Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002442)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002442 advisory. Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002021 advisory. Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a...

EUVD-2010-0340

Malware in sbrugna...

EUVD-2014-3576

Malware in sbrugna...

Debian: Security Advisory (DSA-2010-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2010-0309

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...

SUSE CVE-2014-3611

Race condition in the kvmmigratepittimer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service host OS crash by leveraging incorrect PIT emulation...

The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file.

...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1480)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. ...

Debian DSA-3434-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. - CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of servic...

Debian Security Advisory DSA 3348-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2015-3214 Matt Tait of Google OpenVAS Vulnerability Test $Id: deb3348.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3348-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks...

[USN-2692-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2692-1 July 28, 2015 qemu vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150727)

A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...

USN-2692-1: QEMU vulnerabilities

Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is use...

qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function

An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pitioportread function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare cases, use this flaw to execute arbitrary code o...

qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function

An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pitioportread function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare cases, use this flaw to execute arbitrary code o...

qemu -- code execution on host machine

Petr Matousek of Red Hat Inc. reports: Due converting PIO to the new memory read/write api we no longer provide separate I/O region lenghts for read and write operations. As a result, reading from PIT Mode/Command register will end with accessing pit-channels with invalid index and potentially...

RHEL 5 : kvm (RHSA-2015:0869)

Updated kvm packages that fix two security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for eac...

kernel: kvm: PIT timer race condition

A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT Programmable Interval Timer emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host...

USN-2491-1: Linux kernel (EC2) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...