the Zen microarchitecture. A security vulnerability exists in AMD EPYC, which stems from a post-release reuse vulnerability in the SNP Client Environment Page Manager that could allow a...
CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...
AMD CPU 安全漏洞
AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from an improper instruction vulnerability that stems from the fact that incorrect or unexpected behavior of the INVD instruction would allow an attacker with a malicious hypervisor to affect the cache line write-back behavior of the CPU...
PT-2023-7412 · Amd +7 · Amd Cpus +7
Name of the Vulnerable Software and Affected Versions: AMD CPUs affected versions not specified Description: The issue concerns improper or unexpected behavior of the INVD instruction in some AMD CPUs, potentially allowing an attacker with a malicious hypervisor to affect cache line write-back...
kernel: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvmxeneventfdassign Should not call eventfdctxput in case of error. Introduce new goto target instead. - Paolo...
kernel: KVM: VMX: Fix crash due to uninitialized current_vmcs
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
AZL-42736 CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
AZL-42685 CVE-2023-5678 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1
Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...
How to Back Up Virtual Machine Metadata to a USB Device
When migrating a set of Virtual Machines VMs from one XenServer host or pool to another, it is necessary to back up and then restore the Virtual Machine Metadata. It is recommended that the Virtual Machine Metadata be stored on the same Storage Repository as the Virtual Machines. But, it is also...
VMware Workstation UHCI Uninitialized Variable Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...
[SECURITY] Fedora 39 Update: xen-4.17.2-4.fc39
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
Code injection
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
UBUNTU-CVE-2023-5088
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...
CVE-2023-5088 Qemu: improper ide controller reset can lead to mbr overwrite
A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...