The vulnerability of the KVM virtualization subsystem in Linux operating systems allows a attacker to increase their privileges or cause service failures.

The vulnerability of the KVM virtualization subsystem in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges or cause service interruptions...

USN-3932-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. CVE-2017-18249 Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadat...

The vulnerability of the vcpu_scan_ioapic function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the vcpuscanioapic function arch/x86/kvm/x86.c in the Linux operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure due to a system call to the Kernel-Based Virtual Machine KVM...

Security Bulletin: Security vulnerability has been identified in IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines as it is dependent on ITM shipped Java

Summary IBM Java is shipped as an ITM shared component of IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines. Information about a security vulnerability affecting Linux Kernel-based Virtual Machines agent has been published in a security bulletin...

Important: Red Hat Security Advisory: rhev-hypervisor7 security update

An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 6 and RHEV 3.X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. ...

qemu security update

CentOS Errata and Security Advisory CESA-2018:2162 An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

CentOS Update for qemu-img CESA-2018:1416 centos7

Check the version of qemu-img SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882894";...

RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:1711)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:1711 advisory. The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualizati...

CentOS Update for qemu-guest-agent CESA-2018:1660 centos6

Check the version of qemu-guest-agent SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882880";...

Teaming up in the war on tech support scams

Editors note: Erik Wahlstrom spoke about the far-reaching impact of tech support scams and the need for industry-wide cooperation in his RSA Conference 2018 talk Tech Scams: Its Time to Release the Hounds. Social engineering attacks like tech support scams are so common because theyre so effectiv...

Important: Red Hat Bug Fix Advisory: new packages: qemu-kvm-ma

New qemu-kvm-ma packages are now available for Red Hat Enterprise Linux 7. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z...

RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:0046) (Meltdown) (Spectre)

An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 6 and RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 7 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

MGASA-2018-0062 kernel update provides 4.14 series and fixes security vulnerabilities

This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...

Linux kernel denial of service vulnerability (CNVD-2017-37597)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the KVM in Linux kernel. An attacker can exploit this vulnerability to...

Kernel: kvm: page reference leakage in handle_vmon

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...

Kernel: Kvm: vmx/svm potential privilege escalation inside guest

Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support was vulnerable to an incorrect segment selectorSS value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resultin...

Important: Red Hat Security Advisory: qemu-kvm-rhev security and bug fix update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RedHat Update for qemu-kvm RHSA-2017:1430-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for qemu-guest-agent CESA-2017:1206 centos6

Check the version of qemu-guest-agent SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882712";...

Important: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...