Linux Distros Unpatched Vulnerability : CVE-2019-18424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a...

Linux Distros Unpatched Vulnerability : CVE-2018-10471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service out-of-bounds zero write and hypervisor crash via...

USN-7712-1 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.2)

The version of AHV installed on the remote host is prior to AHV-10.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.2 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103053)

The version of AHV installed on the remote host is prior to 20230302.103053. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103053 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging...

USN-7699-2: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

CVE-2025-38595 xen: fix UAF in dmabuf_exp_from_pages()

In the Linux kernel, the following vulnerability has been resolved: xen: fix UAF in dmabufexpfrompages dmabuffd fixes; no preferences regarding the tree it goes through - up to xen folks As soon as we'd inserted a file reference into descriptor table, another thread could close it. That's fine fo...

ROS-20250819-07

Xen hypervisor vulnerability is related to mutual blocking of execution threads. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

USN-7699-1 linux, linux-aws, linux-aws-6.14, linux-gcp, linux-gcp-6.14, linux-oracle, linux-oracle-6.14, linux-raspi, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DM...

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

Linux Distros Unpatched Vulnerability : CVE-2022-42335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging HAP is...

CVE-2025-38506 KVM: Allow CPU to reschedule while setting per-page memory attributes

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

CVE-2025-48807

Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...

ROS-20250813-05

The cross-platform xen hypervisor vulnerability is related to double unlocking when handling x86 guest x86 interrupts. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

PT-2025-32769 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: A missing synchronization flaw in Windows Hyper-V can allow an authorized attacker to cause a denial of service to an adjacent network. Recommendations: At the moment, there is no...

Hypervisor-Based Double Extortion Ransomware Detection Method Using Kitsune Network Features

Double extortion ransomware attacks have become mainstream since many organizations adopt more robust and resilient data backup strategies against conventional crypto-ransomware. This paper presents detailed attack stages, tactics, procedures, and tools used in the double extortion ransomware...

Cisco Unified Communications Manager IM & Presence Privilege Escalation (cisco-sa-imp-inf-disc-cUPKuA5n)

According to its self-reported version, Cisco Unified Communications Manager IM & Presence is affected by a privilege escalation vulnerability. - A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate...

SEV Ciphertext Side Channel Attacks

Summary AMD has received reports from two research groups detailing methods by which a malicious hypervisor could potentially execute a side channel attack against a running secure encrypted virtualization – secure nested paging SEV-SNP guest. The first report, titled “Relocate + Vote: Exploiting...

Linux Distros Unpatched Vulnerability : CVE-2025-21913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/amdnb: Use rdmsrsafe in amdgetmmconfigrange Xen doesn't offer MSRFAM10HMMIOCONFBASE to a...

[SECURITY] Fedora 41 Update: xen-4.19.3-1.fc41

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...