CVE-2026-46131

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 virtualization module. An incorrect check for nested EPT/NPT Nested Extended Page Tables/Nested Nested Page Tables in slow flush hypercalls could lead to improper handling of L2 guests. This vulnerability arises because t...

CVE-2026-46059

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine nSVM module. This vulnerability occurs when running nested virtual machines L2 guests with NRIPS Next Instruction Pointer Suppression disabled. After an L2 guest's initial run, the NextRIP value in vmcb02 may not be correctly...

CVE-2026-46076

A flaw was found in the Kernel-based Virtual Machine KVM nSVM module of the Linux kernel. This vulnerability occurs when an unhandled VMMCALL is not properly intercepted by the Level 1 L1 hypervisor. A malicious Level 2 L2 guest operating system could exploit this by making specific hypercalls,...

EUVD-2026-32283

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

UBUNTU-CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

Linux Distros Unpatched Vulnerability : CVE-2026-45987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unintercepted VMMCALL in KVM nSVM. This vulnerability may lead to unauthorized supercalls at...

K000153108: Linux kernel vulnerability CVE-2024-50208

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when numpages 256K. There will be a single PDE page addre...

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

CVE-2026-43133

Summary: CVE-2026-43133 affects Linux kernel KVM’s nested virtualization (nSVM). When an L2 guest executes VMSAVE/VMLOAD and is not intercepted by L1, KVM may incorrectly use vmcb02 instead of vmcb01 for guest state handling due to an oversight in VMLOAD/VMSAVE emulation after a patch. The root c...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when numpages 256K. There will be a single PDE page address contiguous pages in the cas...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the AMD nested virtualization SVM feature of the KVM. A malicious L1 guest could intentionally fail to intercept the shutdown of a cooperative nested guest L2, potentially causing a page fault and kernel panic in the host L0...

CVE-2026-34601

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...

GHSA-F7PM-6HR8-7GGM Webauthn Framework: allowed_origins collapses URL-like origins to host-only values, bypassing exact origin validation

Summary When allowedorigins is configured, CheckAllowedOrigins reduces URL-like values to their host component and accepts on host match alone. This makes exact origin policies impossible to express: scheme and port differences are silently ignored. Details CheckAllowedOrigins stores each...

PT-2026-24193

Name of the Vulnerable Software and Affected Versions web-auth/webauthn-lib versions prior to 5.2.4 Description The software’s origin validation process, when using the allowed origins configuration, reduces URL-like values to their host component, accepting matches based solely on the host. This...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Linux Linux_Kernel

SENTINEL-ROOT-AUDIT: Honor Magic V2 Hypervisor Detection Suite...

Azure Linux 3.0 Security Update: kernel (CVE-2024-36965)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36965 advisory. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buff...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004380)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004380 advisory. A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstance...