[SECURITY] Fedora 40 Update: xen-4.18.1-1.fc40

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2023-47715

CVE-2023-47715 describes an access-control vulnerability in IBM Storage Protect Plus Server. Affected: IBM Storage Protect Plus Server 10.1 (10.1.0–10.1.16). An authenticated user with read-only privileges could add or delete entries in an existing HyperVisor configuration, enabling unauthorized ...

CVE-2021-47112

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...

CVE-2021-47112 x86/kvm: Teardown PV features on boot CPU as well

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...

CVE-2021-47112 x86/kvm: Teardown PV features on boot CPU as well

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...

CVE-2021-47110 x86/kvm: Disable kvmclock on all CPUs on shutdown

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machineshutdown hook and this only happens for boot CPU. We need to disable it for all CPUs to guard against memory corruption e.g. on restore...

CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

PT-2024-11164 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where various PV features Async PF, PV EOI, steal time work through memory shared with the hypervisor. When restoring from hibernation, these...

[SECURITY] Fedora 38 Update: xen-4.17.2-7.fc38

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CVE-2024-21431

Hypervisor-Protected Code Integrity HVCI Security Feature Bypass Vulnerability...

Security feature bypass

Hypervisor-Protected Code Integrity HVCI Security Feature Bypass Vulnerability...

CVE-2024-21431

CVE-2024-21431 is a Microsoft Windows vulnerability titled “Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability.” Connected sources identify this as a local, high-severity issue affecting the HVCI mechanism, with a CVSS score in the high range (confidentiality, integr...

CVE-2024-21431 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

...

Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix

VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...

RHEL 8 : linux-firmware (RHSA-2024:1112)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1112 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel:...

x86: shadow stack vs exceptions from emulation stubs

ISSUE DESCRIPTION Recent x86 CPUs offer functionality named Control-flow Enforcement Technology CET. A sub-feature of this are Shadow Stacks CET-SS. CET-SS is a hardware feature designed to protect against Return Oriented Programming attacks. When enabled, traditional stacks holding both data and...

IBM PowerVM Hypervisor Information Disclosure Vulnerability (CNVD-2024-09173)

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS capabilities and leading performance of the Power Systems platform. An information disclosure...

[SECURITY] Fedora 39 Update: xen-4.17.2-6.fc39

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Fedora: Security Advisory for xen (FEDORA-2024-4b2cf8c375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : linux-firmware (RHSA-2024:0753)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory. - Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back...