MiracleLinux 4 : qemu-kvm-0.12.1.2-2.479.AXS4.2 (AXSA:2015-518:06)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-518:06 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002707 advisory. The x86decodeinsn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service host OS...

PT-2025-52981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to KVM Kernel-based Virtual Machine coalesced MMIO Memory Mapped I/O unregistration. Specifically, the target device is not properly destroyed an...

CVE-2025-40184

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...

KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O

...

KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid

...

CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

CVE-2025-40026 KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Don't recheck L1 intercepts when completing userspace I/O When completing emulation of instruction that generated a userspace exit for I/O, don't recheck L1 intercepts as KVM has already finished that phase of instructi...

CVE-2025-38506

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

Linux Distros Unpatched Vulnerability : CVE-2022-49557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uAB...

Linux Distros Unpatched Vulnerability : CVE-2021-47450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of...

Linux Distros Unpatched Vulnerability : CVE-2021-46977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disable preemption when probing user return MSRs Disable preemption when probing a...

Linux Distros Unpatched Vulnerability : CVE-2022-49932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace an...

Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

PT-2025-44093

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc5-c1610d2d66b1-next-vm Description The Linux kernel contains an issue within the KVM component related to handling L1 intercepts during userspace I/O completion. Specifically, the kernel may recheck L1...

KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception

...

UBUNTU-CVE-2025-37996

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...

UBUNTU-CVE-2025-23141

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

UBUNTU-CVE-2022-49568

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...