392 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2023-53756
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of...
CVE-2023-53756
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...
DEBIAN-CVE-2025-40274
In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...
CVE-2025-40274
In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...
Linux Distros Unpatched Vulnerability : CVE-2025-40266
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large...
KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
...
SUSE CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
DEBIAN-CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989116)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989116 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the...
KVM: arm64: Prevent access to vCPU events before init
...
CVE-2025-40102
CVE-2025-40102 affects the Linux kernel KVM/ARM64: an attacker could access vCPU events before a vCPU is initialized, leading to misinterpretation of uninitialized data and potential exception handling issues. The description and connected advisories (EulerOS kernel advisories) confirm this as a ...
SUSE CVE-2025-40038
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...
EUVD-2025-36441
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
CVE-2025-40065
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detected the valid mode...
CVE-2025-40026
The CVE-2025-40026 entry concerns the Linux kernel KVM on x86. The issue arises when completing userspace I/O emulation: KVM should not recheck L1 intercepts because it has already completed that phase, but if the I/O permission bitmaps are modified during the exit to userspace, KVM may treat the...
CVE-2025-40026
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...
Linux Distros Unpatched Vulnerability : CVE-2025-40026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't...
KVM: VMX: Prevent RSB underflow before vmenter
...
KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits
...