24 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Reject Hyper-V’s SENDIPI hypercalls if the local APIC is not part of the kernel. Advertise support for Hyper-V’s SENDIPI and SENDIPIEX hypercalls only if the local API is emulated/virtualized by KVM. Explicitly rejec...
CVE-2025-58148
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
ALPINE-CVE-2025-58147
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
UBUNTU-CVE-2025-58147
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
CVE-2025-58148
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
CVE-2025-58148
Xen hypervisor vulnerability CVE-2025-58148 arises from Viridian hypercalls accepting vCPU ID masks in any input format. The flaw can cause send_ipi() to read d->vcpu[] out-of-bounds and operate on a wild vCPU pointer, enabling out-of-bounds reads/writes. Connected advisories confirm impact on...
CVE-2025-58147 x86: Incorrect input sanitisation in Viridian hypercalls
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
CVE-2025-58147 x86: Incorrect input sanitisation in Viridian hypercalls
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...
Linux Distros Unpatched Vulnerability : CVE-2025-39704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in...
SUSE CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
DEBIAN-CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
UBUNTU-CVE-2025-39704
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
CVE-2025-39704
CVE-2025-39704 relates to a Linux kernel issue for LoongArch KVM where send_ipi_data() may trigger a stack-protector based panic if kvm_io_bus_read() writes an 8-byte value regardless of the declared length. The root cause is a buffer handling mismatch in certain emulation paths (e.g., loongarch_...
CVE-2025-39704 LoongArch: KVM: Fix stack protector issue in send_ipi_data()
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
CVE-2025-39704 LoongArch: KVM: Fix stack protector issue in send_ipi_data()
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack protection issue in the LoongArch/KVM module in sendipidata...
PT-2025-36298
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.17.0-rc1+ 102 Description: A stack buffer overflow issue exists in the send ipi data function within the Linux kernel, specifically related to the LoongArch architecture and KVM functionality. The kvm io bus...
SUSE CVE-2025-21779
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...
DEBIAN-CVE-2025-21779
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...