226 matches found
MiracleLinux 3 : kernel-2.6.18-8.17AXS3 (AXSA:2008-82:04)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-82:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. CVE-2007-5498: The Xen hypervisor block backend driver for Linux...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001700)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001700 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...
Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. CVE-2024-6505: heap-based buffer overflow in...
PT-2026-27499
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Xen privcmd driver allows user space processes to issue arbitrary hypercalls. Normally, access is limited to root and the hypervisor denies hypercalls affecting other domains. Howeve...
CVE-2023-54092
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...
UBUNTU-CVE-2023-54092
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...
CVE-2023-54092 KVM: s390: pv: fix index value of replaced ASCE
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...
kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...
UBUNTU-CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
EUVD-2025-37346
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...
UBUNTU-CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...
CVE-2025-58149
CVE-2025-58149 affects the Xen hypervisor. The detach logic for PCI devices fails to remove access permissions to 64‑bit memory BARs when a device is unplugged, allowing PV guests to access memory of devices no longer assigned to them (HVM implications noted with required compromised device model...
EUVD-2010-4228
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414643)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414643 advisory. An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operatio...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414453)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414453 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414452)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414452 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414454)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414454 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414457)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414457 advisory. Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414401)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414401 advisory. Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-984806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984806 advisory. In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIGXENPV=y, .text symbols...