Lucene search
K

42 matches found

OSV
OSV
added 2024/07/12 12:31 p.m.25 views

CVE-2024-40953 KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()

In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on lastboostedvcpu in kvmvcpuonspin Use READ,WRITEONCE to access kvm-lastboostedvcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compiler tears the stores, it's...

4.7CVSS6.1AI score0.0019EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2024/05/01 5:27 a.m.25 views

CVE-2024-26991

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpageinfo when checking attributes Fix KVMSETMEMORYATTRIBUTES to not overflow lpageinfo array and trigger KASAN splat, as seen in the privatememconversionstest selftest. When memory attributes ar...

5.5CVSS7.2AI score0.00227EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/03/04 6:10 p.m.20 views

CVE-2021-47092

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Always clear vmx-fail on emulationrequired Revert a relatively recent change that set vmx-fail if the vCPU is in L2 and emulationrequired is true, as that behavior is completely bogus. Setting vmx-fail and synthesizing ...

5.5CVSS5.2AI score0.00288EPSS
Exploits1
NVD
NVD
added 2024/02/29 11:15 p.m.33 views

CVE-2021-47062

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper to iterate over vCPUs when encrypting VMSAs for SEV, which effectively switches to use onlinevcpus instead of createdvcpus. This fix...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References3
OSV
OSV
added 2024/02/29 11:15 p.m.7 views

CVE-2021-47061

In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure after sync'ing SRCU If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guaranteed to see the new...

7.8CVSS7.4AI score
Exploits0References4
OSV
OSV
added 2024/02/29 10:40 a.m.7 views

CLSA-2024-1709203226 kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

8.8CVSS7.1AI score0.06214EPSS
Exploits8References1
OSV
OSV
added 2021/10/28 4:15 a.m.9 views

CVE-2021-43056

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3shvrmhandlers.S implementation bug in the handling of the SRR1 register values...

5.5CVSS6.7AI score
Exploits0References7
OSV
OSV
added 2021/07/26 10:15 p.m.8 views

CVE-2021-37576

arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtasargs.nargs, aka CID-f62f3c20647e...

7.8CVSS7.5AI score
Exploits0References7
OSV
OSV
added 2018/06/27 11:29 a.m.7 views

CVE-2018-12904

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL...

4.9CVSS7AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2018/06/06 12:0 a.m.35 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1510-1)

This update for the Linux Kernel 4.4.103-9256 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel...

8CVSS7.2AI score0.18262EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2018/06/06 12:0 a.m.39 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1516-1)

This update for the Linux Kernel 4.4.90-9250 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel ...

8CVSS7.2AI score0.18262EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2018/06/06 12:0 a.m.59 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1522-1)

This update for the Linux Kernel 4.4.59-9220 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel ...

8CVSS7.2AI score0.18262EPSS
Exploits9References14
CVE
CVE
added 2018/05/15 4:0 p.m.314 views

CVE-2018-1087

CVE-2018-1087 describes a vulnerability in the Linux kernel KVM where exceptions delivered after a stack switch (via Mov SS or Pop SS) were not properly handled. The flaw could allow an unprivileged KVM guest user to crash the guest or potentially escalate privileges within the guest. The descrip...

8CVSS6.3AI score0.00773EPSS
Exploits0References14Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/05/09 12:0 a.m.60 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4096)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4096 advisory. - x86/kernel/traps.c: fix tracedienotifier return value Kris Van Hees CVE-2018-8897 - x86/entry/64: Dont use IST entry for BP stack Andy Lutomirski...

8CVSS6.9AI score0.18262EPSS
Exploits9References3
UbuntuCve
UbuntuCve
added 2017/04/24 11:59 p.m.26 views

CVE-2017-8106

The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer dereference and host OS crash via a single-context INVEPT instruction with a NULL EPT pointer...

5.5CVSS6.8AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2017/02/06 6:59 a.m.7 views

CVE-2017-2596

The nestedvmxcheckvmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service host OS memory consumption by leveraging the mishandling of page references...

6.5CVSS7.1AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/05/10 6:43 p.m.5 views

kernel: kvm: reporting emulation failures to userspace

It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...

4.9CVSS6.6AI score0.00325EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2015/11/10 3:18 a.m.74 views

USN-2804-1: Linux kernel (Trusty HWE) vulnerability

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...

4.9CVSS6.9AI score0.00566EPSS
Exploits0
OSV
OSV
added 2013/12/14 6:8 p.m.6 views

CVE-2013-4587

Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value...

7AI score
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2013/12/04 12:0 a.m.54 views

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2037-1)

A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. CVE-2012-2121 Multiple integer overflow flaws where discovered in the Alchemy LCD frame- buffer drivers in the Linux...

6.9CVSS8AI score0.00596EPSS
Exploits1References3
Rows per page
Query Builder