7 matches found
MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.8.el7.AXS7 (AXSA:2025-9625:10)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9625:10 advisory. media: edia: dvbdev: fix a use-after-free CVE-2024-27043 btrfs: dev-replace: properly validate device names CVE-2024-26791 KVM: nSVM: Ignore nCR34:0...
CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...
CVE-2024-50115 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...
CVE-2024-50115
CVE-2024-50115 is a Linux kernel vulnerability affecting KVM nSVM where loading PDPTEs from memory incorrectly handles nCR3[4:0]. The issue can cause an out-of-bounds read if a target page is at the end of a memslot, due to not enforcing 32-byte alignment when PAE paging is used. The root cause i...
UVI-2021-1000396 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
GSD-2021-1000396 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000300 KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit
KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...