[SECURITY] Fedora 36 Update: qemu-6.2.0-14.fc36

qemu is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu acts as a virtual machine monitor together with the KVM kernel modules, and emulates the hardware for a full system such as a PC and its associated peripherals...

Medium: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

The vulnerability of VMware Workstation’s hypervisor is related to insufficient protection of registration data, allowing attackers to disclose protected information.

The vulnerability of VMware Workstation hypervisor is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the xenbus component of the Xen hypervisor allows a attacker to cause a service failure.

The vulnerability of the xenbus component of the Xen hypervisor arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerabilities of components such as blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls in the Xen hypervisor allow a malicious actor to cause service failures.

The vulnerabilities of the components blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls in the Xen hypervisor are caused by synchronization errors when using a shared resource. Exploiting these vulnerabilities can allow attackers to cause service failures...

Citrix ADC VPX VM STATE Halted after upgrade to SDX 13.1

After upgrade to SDX 13.1 27.59 or lower 13.1 version firmware, you may find SDX booted with SVM running, but VPX in Halted state. Try launch the VM you get the following error: "INTERNALERROR xenopsd internal error: Unix.UnixerrorUnix.ENODEV. "write". "" Checking mpscontrol.log on SVM, you may...

[SECURITY] Fedora 35 Update: xen-4.15.3-4.fc35

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Driver Disk for Microsemi smartpqi 2.1.18-045 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Version ---|--- smartpqi| 2.1.18045 Issues Resolved In this Driver Disk Includes general enhancemen...

USN-5564-1: Linux kernel (Intel IoTG) vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

The vulnerability of the cross-platform hypervisor Xen in Linux operating systems allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the cross-platform hypervisor Xen in the Linux operating system is related to the disclosure of information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or cause service failures...

CVE-2022-34696

Windows Hyper-V Remote Code Execution Vulnerability...

Citrix Hypervisor Security Bulletin for CVE-2022-33745

A security issue has been identified in Citrix Hypervisor 7.1 LTSR CU2 that may allow privileged code in a PV guest VM to fail to perform management operations. The issue has the following CVE identifier: CVE-2022-33745...

AZL-42760 CVE-2022-37434 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

Error: "Invalid connection address" when adding XenServer host connection

The following error is seen when attempting to add a Citrix Hypervisor XenServer hosting connection: Error Id: XDDS:49D3D465 Exception: Citrix.Console.Models.Exceptions.ScriptException Invalid connection address. Check that the address is valid and that it references a host in the XenServer pool...

CVE-2022-35867

This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000 virtual devic...

CVE-2022-35867

This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000 virtual devic...

Stack overflow

This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000 virtual devic...

CVE-2022-35867

This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000 virtual devic...

xhyve 安全漏洞

xhyve is a lightweight OS X virtualization solution open-sourced by machyve. A security vulnerability exists in xhyve that stems from the failure to properly validate the length of user-supplied data before copying it to a stack-based buffer, allowing a local attacker to elevate privileges on an...

PVS Accelerator - For Citrix Hypervisor 8.2 Cumulative Update 1

Who Should Install This Update? This PVS Accelerator update is for customers who use the PVS Accelerator provided with Citrix Hypervisor 8.2 Cumulative Update 1. It constitutes the following deliverable: File Name| CitrixHypervisor-8.2.1-pvsaccelerator-1.0.9.iso ---|--- Description| This file...