387 matches found
UBUNTU-CVE-2026-23425
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register initialization for non-protected pKVM guests In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is initialized from...
KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE
...
CVE-2026-23402
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
CVE-2026-23402 KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
CVE-2026-23401
CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...
PT-2026-29485
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005415)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005415 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of...
CVE-2026-0665
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...
QEMU 安全漏洞
QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a security vulnerability, which stems from a minor error in the KVM Xen client support. This error may lead to...
SUSE CVE-2026-23198
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...
CVE-2026-23198 KVM: Don't clobber irqfd routing type when deassigning irqfd
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...
SUSE CVE-2026-23027
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...
CVE-2026-23028
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
UBUNTU-CVE-2026-23028
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
CVE-2026-23029 LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy is not currently doing...
EUVD-2026-5066
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
CVE-2026-23028 LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy()
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
CVE-2026-23028
In the Linux kernel for LoongArch KVM, a memory-leak was reported: kvm_ioctl_create_device() allocated memory for kvm_device, but kvm_ipi_destroy() did not free the kvm_device struct, causing a leak. The issue is resolved by ensuring kvm_ipi_destroy() frees the allocated kvm_device, preventing th...
CVE-2026-23028
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
Linux Distros Unpatched Vulnerability : CVE-2026-23027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice ha...