4 matches found
CVE-2026-53359 KVM: x86: Fix shadow paging use-after-free due to unexpected role
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...
CVE-2025-40274 KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying
In the Linux kernel, the following vulnerability has been resolved: KVM: guestmemfd: Remove bindings on memslot deletion when gmem is dying When unbinding a memslot from a guestmemfd instance, remove the bindings even if the guestmemfd file is dying, i.e. even if its file refcount has gone to zer...
CVE-2025-40274
CVE-2025-40274: Linux kernel KVM guest_memfd memslot binding uses-after-free when gmem dies. The fix removes bindings on memslot deletion even if the guest_memfd file is dying, preventing writes to freed memory (KASAN). Upstream/SUSE advisories (e.g., SUSE-SU-2026:20220-1) indicate the kernel has...
SUSE CVE-2020-36313
An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvmhost.h, and virt/kvm/kvmmain.c...