90 matches found
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773...
SUSE-SU-2026:1643-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc125777...
Linux kernel double free in Xen privcmd driver
ISSUE DESCRIPTION The Linux kernel's privcmd driver can be abused to circumvent kernel lockdown secure boot by causing a double free of kernel memory. Note that this operation can be performed by root only, so any further impact on the system like denial of service is not security relevant. IMPAC...
PT-2026-35874
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the Xen privcmd driver. The privcmd vm ops defines a .close function privcmd close but lacks .may split and .open callbacks. When a partial munmap is...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013743)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013743 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010934)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010934 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007471)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007471 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...
EUVD-2026-15401
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788
A flaw was found in the Linux kernel's Xen privcmd driver. This vulnerability allows a root user process within an unprivileged guest domU to issue arbitrary hypercalls. Such an action could enable the process to modify the kernel's memory, thereby undermining the secure boot feature designed to...
CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
UBUNTU-CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788
The CVE-2026-31788 entry describes a vulnerability in the Linux kernel related to the Xen privcmd driver. The privcmd interface could allow a user-space process to issue hypercalls that affect other domains, which is normally restricted to root. In secure-boot scenarios, an unprivileged domU coul...
CVE-2026-31788 xen/privcmd: restrict usage in unprivileged domU
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788 xen/privcmd: restrict usage in unprivileged domU
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
SUSE CVE-2026-31788
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient restrictions on the use of the xen/privcmd driver in non-privileged domains, potentially...
Linux privcmd driver can circumvent kernel lockdown
ISSUE DESCRIPTION The Linux kernel's privcmd driver can be abused to circumvent kernel lockdown secure boot, e.g. by modifying page tables to enable user mode to modify kernel memory. IMPACT An administrator of an unprivileged guest booted in secure mode is able to perform actions on the kernel...