Astra Linux - уязвимость в linux-5.10, linux

Guests running on Arm can cause Denial of Service DoS attacks on Dom0 through PV devices. When mapping memory pages of guests on Arm, Dom0 uses an rbtree to keep track of the foreign mappings. The update of this rbtree does not always occur completely with the relevant lock held, resulting in a...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: x86/kvm: The teardown of PV features also occurs during boot-up. Various PV features Async PF, PV EOI, steal time work through memory shared with the hypervisor. When we resume from hibernation, we must properly teardown all...

EUVD-2026-30928

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status pages via XENMEMaddtophysmap. Some of the status pages may then be freed while...

CVE-2026-23558

The adjustments made for XSA-379 as well as those subsequently becoming XSA-387 still left a race window, when a HVM or PVH guest does a grant table version change from v2 to v1 in parallel with mapping the status pages via XENMEMaddtophysmap. Some of the status pages may then be freed while...

Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations as a result of changes to the handling of grant mapping errors. A host OS denial of service may occur during...

Astra Linux - уязвимость в linux-5.10, linux

Several Linux PV device frontends are vulnerable to attacks by backends that use grant table interfaces to remove access rights from resources. This can lead to potential data leaks, data corruption by malicious backends, and denial of service attacks. The backends that use these interfaces may n...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an initialization error in the ID register of unprotected pKVM clients, potentially leading to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004097 advisory. An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions o...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001515 advisory. An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003966 advisory. In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004320 advisory. In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000962 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002173 advisory. Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service host OS crash or gain privileges by writing to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002731 advisory. Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002155 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002377 advisory. The xenfailsafecallback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002669 advisory. An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001700 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...

MiracleLinux 3 : kernel-2.6.18-8.17AXS3 (AXSA:2008-82:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-82:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. CVE-2007-5498: The Xen hypervisor block backend driver for Linux...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001713 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...