Lucene search
+L

226 matches found

RedHat Linux
RedHat Linux
added 2025/10/06 11:22 p.m.6 views

kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...

5.5CVSS6.7AI score0.00157EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/06 12:0 a.m.2 views

RHEL 9 : kernel (RHSA-2025:17377)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17377 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: security/keys: fix...

7.1CVSS7.1AI score0.00274EPSS
Exploits0References9
OSV
OSV
added 2025/10/06 12:0 a.m.11 views

ALSA-2025:17377 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush CVE-2025-38351 kernel: wifi: ath12k:...

7.1CVSS7.8AI score0.00274EPSS
Exploits0References8
CVE
CVE
added 2025/10/04 3:43 p.m.10 views

CVE-2022-50495

CVE-2022-50495 is rejected/not used; this entry does not represent an active vulnerability.

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-18420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOPinitialise hypercall...

6.5CVSS6.6AI score0.02522EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-26362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to...

6.9CVSS6.6AI score0.00379EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-17347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service or gain privileges because a guest can manipulate its...

7.8CVSS6.8AI score0.00352EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-12893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions...

6.5CVSS7.1AI score0.00414EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-26932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of...

5.5CVSS6.7AI score0.00346EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-33744

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of tha...

4.7CVSS6.7AI score0.00309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-23041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

7CVSS6.6AI score0.00359EPSS
Exploits0References2
NVD
NVD
added 2025/04/16 3:15 p.m.7 views

CVE-2025-22045

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flushtlbrange when used for zapping normal PMDs On the following path, flushtlbrange can be used for zapping normal PMD entries PMD entries that point to page tables together with the PTE entries in the pointed-to pag...

5.5CVSS0.00186EPSS
Exploits0References11
OSV
OSV
added 2025/04/16 2:12 p.m.9 views

CVE-2025-22045 x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix flushtlbrange when used for zapping normal PMDs On the following path, flushtlbrange can be used for zapping normal PMD entries PMD entries that point to page tables together with the PTE entries in the pointed-to pag...

5.5CVSS6.4AI score0.00186EPSS
Exploits0References14
CVE
CVE
added 2025/04/16 2:12 p.m.134 views

CVE-2025-22045

The connected Astra Linux entry reproduces CVE-2025-22045 and provides a concrete technical detail: the Linux kernel x86 flush_tlb_range() path could zap normal PMD entries ( pointing to page tables ) together with PTEs, via collapse_pte_mapped_thp → pmdp_collapse_flush → flush_tlb_range. The fix...

5.5CVSS6.3AI score0.00186EPSS
Exploits0References11Affected Software1
RedHat Linux
RedHat Linux
added 2025/04/15 9:57 a.m.7 views

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

5.5CVSS6.8AI score0.00304EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/04/15 9:50 a.m.6 views

kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

5.5CVSS6.8AI score0.00304EPSS
Exploits0References4
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

DEBIAN-CVE-2023-52994

In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 "x86/boot: Skip realmode init code when running as Xen PV guest" missed one code path accessing realmodeheader, leading to dereferencing NULL when suspending the system under Xen:...

5.5CVSS5.4AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a null pointer dereference that occurs when the system hangs in the Xen PV environment...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/12/24 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the x86/xen architecture handling PV iret hypercall incorrectly called via the hypercall page...

5.5CVSS6.6AI score0.00304EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2024/12/18 3:48 a.m.9 views

SUSE CVE-2024-53241

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

5.5CVSS7.7AI score0.00304EPSS
Exploits0References25
Rows per page
Query Builder