17 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running...
UBUNTU-CVE-2026-46131
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...
CVE-2026-46131
The CVE-2026-46131 entry concerns the Linux kernel KVM/x86 hypervisor path. It states a vulnerability in the slow flush hypercalls where the is_guest_mode(vcpu) check is incorrect; translate_nested_gpa() is only valid if an L2 guest is running with nested EPT/NPT enabled. The fix uses the same co...
EUVD-2022-55201
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is...
CVE-2022-50224
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...
AZL-70468 CVE-2022-50224 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...
CVE-2022-50224 KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...
CVE-2022-50224
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...
CVE-2022-50224 KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...
CVE-2022-50224
CVE-2022-50224 is a Linux kernel/KVM issue where NX is treated as a valid SPTE bit for NPT, enabling a mismatch that can trigger a WARN when reserved SPTE bits are set. Concrete details come from the Linux kernel KVM/mmu path, including a traceback and a mitigation involving NX handling when the ...
CVE-2022-48793 KVM: x86: nSVM: fix potential NULL derefernce on nested migration
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Turns out that due to review feedback and/or rebases I accidentally moved the call to nestedsvmloadcr3 to be too early, before the NPT is enabled, which is very...
GSD-2022-1005371 KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT
KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
UVI-2021-1000396 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
GSD-2021-1000396 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000300 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000300 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...