EUVD-2023-34873

Malicious code in bioql PyPI...

Important: kernel

Issue Overview: kernel: Type confusion in picknextrtentity, which can result in memory corruption. CVE-2023-1077 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the...

Amazon Linux 2 : kernel (ALAS-2024-2581)

The version of kernel installed on the remote host is prior to 4.14.348-265.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2581 advisory. An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks...

Amazon Linux AMI : kernel (ALAS-2024-1942)

The version of kernel installed on the remote host is prior to 4.14.348-187.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1942 advisory. 2024-07-31: CVE-2024-27020 was added to this advisory. 2024-07-31: CVE-2024-26976 was added to this advisory...

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC CVE-2023-52578 In the Linu...

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVMSETVCPUEVENTS or KVMSYNCX86EVENTS. If userspace forces the vCPU out of SMM while...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2024-070 (ALASKERNEL-5.4-2024-070)

The version of kernel installed on the remote host is prior to 5.4.238-148.347. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2024-070 advisory. An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2024-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456...

CVE-2021-46978

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

CVE-2021-46978 KVM: nVMX: Always make an attempt to map eVMCS after migration

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

CVE-2021-46978

CVE-2021-46978 : Linux kernel KVM nVMX fix for mapping eVMCS after migration. When enlightened VMCS is used and nested state is migrated via vmx_get_nested_state()/vmx_set_nested_state(), evmcs page could not be mapped immediately because evmcs GPA lacked the expected struct kvm_vmx_nested_state_...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-2560)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in tableclear in...

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2023-12413)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12413 advisory. - netfilter: nftables: deactivate anonymous set from preparation phase Pablo Neira Ayuso Orabug: 35382084 CVE-2023-32233 - KVM: nVMX: add missing...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12394)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12394 advisory. - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6150-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6150-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6123-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6123-1 advisory. Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests,...

AlmaLinux 8 : kernel (ALSA-2023:2951)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2951 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. CVE-2021-26341 - When sending...

RHEL 9 : kernel-rt (RHSA-2023:2148)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2148 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Unbreakable Enterprise kernel security update

5.15.0-101.103.2.1 - Revert 'attr: use consistent sgid stripping checks' Sherry Yang Orabug: 35346968 - Revert 'iommu: Force iommu shutdown on panic' Boris Ostrovsky Orabug: 35346963 5.15.0-101.103.2 - uek-rpm: mod-extra: Remove mt7921e.ko from extras list Harshit Mogalapalli Orabug: 34999685 -...

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6020-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6020-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...