CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 6 days ago•5 views

CVE-2023-31316

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...

7.1CVSS5.7AI score0.00014EPSS

Exploits0References1

SUSE CVE•added 2026/05/28 3:54 a.m.•8 views

SUSE CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46014

5.7AI score0.00022EPSS

EUVD•added 2026/05/27 12:57 p.m.•8 views

EUVD-2026-32441

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

5.7AI score0.00022EPSS

Cvelist•added 2026/05/27 12:56 p.m.•34 views

CVE-2026-46014 KVM: SVM: Add missing save/restore handling of LBR MSRs

0.00022EPSS

EUVD•added 2026/05/27 12:56 p.m.•8 views

EUVD-2026-32395

CVE•added 2026/05/27 12:56 p.m.•18 views

CVE-2026-46014

The CVE-2026-46014 issue affects the Linux kernel's KVM SVM path, where LBR MSRs (including MSR_IA32_DEBUGCTLMSR) were not properly saved/restored or enumerated by KVM_GET_MSR_INDEX_LIST, making save/restore of LBR state broken. The root cause is missing entries in msrs_to_save_base and restricti...

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an...

Tenable Nessus•added 2026/05/27 12:0 a.m.•8 views

Exploits0References4

Linux Distros Unpatched Vulnerability : CVE-2026-46014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot ...

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

Exploits0References4

PT-2026-43881

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the KVM SVM component, there is a failure in the save and restore handling of Last Branch Record LBR Model Specific Registers MSRs. Specifically, MSR IA32 DEBUGCTLMSR and LBR MSRs are no...

9.8CVSS5.8AI score0.00254EPSS

Exploits12References279

CNNVD•added 2026/05/27 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a processing error in NextRIP within KVM nSVM. This vulnerability may lead to the use of...

UbuntuCve•added 2026/05/27 12:0 a.m.•6 views

CVE-2026-46014

KVM: SVM: Add missing save/restore handling of LBR MSRs...

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed the initialization of the ID registers for non-protected pKVM guests. In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is...

8.8CVSS5.8AI score0.00017EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Warns when a triple fault assertion never “escapes” from L2 The warnings are removed because they perform a sanity check that ensures KVM never allows a triple fault in L2 to escape and end up in L1. In normal operation...

5.5CVSS6AI score0.00048EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. v8-v31 were correctly saved/restored to avoid breaking the user space...

5.5CVSS5.7AI score0.00074EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021607 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of...

5.5CVSS6.8AI score0.00009EPSS

ATTACKERKB•added 2026/05/15 2:36 a.m.•9 views

CVE-2023-31316

7.1CVSS5.9AI score0.00014EPSS

CVE•added 2026/05/15 2:36 a.m.•7 views

CVE-2023-31316

CVE-2023-31316 affects the AMD Secure Processor (ASP) and Video Core Next (VCN) firmware. The root cause is improper preservation of hardware configuration state during a power save/restore operation, allowing a local attacker who can write outside the trusted memory range (TMR) to alter VCN firm...

7.1CVSS5.9AI score0.00014EPSS

Vulnrichment•added 2026/05/15 2:36 a.m.•6 views

CVE-2023-31316

7.1CVSS5.9AI score0.00014EPSS