215 matches found
CVE-2025-1713
CVE-2025-1713 : In Xen hypervisor, deadlock can occur when setting up interrupt remapping for legacy PCI(-X) devices, including bridges. The upstream bridge lookup requires acquiring a lock in a context where the lock is unsafe, creating a potential deadlock and impacting availability. Connected ...
CVE-2025-1713 deadlock potential with VT-d and legacy PCI device pass-through
When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...
CVE-2025-1713 deadlock potential with VT-d and legacy PCI device pass-through
When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...
KVM: x86: Reset IRTE to host control if *new* route isn't postable
...
DEBIAN-CVE-2025-38216
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Restore context entry setup order for aliased devices Commit 2031c469f816 "iommu/vt-d: Add support for static identity domain" changed the context entry setup during domain attachment from a set-and-check policy to a...
Mechanistic Interpretability in the Presence of Architectural Obfuscation
Architectural obfuscation - e.g., permuting hidden-state tensors, linearly transforming embedding tables, or remapping tokens - has recently gained traction as a lightweight substitute for heavyweight cryptography in privacy-preserving large-language-model LLM inference. While recent work has sho...
Fedora: Security Advisory (FEDORA-2024-1a9b10c921)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly resetting the IRTE, which could result in interrupt misdelivery...
CVE-2025-1713
A flaw was found in Xen's handling of interrupt remapping for legacy PCI-X devices when using Intel's VT-d. Specifically, acquiring a lock during the setup process in an unsafe context can lead to a deadlock. This issue can be triggered by passing through certain devices to unprivileged guests,...
PT-2025-20537
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to KVM Kernel-based Virtual Machine on x86 systems. The issue arises when the new GSI route prevents posting the IRQ...
virtio-win bug fix and enhancement update
An update is available for virtio-win. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM offers a full virtualization solution...
SUSE CVE-2025-1713
When setting up interrupt remapping for legacy PCI-X devices, including PCI-X bridges, a lookup of the upstream bridge is required. This lookup, itself involving acquiring of a lock, is done in a context where acquiring that lock is unsafe. This can lead to a deadlock...
Fedora 41 : logiops (2024-1a9b10c921)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1a9b10c921 advisory. Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a...
OESA-2024-2345 mosquitto security update
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...
OESA-2024-2344 mosquitto security update
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...
OESA-2024-2343 mosquitto security update
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...
SUSE CVE-2024-3935
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...
DEBIAN-CVE-2024-3935
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...
CVE-2024-3935
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...
UBUNTU-CVE-2024-3935
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...