19 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...
CVE-2021-47262
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery provided by the tracing subystem to make a copy of the string literals consumed by the "nested VM-Enter failed" tracepoint. A complet...
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0147-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-2 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often...
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6416-3)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6416-3 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...
SUSE SLES15 Security Update : kernel (SUSE-SU-2023:4093-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4093-1 advisory. The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2023:4071-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4071-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...
SUSE-SU-2023:4072-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component. This vulnerability could allow a local attacker to crash the system or lead to a kerne...
SUSE-SU-2023:4035-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem bsc1215861. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc121586...
CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
CVE-2023-4155 Sev-es / sev-snp vmgexit double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6343-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6343-1 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...
Fedora 38 : kernel (2023-ee241dcf80)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ee241dcf80 advisory. The 6.4.10 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9244)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9244 advisory. - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942325 CVE-2022-0847 - arm64: Use the clearbhb instruction in...
AlmaLinux 8 : kernel (ALSA-2021:3548)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3548 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided ...
The vulnerability of the Linux operating system’s kernel, related to deficiencies in access control, allows attackers to escalate their privileges.
The vulnerability of the Linux operating system’s kernel is related to improperly applied security restrictions in the KVM AMD code, which is used to support embedded virtualization within SVM. Exploiting this vulnerability can allow attackers to increase their privileges...
USN-5073-2 linux-gcp, linux-gcp-4.15 vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
Scientific Linux Security Update : kvm on SL5.x x86_64 (20151022)
A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance denial of service or potentially execute arbitrary code on the host...