[SECURITY] Fedora 40 Update: libvirt-10.1.0-2.fc40

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 38 Update: libvirt-9.0.0-5.fc38

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 38 Update: libvirt-9.0.0-4.fc38

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

Update Rollup 2 for System Center 2022 Virtual Machine Manager

Update Rollup 2 for System Center 2022 Virtual Machine Manager Applies to Microsoft System Center 2022 Virtual Machine Manager Introduction This article lists the new enhancements and bug fixes that come with System Center Virtual Machine Manager 2022 UR2 release. This article also provides the...

Apple iOS 和 iPadOS 缓冲区错误漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A buffer error vulnerability exists in Apple iOS and iPadOS, which stems from the fact that processing a maliciously...

CVE-2021-33910: Denial of Service (Stack Exhaustion) in systemd (PID 1)

The Qualys Research Team has discovered a stack exhaustion denial-of-service vulnerability in systemd, a near-ubiquitous utility available on major Linux operating systems. Any unprivileged user can exploit this vulnerability to crash systemd and hence the entire operating system a kernel panic...

CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

CVE-2020-9904

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges...

[SECURITY] Fedora 31 Update: libvirt-5.6.0-7.fc31

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 30 Update: libvirt-5.1.0-5.fc30

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 27 Update: libvirt-3.7.0-6.fc27

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 28 Update: libvirt-4.1.0-3.fc28

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

Many Factors Conspire in ICS/SCADA Attacks

Critical infrastructure operators can’t be blamed for a perpetual case of whiplash. They are mired between hackers targeting internet-facing and air-gapped systems with equal precision, and vendors and management unwilling to properly tackle security for fear of downtime and incompatibility. “The...

[SECURITY] Fedora 20 Update: libvirt-1.1.3.9-1.fc20

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

PulseAudio: Insecure temporary file usage

Background PulseAudio is a sound system for POSIX OSes. Description The pamakesecuredir function in core-util.c does not handle temporary files securely. Impact A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application...

Debian Security Advisory DSA 2846-1 (libvirt - several vulnerabilities)

Multiple security issues have been found in Libvirt, a virtualisation abstraction library: CVE-2013-6458 It was discovered that insecure job usage could lead to denial of service against libvirtd. CVE-2014-1447 It was discovered that a race condition in keepalive handling could lead to denial of...

[SECURITY] Fedora 20 Update: libvirt-1.1.3-2.fc20

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

[SECURITY] Fedora 19 Update: libvirt-1.0.5.6-2.fc19

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

CVE-2013-1442

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain...

CVE-2013-1442

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored vCPU after touching other restored extended registers, which allows local guest OSes to obtain...