Lucene search
K

772 matches found

OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53345

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying When marking a page dirty, complain about not having a running/loaded vCPU if and only if the VM is still alive, i.e. its refcount is non-zero. This will...

5.8AI score0.00156EPSS
Exploits0References8
OSV
OSV
added 2026/07/01 1:35 p.m.3 views

SUSE-SU-2026:2722-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwor...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References133
Cvelist
Cvelist
added 2026/07/01 1:32 p.m.43 views

CVE-2026-53345 KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying When marking a page dirty, complain about not having a running/loaded vCPU if and only if the VM is still alive, i.e. its refcount is non-zero. This will...

0.00156EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/01 1:32 p.m.8 views

EUVD-2026-40979

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying When marking a page dirty, complain about not having a running/loaded vCPU if and only if the VM is still alive, i.e. its refcount is non-zero. This will...

5.8AI score0.00156EPSS
Exploits0References5
CVE
CVE
added 2026/07/01 1:32 p.m.23 views

CVE-2026-53345

The CVE describes a Linux kernel KVM issue where a page dirty operation could warn about a missing running vCPU even when the VM is dying. The behavior was tied to the VM’s refcount and the state of SEV-ES guests; if a guest memory page remained dirty while the VM is dying and userspace had no ac...

5.8AI score0.00156EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 11:9 p.m.5 views

SUSE-SU-2026:22436-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...

9.8CVSS7AI score0.0053EPSS
Exploits1References145
OSV
OSV
added 2026/06/30 4:55 p.m.4 views

SUSE-SU-2026:22460-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...

9.8CVSS6.7AI score0.0053EPSS
Exploits1References145
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/25 12:0 a.m.5 views

HPESBHF04959 rev.1 - Certain HPE SimpliVity AMD Servers Using Certain AMD EPYC Processors, AMD-SB-3020: SEV-SNP RMP Initialization Vulnerability, Local Unauthorized Access Vulnerability

Potential Security Impact: Local: Unauthorized Access SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 325 Gen11 - Prior to SimpliVity Gen11 Support Pack SVTSP 20260417 HPE SimpliVity 325 Gen10 Plus - Prior to SimpliVity Gen10 Support Pack SVTSP 20260417 CVSS Scores:...

6CVSS7.1AI score0.00199EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.4 views

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.1CVSS6.3AI score0.00126EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.5 views

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.1CVSS6.3AI score0.00126EPSS
Exploits0References11Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

5.8AI score0.00093EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.32 views

CVE-2026-52959 virt: sev-guest: Do not use host-controlled page order in cleanup path

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS0.00093EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52959 virt: sev-guest: Do not use host-controlled page order in cleanup path

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS6AI score0.00093EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:28 p.m.13 views

CVE-2026-52959

The CVE-2026-52959 issue affects the Linux kernel SEV guest module. During an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), get_ext_report() allocates a buffer for a host certificate blob and stores its size in report_req->certs_len. The host may return SNP_GUEST_VMM_ERR_INVALID_LEN ...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51853

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sev-guest component when issuing an extended guest request SVM VMGEXIT EXT GUEST REQUEST. The get ext report function allocates a buffer to retrieve a certificate...

7.8CVSS6AI score0.00093EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in amd64-microcode

Incomplete system memory cleanup in the SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...

4.4CVSS6.2AI score0.00199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-61971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in los...

5.9CVSS6AI score0.00116EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Use kzalloc for sev ioctl interfaces to prevent kernel memory leaks. For some sev ioctl interfaces, input data may be less than or equal to SEVFWBLOBMAXSIZE, but larger than the data returned by the PSP firmware. In...

5.5CVSS6.1AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Always pass an error pointer to sevplatformshutdownlocked When 9770b428b1a2 “crypto: ccp – Move devinfo/err messages for SEV/SNP init and shutdown” moved the error messages so that they don’t need to be issued by...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read from and write to shared, unencrypted memory directly. This may lead to the leakage of information, as well as allowing the host to tamper with the...

5.2AI score0.00108EPSS
Exploits0References1
Rows per page
Query Builder