UBUNTU-CVE-2022-49568

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...

The vulnerability of the KVM kernel component of the Linux operating system, which allows a hacker to gain access to confidential information

The vulnerability of the Linux operating system’s KVM kernel component is related to excessive data output in the vmxgetperfcapabilities function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

kernel: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status The Linux kernel CVE team has assigned CVE-2024-26990 to this issue. Upstream advisory:...

CVE-2024-50139 KVM: arm64: Fix shift-out-of-bounds bug

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sysregs.c:1988:14 shift exponent 33 is too large f...

CVE-2024-45005

...

The vulnerability of the `fixup_guest_exit` function in the arm64 component of the KVM virtualization subsystem of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the fixupguestexit function in the arm64 component of the KVM virtualization subsystem of the Linux operating system is related to the use of an outdated value of esr when a SError exception occurs. Exploiting this vulnerability can allow an attacker to cause a service failur...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a forced departure from the nested virtualizer when the KVM:x86 module switches SMM states...

SUSE CVE-2024-36953

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...

The vulnerability of the kvm_io_bus_unregister_dev() function in the KVM subsystem of Linux operating systems allows a attacker to cause a service failure.

The vulnerability of the kvmiobusunregisterdev function in the KVM subsystem of Linux operating systems is related to errors in pointer assignment during device registration. Exploiting this vulnerability can allow an attacker to cause system failures...

kernel: KVM: x86/mmu: race condition in direct_page_fault()

A flaw was found in the Linux kernel in the KVM. A race condition in directpagefault allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization and the TDP MMU are enabled...

DEBIAN-CVE-2023-5090

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

NVIDIA DGX Security Vulnerability

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. The NVIDIA DGX H100 suffers from a security vulnerability that stems from a security flaw in the KVM service that allows an unauthenticated attacker to cause session token leakage to other users by observing...

SUSE CVE-2008-2382

The protocolclientmsg function in vnc.c in the VNC server in 1 Qemu 0.9.1 and earlier and 2 KVM kvm-79 and earlier allows remote attackers to cause a denial of service infinite loop via a certain message...

SUSE CVE-2011-4347

The kvmvmioctlassigndevice function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service host OS crash via a...

SUSE CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

The vulnerability of the KVM virtualization subsystem in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the KVM virtualization subsystem in Linux operating systems is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow an attacker to trigger a service failure...

PT-2022-6439 · Kvm +7 · Kvm +7

Name of the Vulnerable Software and Affected Versions: KVM affected versions not specified Description: A flaw was found in KVM's AMD nested virtualization SVM. A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest L2, possibly leading to a page fault a...

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

...

The vulnerability of the kvm_irq_delivery_to_apic_fast() function in the KVM virtualization subsystem of the Linux operating system allows a attacker to trigger a service failure.

The vulnerability of the kvmirqdeliverytoapicfast function in the KVM virtualization subsystem of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to trigger a service failure...

OESA-2022-1730 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: NFC: netlink: fix sleep in atomic bug when firmware download timeoutCVE-2022-1975 In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalati...