Virtuozzo 7 : anaconda / anaconda-core / anaconda-dracut / etc (VZA-2018-037)

According to the versions of the anaconda / anaconda-core / anaconda-dracut / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a...

Amazon Linux AMI : kernel (ALAS-2018-1023)

A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...

Amazon Linux 2 : kernel (ALAS-2018-1023)

A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...

SEVered Attack Extracts the Memory of AMD-Encrypted VMs

UPDATE Virtual machines that use AMD’s Secure Encrypted Virtualization SEV, a hardware-based encryption scheme, have been found to be vulnerable to the same malicious hypervisor attacks that can affect all processors. A successful attack can extract the full contents of their main memory in...

Debian DLA-1383-1 : xen security update

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation. For Debian 7 'Wheezy', these problems have been fixed in version 4.1.6.lts1-14. We recommend that you upgrade your xen packages. NOTE: Tenable...

Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-034)

According to the versions of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch...

Researchers Defeat AMD's SEV Virtual Machine Encryption

German security researchers claim to have found a new practical attack against virtual machines VMs protected using AMD's Secure Encrypted Virtualization SEV technology that could allow attackers to recover plaintext memory data from guest VMs. AMD's Secure Encrypted Virtualization SEV technology...

Researchers Defeat AMD's SEV Virtual Machine Encryption

German security researchers claim to have found a new practical attack against virtual machines VMs protected using AMD's Secure Encrypted Virtualization SEV technology that could allow attackers to recover plaintext memory data from guest VMs. AMD's Secure Encrypted Virtualization SEV technology...

Important product update: Fixes for CVE-2018-3639 and CVE-2018-1087 in virtual machines; Virtuozzo 6.0 Update 12 Hotfix 26 (6.0.12-3707)

This hotfix provides security fixes for the hypervisor part of Virtuozzo 6.0 Update 12. Vulnerability id: CVE-2018-1087 A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack...

[SECURITY] Fedora 26 Update: xen-4.8.3-5.fc26

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 28 Update: xen-4.10.1-3.fc28

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] [DLA 1383-1] xen security update

Package : xen Version : 4.1.6.lts1-14 CVE ID : CVE-2018-8897 CVE-2018-10981 CVE-2018-10982 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation. For Debian 7 "Wheezy", these problems have been fixe...

Important: kernel

Issue Overview: A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions...

RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:1711)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:1711 advisory. The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualizati...

RHEL 7 : Virtualization (RHSA-2018:1654) (Spectre)

An update for qemu-kvm-rhev is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 7 Extended Life Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Kernel: KVM: error in exception handling leads to wrong debug stack value

A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first...

Speculative Store Bypass

ISSUE DESCRIPTION Contemporary high performance processors may use a technique commonly known as Memory Disambiguation, whereby speculative execution may proceed past unresolved stores. This opens a speculative sidechannel in which loads from an address which have had a recent store can observe a...

VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

vCenter Server, ESXi, Workstation, and Fusion update speculative execution control mechanism for Virtual Machines VMs. As a result, a patched Guest Operating System GOS can remediate the Speculative Store bypass issue CVE-2018-3639 using the Speculative-Store-Bypass-Disable SSBD control bit. This...

VMSA-2018-0012:VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

VMSA-2018-0012.1 VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0012.1 VMware Security Advisory Severity: Moderate VMware Security Advisory...

5 Reasons Why AV Can’t Protect Your Data Center

Why are so many organizations lagging behind in performing security assessments of virtual assets in their datacenter? One contributing factor is the impact of virtualization on the datacenter has happened so quickly and organically, that products and processes haven’t kept up. Even now, there is...