74 matches found
CVE-2026-53294
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...
CVE-2026-53294
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...
CVE-2024-36332
Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
CVE-2024-36332
Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of stack-local variables as source data during KVM x86 MMIO writes. When writing data tha...
PT-2026-34940
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 component. This occurs when the emulator initiates a write using an on-stack local variable as the source, the write splits a page boundary,...
UBUNTU-CVE-2026-23401
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...
CVE-2026-23401
CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...
SUSE CVE-2026-23213
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002158)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002158 advisory. Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application th...
CVE-2025-68760
The CVE-2025-68760 entry concerns a Linux kernel vulnerability in the AMD IOMMU where iommu_mmio_write() validates the user offset against mmio_phys_end - 4 (assuming 4-byte access), but iommu_mmio_show() performs an 8-byte read (readq). If the offset equals mmio_phys_end - 4, this allows a 4-byt...
PT-2025-52981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to KVM Kernel-based Virtual Machine coalesced MMIO Memory Mapped I/O unregistration. Specifically, the target device is not properly destroyed an...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to destroy the target device when the KVM merge MMIO device logout fails, potentially leading to...