Security Bulletin: This Power System update is being released to address CVE-2025-2884

Summary The PowerVM Virtual Trusted Platform Module vTPM feature is impacted by the referenced vulnerability. Vulnerability Details CVEID:CVE-2025-2884 DESCRIPTION: TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validatio...

Security update for xen

This update for xen fixes the following issues: Security fixes: CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 Other fixes: Upstream bug fixes bsc1027519 Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: T...

UBUNTU-CVE-2022-49955

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fix RTAS MSRHV handling for Cell The semi-recent changes to MSR handling when entering RTAS firmware cause crashes on IBM Cell machines. An example trace: kernel tried to execute user page 2fff01a8 - exploit attempt...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86 – Reject Hyper-V’s SENDIPI hypercalls if the local APIC is not part of the kernel. Advertise support for Hyper-V’s SENDIPI and SENDIPIEX hypercalls only if the local API is emulated/virtualized by KVM. Explicitly reje...

TencentOS Server 4: linux-firmware (TSSA-2024:0439)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0439 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: dpdk (TSSA-2025:0098)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0098 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

On the Impossibility of a Perfect Hypervisor

We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...

[SECURITY] Fedora 41 Update: xen-4.19.2-3.fc41

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

CBL Mariner 2.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)

The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...

Azure Linux 3.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)

The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...

PT-2025-23024

Critical vulnerabilities in XenServer Windows VM Tools enable privilege escalation on XenServer 8.4 & Citrix Hypervisor 8.2 CU1 LTSR. Linux VMs unaffected. Update to version 9.4.1+ ASAP. 🔒 CVE-2025-27462 Australia Virtualization https://t.co/JaZh2Ea25r...

XenServer and Citrix Hypervisor Security Update for CVE-2025-27462, CVE-2025-27463, CVE-2025-27464

Description of Problem Issues have been identified in the XenServer VM Tools for Windows that allow an attacker who has the ability to execute arbitrary unprivileged code within a guest Windows VM to compromise that same VM. This issue affects Windows VMs running on either XenServer 8.4 and Citri...

Secure IVSHMEM: End-To-End Shared-Memory Protocol with Hypervisor-CA Handshake and In-Kernel Access Control

In-host shared memory IVSHMEM enables high-throughput, zero-copy communication between virtual machines, but today's implementations lack any security control, allowing any application to eavesdrop or tamper with the IVSHMEM region. This paper presents Secure IVSHMEM, a protocol that provides...

CVE-2023-21264

In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-30440

IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function VF to cause a denial of servic...

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call...

CVE-2023-46183

IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information. IBM X-Force ID: 269695...

CVE-2023-30612

Cloud hypervisor is a Virtual Machine Monitor for Cloud workloads. This vulnerability allows users to close arbitrary open file descriptors in the Cloud Hypervisor process via sending malicious HTTP request through the HTTP API socket. As a result, the Cloud Hypervisor process can be easily...

CVE-2023-25683

IBM PowerVM Hypervisor FW950.00 through FW950.71, FW1010.00 through FW1010.40, FW1020.00 through FW1020.20, and FW1030.00 through FW1030.11 could allow an attacker to obtain sensitive information if they gain service access to the HMC. IBM X-Force ID: 247592...

CVE-2023-47715

IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration. IBM X-Force ID: 271538...