5604 matches found
Upcoming changes for Citrix DaaS to remote hypervisor communication
Citrix DaaS service is migrating the communication channel used to access some Hypervisors. This migration will result in a more stable and higher performing connection. This transition will be performed on a rolling basis starting in Q1 2025...
CVE-2024-11614
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
CVE-2023-31355
A flaw was found in the AMD firmware. This vulnerability allows a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest via improper restriction of write operations. Mitigation Mitigation for this issue is either not available...
Restore to oVirt KVM VM Post-Restore Recommended Actions
Purpose This article documents recommended post-restore actions that should be taken after restoring VMs, physical machines, and cloud machines to the oVirt KVM hypervisor. Solution Starting in the oVirt KVM Plug-In included with Veeam Backup & Replication 12.3, a feature has been added that allo...
CVE-2024-33044 Improper Validation of Array Index in Hypervisor
Memory corruption while Configuring the SMR/S2CR register in Bypass mode...
CVE-2024-33044 Improper Validation of Array Index in Hypervisor
Memory corruption while Configuring the SMR/S2CR register in Bypass mode...
[SECURITY] Fedora 40 Update: xen-4.18.3-3.fc40
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
The vulnerability of the hypervisor in FreeBSD operating systems allows a hacker to execute arbitrary code.
The vulnerability of the hypervisor in FreeBSD operating systems relates to a single-shift error. Exploiting this vulnerability allows an attacker to execute arbitrary code...
CVE-2024-41781 IBM PowerVM Hypervisor information disclosure
IBM PowerVM Platform KeyStore IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the H...
PT-2024-29562 · Ibm · Ibm Powervm Hypervisor
Name of the Vulnerable Software and Affected Versions: IBM PowerVM Hypervisor versions FW950.00 through FW950.90 IBM PowerVM Hypervisor versions FW1030.00 through FW1030.60 IBM PowerVM Hypervisor versions FW1050.00 through FW1050.20 IBM PowerVM Hypervisor versions FW1060.00 through FW1060.10...
FreeBSD : FreeBSD -- Multiple issues in the bhyve hypervisor (eb5c615d-a173-11ef-9a62-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the eb5c615d-a173-11ef-9a62-002590c1f29c advisory. Several vulnerabilities were found in the bhyve hypervisor's device models. The NVMe driver...
XenServer and Citrix Hypervisor Security Update for CVE-2024-45818
Description of Problem An issue has been identified that affects both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR and allows a malicious administrator of a guest VM to cause the host to crash or become unresponsive. This issue has the following identifier: CVE-2024-45818 What Customers Should ...
Deadlock in x86 HVM standard VGA handling
ISSUE DESCRIPTION The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the virtual VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a...
kernel: vmxnet3: disable rx data ring on dma allocation failure
A vulnerability was found in the Linux kernel's vmxnet3 driver in the vmxnet3rqcreate function, where this issue occurs when memory allocation fails for the RX data ring, leading to an improper reference size that may cause the hypervisor to access invalid memory during packet reception, which ca...
Hotfix XS82ECU1078 - For Citrix Hypervisor 8.2 Cumulative Update 1
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1. All customers who are affected by the issues described inCTX692065 - XenServer and Citrix Hypervisor Security Update for CVE-2024-45818should install this hotfix. Note: This hotfix is...
PT-2024-10468
Name of the Vulnerable Software and Affected Versions Xen hypervisor versions prior to 4.7 Description The issue is related to the hypervisor's code for accelerating VGA memory accesses for HVM guests in "standard" mode. The locking mechanism involved has an unusual discipline, which can lead to ...
Apache CloudStack 输入验证错误漏洞
Apache CloudStack is a suite of Infrastructure-as-a-Service IaaS cloud computing platforms from the Apache USA Foundation. The platform is primarily used to deploy and manage large networks of virtual machines. An input validation error vulnerability exists in Apache CloudStack versions 4.0.0...
The vulnerability of the hypervisor component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the hyperv component in the Linux operating system is related to the assignment of the NULL pointer in the sethvtscchangecb function. Exploiting this vulnerability can allow an attacker to cause a service failure...
Hotfix XS82ECU1072 - For Citrix Hypervisor 8.2 Cumulative Update 1
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1. Note: This hotfix is available only to customers on theCustomer Success Servicesprogram. Information About this Hotfix Prerequisite| None ---|--- Post-update tasks| None Content live...
FreeBSD -- Multiple issues in the bhyve hypervisor
Problem Description: Several vulnerabilities were found in the bhyve hypervisor's device models. The NVMe driver function nvmeopcgetlogpage is vulnerable to a buffer over- read from a guest-controlled value. CVE-2024-51562 The virtiovqrecordon function is subject to a time-of-check to time-of-use...