OPENSUSE-SU-2023:0166-1 Security update for virtualbox

This update for virtualbox fixes the following issues: - Fix Vagrant/virtualbox startup problems boo1209727 - VirtualBox 7.0.8 released April 18 2023 This is a maintenance release. The following items were fixed and/or added: - VMM: Introduced general improvements in nested visualization area -...

Mageia: Security Advisory (MGASA-2017-0467)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0070)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibl...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0074)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or...

Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualization nVMX feature enabled nested=1, is vulnerable to a crash due to disabled external interrupts. As L2 guest could access r/w hardware CR8 register of the hostL0. In a nested visualization setup, L2 guest user...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...

MGASA-2017-0386 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 4.4.92 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netlink...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream 4.4.92 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netli...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on upstream 4.9.56 and fixes at least the following security issues: A flaw was found in the way the Linux KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest...

CVE-2017-12188

The Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enabled nested=1, was vulnerable to a stack buffer overflow issue. The vulnerability could occur while traversing guest page table entries to resolve guest virtual addressgva. An L1 guest...

CVE-2017-2596

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in 'handlevmon'. An L1 guest user could use this flaw to leak host memory potentiall...

CVE-2016-9588

Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualizationnVMX feature enablednested=1, is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest...