Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004893 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node...

EUVD-2015-4128

Malware in sbrugna...

EUVD-2022-55372

Malicious code in bioql PyPI...

CVE-2022-50106

In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput in the error path to avoid...

MGASA-2015-0310 Updated qemu package fixes security vulnerability

Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process CVE-2015-3209. Kurt Seifried discovered that QEMU incorrectly handl...

FreeBSD : xen-tools -- Potential unintended writes to host MSI message data field via qemu (af38cfec-27e7-11e5-a4a5-002590263bf5)

The Xen Project reports : Logic is in place to avoid writes to certain host config space fields when the guest must nevertheless be able to access their virtual counterparts. A bug in how this logic deals with accesses spanning multiple fields allows the guest to write to the host MSI message dat...

Fedora 20 : xen-4.3.4-6.fc20 (2015-9965)

Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209 1230537 GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163 vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164 Potential unintended writes to host MSI message data field via qem...

Fedora 21 : xen-4.4.2-5.fc21 (2015-9466)

Potential unintended writes to host MSI message data field via qemu XSA-128, CVE-2015-4103, PCI MSI mask bits inadvertently exposed to guests XSA-129, CVE-2015-4104, Guest triggerable qemu MSI-X pass-through error messages XSA-130, CVE-2015-4105, Unmediated PCI register access in qemu XSA-131,...

Debian DSA-3286-1 : xen - security update

Multiple security issues have been found in the Xen virtualisation solution : - CVE-2015-3209 Matt Tait discovered a flaw in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card...

Debian DSA-3284-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3209 Matt Tait of Google's Project Zero security team discovered a flaw in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD packets with a length above 4096 bytes. A privileged guest user in a gues...

DSA-3286-1 xen - security update

Bulletin has no description...

Citrix XenServer Multiple Security Updates (CTX201145)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...

Type confusion

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service host interrupt handling confusion via vectors related to qemu and accessing spanning multiple fields...

CVE-2015-4103

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service host interrupt handling confusion via vectors related to qemu and accessing spanning multiple fields...

CVE-2015-4103

Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service host interrupt handling confusion via vectors related to qemu and accessing spanning multiple fields...

xen-tools -- Potential unintended writes to host MSI message data field via qemu

The Xen Project reports: Logic is in place to avoid writes to certain host config space fields when the guest must nevertheless be able to access their virtual counterparts. A bug in how this logic deals with accesses spanning multiple fields allows the guest to write to the host MSI message data...