Lucene search
K

76 matches found

RedHat Linux
RedHat Linux
added 11 hours ago8 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 11 hours ago6 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS6AI score0.00184EPSS
Exploits0References5
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

7.8CVSS0.00177EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.5 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

7.8CVSS5.7AI score0.00177EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.12 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS5.5AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 6:6 a.m.12 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/20 4:10 a.m.11 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/15 2:51 a.m.9 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS5.8AI score0.00105EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/06 5:34 p.m.11 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 8:46 a.m.6 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/06 8:21 a.m.9 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 5:31 a.m.10 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.5 views

PT-2026-34940

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 component. This occurs when the emulator initiates a write using an on-stack local variable as the source, the write splits a page boundary,...

8.8CVSS5.8AI score0.00128EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of stack-local variables as source data during KVM x86 MMIO writes. When writing data tha...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References2
OSV
OSV
added 2026/04/01 9:16 a.m.5 views

UBUNTU-CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

8.1CVSS5.7AI score0.00184EPSS
Exploits0References4
CVE
CVE
added 2026/04/01 8:36 a.m.164 views

CVE-2026-23401

CVE-2026-23401: In the Linux kernel KVM x86/mmu, a race allowed installing an MMIO SPTE without first zapping an existing shadow-present SPTE when guest memory writes occurred outside KVM’s scope. This could enable a guest‑memory–related fault to leave a shadow SPTE intact when an MMIO SPTE is in...

8.1CVSS5.8AI score0.00184EPSS
Exploits0References28Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/19 12:26 a.m.4 views

SUSE CVE-2026-23213

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...

4.4CVSS5.7AI score0.00113EPSS
Exploits0References19
OSV
OSV
added 2026/02/18 2:21 p.m.7 views

CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this window e.g., from...

5.5CVSS5.3AI score0.00113EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002158 advisory. Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service guest OS crash via a crafted application th...

4.9CVSS6.5AI score0.00374EPSS
Exploits0References20
CVE
CVE
added 2026/01/05 9:32 a.m.19 views

CVE-2025-68760

The CVE-2025-68760 entry concerns a Linux kernel vulnerability in the AMD IOMMU where iommu_mmio_write() validates the user offset against mmio_phys_end - 4 (assuming 4-byte access), but iommu_mmio_show() performs an 8-byte read (readq). If the offset equals mmio_phys_end - 4, this allows a 4-byt...

6.1AI score0.00155EPSS
Exploits0References3
Rows per page
Query Builder