5599 matches found
PT-2026-45766
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...
PT-2026-45205
Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 21.0 through 51.1 Description A guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same head index while asynchronous block I/O such as io...
OPENSUSE-SU-2026:10907-1 cloud-hypervisor-52.0-1.1 on GA media
These are all security issues fixed in the cloud-hypervisor-52.0-1.1 package on the GA media of openSUSE Tumbleweed...
EUVD-2026-32774
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...
CVE-2026-46147
In CVE-2026-46147, the Linux kernel KVM arm64 vCPU initialization had two bugs: (1) after hyp_pin_shared_mem() succeeds, an early error path could jump to unlock and leak host pin references for vCPU and SVE state pages because unpin_host_vcpu()/unpin_host_sve_state() weren’t called; a fix extrac...
SUSE CVE-2026-46076
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...
[SECURITY] Fedora 44 Update: xen-4.21.1-3.fc44
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 43 Update: xen-4.20.3-3.fc43
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
CVE-2026-46076
The CVE-2026-46076 entry concerns the Linux kernel KVM nSVM, where an unhandled VMMCALL can produce an Undefined Opcode (#UD) when L2 is active, L1 does not intercept, nested_svm_l2_tlb_flush_enabled() is true, and the hypercall is not among the supported Hyper-V hypercalls. The vulnerability ari...
Linux Distros Unpatched Vulnerability : CVE-2026-46076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL,...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve a full Gunyah metadata region. We have observed spurious “Synchronous External Abort” exceptions ESR=0x96000010 and kernel crashes on Monaco-based platforms. These faults occur due to the kernel...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed a crash in hvpcirestoremsimsg during hibernation. When a Linux virtual machine with a assigned PCI device runs on Hyper-V, if the PCI device driver is not yet loaded i.e., MSI-X/MSI is not enabled on the device,...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, caused by the periodic HV timer. When advancing the target expiration of the guest’s APIC timer in periodic mode, set the...
Astra Linux - уязвимость в linux-6.1
Improper initialization of the CPU cache memory could allow a privileged attacker with access to the hypervisor to overwrite the SEV-SNP guest memory, resulting in loss of data integrity...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in the .notes section. When building with CONFIGXENPV=y, .text symbols are emitted into the .notes section so that Xen can find the “startupxen” entry point. This information is used before booting...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but are written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt request irq There might be pending USR interrupts before requesting the IRQ. However, uartaddoneport has not been executed, which could lead to kernel panic. 0.795668 Unable to...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: x86/kvm: The teardown of PV features also occurs during boot-up. Various PV features Async PF, PV EOI, steal time work through memory shared with the hypervisor. When we resume from hibernation, we must properly teardown all...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timers only once A check for existing xen timers was added before initializing a new timer. Currently, the kvmxeninittimer function is called every time KVMXENVCPUATTRTYPETIMER is used; this causes an...