StarWind SAN & NAS has unspecified vulnerabilities

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A security vulnerability exists in StarWind SAN & NAS that could be exploited by an attacker to reset the passwords of other users...

StarWind SAN

StarWind SAN & NAS is a standalone hypervisor server or group of servers for StarWind.A command injection vulnerability exists in StarWind SAN & NAS, which can be exploited by attackers to remotely execute code...

Microsoft Hyper-V资源管理错误漏洞

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. Microsoft Hyper-V is vulnerable to a resource management error. The following products and editions are affected:Windows 10 Version 1809 for...

SUSE SLES12 Security Update : xen (SUSE-SU-2022:0342-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0342-1 advisory. - A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where ...

Important: kernel

Issue Overview: A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service...

Important: kernel

Issue Overview: A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization...

Citrix Releases Security Updates for Hypervisor

Citrix has released security updates to address vulnerabilities in Hypervisor. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review Citrix Security Update CTX337526 and apply the necessary updates. This product ...

VMware Fusion 12.x < 12.2.0 Heap Overflow RCE (VMSA-2022-0001)

VMware Fusion contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. Not...

CVE-2022-21816

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager nvidia.ko, where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service...

Design/Logic Flaw

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager nvidia.ko, where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service...

CVE-2022-21816

CVE-2022-21816 affects NVIDIA vGPU Software — the Virtual GPU Manager (nvidia.ko). A guest-OS user can induce a GPU interrupt storm on the hypervisor host, causing a denial of service. Public details confirm affected software is NVIDIA vGPU Software (nvidia.ko) with this root cause and impact; ex...

CVE-2022-21816

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager nvidia.ko, where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service...

Security Advisory for Citrix Hypervisor

Several security issues have been identified that affect Citrix Hypervisor: An issue has been identified that may allow privileged code in a PV guest VM to cause the host to crash. This issue has the following identifier: CVE-2022-23034 Note that PV guests are supported in Citrix XenServer 7.1 LT...

CVE-2020-12966

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...

Information disclosure

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...

CVE-2020-12966

AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...

[SECURITY] Fedora 35 Update: xen-4.15.1-5.fc35

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Vulnerability fixed in VMware Workstation, Fusion & ESXi

A vulnerability has been fixed in VMware Workstation, Fusion & ESXi. The vulnerability enables a malicious person with access to a virtual machine on which CD-ROM virtualization is enabled to able to execute arbitrary code on the hypervisor. To exploit this vulnerability, a CD image must be...

PT-2022-8415 · Amd · Amd Epyc Processors

Name of the Vulnerable Software and Affected Versions: AMD EPYC Processors affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secur...

Security Bulletin: NVIDIA GPU Display Driver - February 2022

NVIDIA has released a software security update for NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service or memory corruption. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software...