CBL Mariner 2.0 Security Update: kernel (CVE-2022-45869)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-45869 advisory. - A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause...

Race condition

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualisation and the TDP MMU are enabled...

CVE-2022-45869

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualisation and the TDP MMU are enabled...

CVE-2022-45869

A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualisation and the TDP MMU are enabled...

EulerOS 2.0 SP2 : kernel (EulerOS-SA-2020-1674)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the...

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...

CVE-2020-2732

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5543)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5543 advisory. - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30944739 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5540)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5540 advisory. - KVM: nVMX: Check IO instruction VM-exit conditions Oliver Upton Orabug: 30847136 CVE-2020-2732 - KVM: nVMX: Refactor IO bitmap checks into helper function...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1271)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

kernel-rt is vulnerable to arbitrary code execution attacks. The vulnerability exists as arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users...

kernel-tmb update provides 4.14 series and fixes security vulnerabilities

This kernel-tmb update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in...

MGASA-2018-0062 kernel update provides 4.14 series and fixes security vulnerabilities

This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...

kernel-linus update provides 4.14 series and fixes security vulnerabilities

This kernel-linus update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function i...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1271)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to...

Virtuozzo 7 : readykernel-patch (VZA-2017-098)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel built with the KVM virtualisation support CONFIGKVM, with nested virtualisation nVMX feature enabled...

Stack overflow

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service incorrect index...

CVE-2017-12188

CVE-2017-12188 affects arch/x86/kvm/mmu.c in the Linux kernel up to 4.13.5 where nested virtualization can mis-traverse guest page tables, enabling L1 guests to run arbitrary host code or trigger host denial of service. Connected advisories ( MiracleLinux AXSA-2018-2625, Unity Linux UTSA advisori...