SUSE-SU-2026:21263-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2025-12748: Denial of service in XML parsing bsc1253278. - CVE-2025-13193: Information disclosure via world-readable VM snapshots bsc1253703...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011186 advisory. In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006977)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006977 advisory. In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to...

PT-2026-34147

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 19.3 through 19.30 Oracle Database Server versions 21.3 through 21.21 Description An issue exists in the Java VM component of Oracle Database Server. An unauthenticated attacker with network access via Oracle Ne...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013285 advisory. A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013323 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use onlinevcpus, not createdvcpus, to iterate over vCPUs Use the kvmforeachvcpu helper ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011173 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011127)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011127 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes vmbus...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013254 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use an u64 for bankmap Thee maximum number of MCA banks is 64 MAXNRBANKS, see...

CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

CVE-2026-40323

SP1 is a zero‑knowledge virtual machine that proves the correct execution of programs compiled for the RISC-V architecture. In versions 6.0.0 through 6.0.2, a soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof...

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. Previous versions of NEMU 55295c4 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of writes to sie CSR when the RVH extension was enabled. This improper handling could affect the...

CVE-2026-29646

OpenXiangShan NEMU is affected by CVE-2026-29646 prior to the 55295c4 commit. With RVH (Hypervisor extension) enabled, a VS-mode guest write to the supervisor interrupt-enable CSR (sie) may be handled incorrectly, potentially influencing the machine-level interrupt enable (mie) state. This underm...

CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

PT-2026-33839

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

ROS-20260420-73-0033

A vulnerability in Incus container management system and virtual machine manager is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...