Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix for live migration function without VF device driver If the VF device driver is not loaded in the Guest OS and we attempt to perform device data migration, the address of the migrated data will be NULL. The...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages. encdechypercall previously accepted the number of pages instead of their size, forcing its callers to round up values. As a result, non-page-aligned vaddrs operations...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Mark the target gfn of the emulated atomic instruction as dirty When emulating an atomic access on behalf of the guest, mark the target gfn as dirty if the CMPXCHG instruction attempts to be executed and fails without a...

Xen 安全漏洞

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during operation, ensuring smooth functioning and avoiding downtime. Xen has a security vulnerability th...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: xen-netfront: Fixed NULL pointer dereferencing after live migration. A NAPI is set up for each network interface to poll data for the kernel. The interface with the source host is destroyed during live migration, and a new...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: tlb: Fixed the TLBI RANGE operand KVM/arm64 relies on the TLBI RANGE feature to flush TLBs when the dirty pages are collected by the VMM and the page table entries become write-protected during live migration. Unfortunatel...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013143 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page cou...

[SECURITY] Fedora 42 Update: incus-6.23-3.fc42

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

[SECURITY] Fedora 43 Update: incus-6.23-3.fc43

Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon...

Security Assessment of Intel TDX with Support for Live Migration

In the second and third quarters of 2025, Google collaborated with Intel to conduct a security assessment of Intel Trust Domain Extensions TDX, extending Google's previous review and covering major changes since Intel TDX Module 1.0 - namely support for Live Migration and Trusted Domain TD...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38283)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38283 advisory. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: bugfix live migration...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.448.AXS4.2 (AXSA:2015-125:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-125:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

SUSE CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

Linux Distros Unpatched Vulnerability : CVE-2023-53996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As ...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

UBUNTU-CVE-2023-53996

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

CVE-2023-53996

CVE-2023-53996 : In the Linux kernel, a bug in x86/sev handling caused live migration corruption when encryption status was computed. The function enc_dec_hypercall() previously used a page count instead of a size, forcing callers to round up and causing non-page-aligned vaddrs to be treated as d...

CVE-2023-53996 x86/sev: Make enc_dec_hypercall() accept a size instead of npages

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...