Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Remove the USERGSSYSRET64 paravirt call This change has been committed to the upstream repository as afd30525a659ac0ae0904f0cb4a2ca75522c3123. USERGSSYSRET64 is used to return from a syscall via SYSRET. However, a Xen PV...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001337 advisory. arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000833)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000833 advisory. The xeniret function in arch/x86/xen/xen-asm32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirtops platforms does not properly handle an invalid value in th...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001815 advisory. The xeniret function in arch/x86/xen/xen-asm32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirtops platforms does not properly handle an invalid value in th...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003365 advisory. arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989540 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123...

The vulnerability of the paravirt_patch_default() function in the arch/x86/kernel/paravirt.c module on the x86 kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the paravirtpatchdefault function in the arch/x86/kernel/paravirt.c module on the x86 kernel of the Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a perpetrator to compromise the confidentiality, integrity,...

Linux Distros Unpatched Vulnerability : CVE-2021-4440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET,...

SUSE CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

UBUNTU-CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

CVE-2021-4440

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGSSYSRET64 paravirt call commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV guest will nevertheless use the IRET hypercall, as ther...

SUSE CVE-2012-4539

Xen 4.0 through 4.2, when running 32-bit x86 PV guests on 64-bit hypervisors, allows local guest OS administrators to cause a denial of service infinite loop and hang or crash via invalid arguments to GNTTABOPgetstatusframes, aka "Grant table hypercall infinite loop DoS vulnerability."...

SUSE CVE-2013-0228

The xeniret function in arch/x86/xen/xen-asm32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirtops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application...

SUSE CVE-2014-8134

The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value...

SUSE CVE-2018-15594

arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests...

kernel security and bug fix update

4.18.0-425.10.1.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

USN-5683-1 linux-ibm vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Selim En...

DEBIAN-CVE-2022-26363

x86 pv: Insufficient care with non-coherent mappings This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to...