[SECURITY] Fedora 41 Update: incus-6.15-1.fc41

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 42 Update: incus-6.15-1.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 42 Update: xen-4.19.3-2.fc42

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Linux Distros Unpatched Vulnerability : CVE-2018-18021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVMSETONREG ioctl. This is exploitable by attackers who ca...

PT-2025-48943

In init pkvm hyp vcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2019-19332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the...

USN-7654-5 linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

PT-2025-30611 · Undefined · Undefined

URGENT: CVE-2025-02471—Xen hypervisor vulnerability allows VM escape on unpatched SUSE systems. ✅ Patch: zypper patch xen-4.17.3 5.1-1 ✅ Impact: Critical CVSS 8.1 Read more: 👉 https://t.co/yErIQy6dqs Infosec DevSecOps LinuxSecurity https://t.co/d9VvVKTncE...

USN-7654-3 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

CVE-2025-1713

When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...

CVE-2025-27465

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up an...

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from...

The vulnerability of the Virtual Machine Communication Interface (VMCI) implementation in software products such as VMware ESXi, Workstation, Fusion, and Cloud Foundation allows a perpetrator to execute arbitrary code.

The vulnerability of the Virtual Machine Communication Interface VMCI implementation in software products such as VMware ESXi, Workstation, Fusion, and Cloud Foundation lies in buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code...

(Pwn2Own) Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

The vulnerability of the Windows Hyper-V hardware virtualization system of Microsoft Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization technology in Microsoft Windows operating systems is related to synchronization errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Citrix XenServer DOS (XSA-470)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a DoS vulnerability where An unprivileged guest can cause a hypervisor crash, causing a Denial of Service DoS of the entire host. Note that Nessus has not tested for this issue but has...

CVE-2024-43806 affecting package cloud-hypervisor for versions less than 32.0-7

CVE-2024-43806 affecting package cloud-hypervisor for versions less than 32.0-7. A patched version of the package is available...

CVE-2024-36357

A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...

CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

x86: Incorrect stubs exception handling for flags recovery

ISSUE DESCRIPTION Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional...