Lucene search
+L

21 matches found

OSV
OSV
added 2026/07/04 12:17 p.m.8 views

UBUNTU-CVE-2026-53359

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

8.8CVSS6AI score0.00176EPSS
Exploits5References10
Cvelist
Cvelist
added 2026/07/04 11:51 a.m.116 views

CVE-2026-53359 KVM: x86: Fix shadow paging use-after-free due to unexpected role

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

8.8CVSS0.00176EPSS
Exploits5References6
RedhatCVE
RedhatCVE
added 2026/06/26 7:47 a.m.9 views

CVE-2026-53277

A flaw was found in the Kernel-based Virtual Machine KVM component of the Linux kernel on arm64 architectures. This vulnerability occurs because certain page table walk operations, used in fault injection and Address Translation AT emulation, do not properly acquire a Sleepable Read-Copy Update...

8.8CVSS5.8AI score0.00114EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.6 views

SUSE CVE-2026-52969

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is u64 and the addition is unchecked. The check can be silently bypasse...

7.8CVSS5.8AI score0.00152EPSS
Exploits0References13
OSV
OSV
added 2026/06/25 8:40 a.m.4 views

CVE-2026-53277 KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

8.8CVSS5.8AI score0.00114EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 4:28 p.m.17 views

CVE-2026-52969

CVE-2026-52969 affects the Linux kernel KVM component. The vulnerability stems from an unchecked u64 addition in kvm_reset_dirty_gfn(), where the guard if (!memslot || (offset + __fls(mask)) >= memslot->npages) can be bypassed due to offset being 64‑bit. This can allow an out-of-bounds load...

7.8CVSS5.7AI score0.00152EPSS
Exploits0References10Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51863

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the kvm reset dirty gfn function within the Kernel-based Virtual Machine KVM component. A local attacker with access to /dev/kvm can manipulate dirty ring...

8.8CVSS6AI score0.00266EPSS
Exploits0References400
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Do not overflow the lpageinfo array when checking attributes The issue was fixed by preventing KVMSETMEMORYATTRIBUTES from overflowing the lpageinfo array and triggering KASAN errors, as observed in the...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37554

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM x86 component where reading PDPTR registers in the get sregs2 function lacks proper SRCU read-side protection. Reading PDPTRs can trigger access to guest memor...

7.8CVSS5.7AI score0.00139EPSS
Exploits0
Cvelist
Cvelist
added 2026/01/13 3:29 p.m.24 views

CVE-2025-68810 KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot

In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...

0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/01/13 3:29 p.m.3 views

CVE-2025-68810

In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...

5.5AI score0.00166EPSS
Exploits0
OSV
OSV
added 2026/01/13 3:29 p.m.3 views

CVE-2025-68810 KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot

In the Linux kernel, the following vulnerability has been resolved: KVM: Disallow toggling KVMMEMGUESTMEMFD on an existing memslot Reject attempts to disable KVMMEMGUESTMEMFD on a memslot that was initially created with a guestmemfd binding, as KVM doesn't support toggling KVMMEMGUESTMEMFD on...

6.3AI score0.00166EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2542

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc6-115d5de2eef3-next-kasan Description The Linux kernel contains a flaw within the KVM subsystem. Specifically, it fails to prevent disabling the KVM MEM GUEST MEMFD flag on a memslot that was initially...

6.5AI score0.00166EPSS
Exploits0
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing the KVMMEMGUESTMEMFD flag to be cleared on an existing memory slot, potentially leading to reuse...

6AI score0.00166EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/06 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from KVM guestmemfd not properly removing memory slot bindings, which could lead to reuse after release...

6.1AI score0.00161EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986276 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...

7.1CVSS6.2AI score0.00259EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/06/19 2:15 p.m.26 views

CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

5.5CVSS6.2AI score0.00256EPSS
Exploits0References20
CVE
CVE
added 2024/05/21 2:20 p.m.88 views

CVE-2021-47277

CVE-2021-47277 affects the Linux kernel KVM path for guest memory translation. The issue arises when speculative execution may use an invalid guest frame number (gfn) to compute an out-of-bounds host virtual address (hva) in __gfn_to_hva_memslot, enabling a potential two-read Spectre gadget where...

7.1CVSS6.3AI score0.00259EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2013/09/12 12:0 a.m.38 views

Ubuntu Update for linux-ec2 USN-1940-1

Check for the Version of linux-ec2 OpenVAS Vulnerability Test $Id: gbubuntuUSN19401.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux-ec2 USN-1940-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

6.9CVSS0.3AI score0.04707EPSS
Exploits1References2
OSV
OSV
added 2013/07/16 12:0 a.m.3 views

UBUNTU-CVE-2013-1943

The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted...

7.8CVSS7.2AI score0.00449EPSS
Exploits0References5
Rows per page
Query Builder