Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Prevent leaking grants Prior to this commit, if a grant mapping operation failed partially, some of the entries in the mapops array would be invalid, whereas all of the entries in the kmapops array would be valid. Thi...

Astra Linux - уязвимость в linux

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the event-handling loop a race condition. This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash vi...

Linux kernel double free in Xen privcmd driver

ISSUE DESCRIPTION The Linux kernel's privcmd driver can be abused to circumvent kernel lockdown secure boot by causing a double free of kernel memory. Note that this operation can be performed by root only, so any further impact on the system like denial of service is not security relevant. IMPAC...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010890 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle...

PT-2026-30039

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in KVM for arm64 systems related to the initialization of ID registers for non-protected pKVM guests. The hypervisor incorrectly copies the KVM ARCH FL...

Security Bulletin: Multiple Vulnerabilities in VMware ESXi affect IBM Cloud Pak System

Summary Vulnerabilities in VMware ESXi affect IBM Cloud Pak System. IBM Cloud Pak System has addressed vulnerabilities. Cloud Pak Sytem has delivered updated workload nodes to VMware ESXi 83U3g. Vulnerability Details CVEID:CVE-2025-41236 DESCRIPTION: VMware ESXi, Workstation, and Fusion contain a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004077)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004077 advisory. An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/eventsbase.c allows event-channel removal during the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002984)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002984 advisory. Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003178)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003178 advisory. The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context- switch IOPL on 64-bit PV Xen guests, which allows local guest OS...

SUSE-SU-2025:4419-1 Security update for xen

This update for xen fixes the following issues: Update to Xen 4.20.2 jscPED-8907. Security issues fixed: - CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to it XSA-476, bsc1252692. Other issues fixed: - Failure...

EUVD-2022-55683

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory leak in rsicoexattach The coexcb needs to be freed when rsicreatekthread failed in rsicoexattach...

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

SUSE CVE-2025-58149

When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...

Incorrect removal of permissions on PCI device unplug

ISSUE DESCRIPTION When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the...

SUSE CVE-2022-50471

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: User process sets up a gntdev mapping composed of two grant...

CVE-2022-50471 xen/gntdev: Accommodate VMA splitting

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: User process sets up a gntdev mapping composed of two grant...

CVE-2022-50471 xen/gntdev: Accommodate VMA splitting

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodate VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: User process sets up a gntdev mapping composed of two grant...

CVE-2022-50471

CVE-2022-50471 affects the Linux kernel’s xen/gntdev mapping when using paravirtual Xen domains. The root cause was improper handling of VMAs during VMA splitting, where a gntdev mapping could involve multiple VMAs. This could lead to a Bad Page Table condition and kernel messages about a bad pte...

PT-2025-40658

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The gntdev driver in the Linux kernel did not correctly handle scenarios involving paravirtualized PV Xen domains and Virtual Memory Area VMA splitting. Specifically, the issue occurred...