PT-2026-45767

Name of the Vulnerable Software and Affected Versions Bitdefender Napoca affected versions not specified Description An out-of-bounds write exists in the real-mode hook handler within the napoca/kernel/handler.c file. The handler utilizes a guest-controlled offset derived from SS:SP as an index...

Bitdefender Napoca 缓冲区错误漏洞

Bitdefender Napoca is a lightweight Type-1 bare-machine virtual machine monitor developed by Bitdefender as open source. Bitdefender Napoca has a buffer error vulnerability, which stems from out-of-bounds write operations in the real-mode hook processing routine. This vulnerability may lead to IR...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Remove the USERGSSYSRET64 paravirt call. This change is committed as upstream commit afd30525a659ac0ae0904f0cb4a2ca75522c3123. USERGSSYSRET64 is used to return from a syscall via SYSRET. However, a Xen PV guest will stil...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000618)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000618 advisory. arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002140 advisory. arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001792)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001792 advisory. arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002155 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002177 advisory. arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform mishandles IRET faults in processing NMIs that occurred during userspace execution,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002377 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Siemens SCALANCE and RUGGEDCOM Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-53241)

x86/xen: vulnerability due to issues with the PV iret hypercall through the hypercall page, which is fixed by directly coding the sequence in xen-asm.S to avoid problems with speculation mitigations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988744)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988744 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990300 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989449 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...

EUVD-2009-2783

Malware in sbrugna...

EUVD-2017-17843

Malware in sbrugna...

EUVD-2024-51913

Malicious code in bioql PyPI...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...