CVE-2023-5088

CVE-2023-5088 is a QEMU vulnerability where an IDE guest I/O operation addressed to an arbitrary disk offset may be mis-targeted to offset 0, potentially overwriting the VM boot code. Affected context includes scenarios with nested guests (L2 reading/writing LBA0 of vdiskL1 via vdiskL2). Public r...

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2

CVE-2023-45853 affecting package cloud-hypervisor for versions less than 32.0-2. A patched version of the package is available...

Fedora: Security Advisory for xen (FEDORA-2023-881672fdab)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for xen (FEDORA-2023-a4c606585e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: xen-4.16.5-3.fc37

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 38 Update: xen-4.17.2-4.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

VMware Workstation 17.0.x < 17.5 Information Disclosure (VMSA-2023-0022)

VMware Workstation 17.x prior to 17.5 contains an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information...

AZL-42712 CVE-2023-5363 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

AZL-42751 CVE-2023-5363 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

The vulnerability of VMware Fusion’s hypervisor is related to synchronization errors when using shared resources, allowing attackers to increase their privileges.

The vulnerability of VMware Fusion relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of VMware Fusion’s hypervisor, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of VMware Fusion relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-34044

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

CVE-2023-34044

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

Out-of-bounds

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

CVE-2023-34044

CVE-2023-34044 is an out-of-bounds read vulnerability in VMware Workstation 17.x before 17.5 and VMware Fusion 13.x before 13.5, in the Bluetooth host-device sharing function. A local attacker with VM privileges can read sensitive information from hypervisor memory. No exploit details are provide...

CVE-2023-34044 Information disclosure vulnerability in bluetooth device-sharing functionality

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

PT-2023-6348

Name of the Vulnerable Software and Affected Versions VMware Workstation versions prior to 17.5 and VMware Fusion versions prior to 13.5 Description A flaw exists in the functionality for sharing host Bluetooth devices with virtual machines in VMware Workstation and VMware Fusion. This issue...