Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414478 advisory. With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and t...

EUVD-2022-25069

Malicious code in bioql PyPI...

kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva

A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...

AlmaLinux 8 : kernel (ALSA-2023:2951)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2951 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

RHEL 8 : kernel (RHSA-2023:2951)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2951 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later...

RHEL 9 : kernel-rt (RHSA-2023:2148)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2148 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-185)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-185 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2257)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-003)

The version of kernel installed on the remote host is prior to 5.15.50-23.125. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-003 advisory. - With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is...

CVE-2022-1789

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference...

DEBIAN-CVE-2022-1789

With shadow paging enabled, the INVPCID instruction results in a call to kvmmmuinvpcidgva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference...

CVE-2022-1789

CVE-2022-1789 targets KVM in the Linux kernel. With shadow paging enabled, INVPCID can lead to a NULL pointer dereference when CR0.PG=0, because the invlpg callback is not set, causing a crash in kvm_mmu_invpcid_gva. The same issue is echoed in Astra Linux and AlmaLinux advisories, which list KVM...

SUSE: Security Advisory (SUSE-SU-2019:13921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : xen (openSUSE-2019-1046) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...

Debian DSA-4369-1 : xen - security update

Multiple vulnerabilities have been discovered in the Xen hypervisor : - CVE-2018-19961 / CVE-2018-19962 Paul Durrant discovered that incorrect TLB handling could result in denial of service, privilege escalation or information leaks. - CVE-2018-19965 Matthew Daley discovered that incorrect handli...

[SECURITY] [DSA 4369-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4369-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019 https://www.debian.org/security/faq -...

SUSE SLES11 Security Update : xen (SUSE-SU-2019:13921-1)

This update for xen fixes the following issues : Security vulnerabilities fixed : CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service DoS affecting the enti...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:0020-1)

This update for xen fixes the following issues : Security vulnerabilities fixed : CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service DoS affecting the enti...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:0003-1)

This update for xen fixes the following issues : Update to Xen 4.11.1 bug fix release bsc1027519 CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the...

openSUSE Security Update : xen (openSUSE-2018-1624) (Foreshadow)

This update for xen fixes the following issues : Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed : - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, m...