Linux Distros Unpatched Vulnerability : CVE-2022-48700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 2024-08-27: CVE-2022-48700 was added to this advisory. 2024-08-27: CVE-2022-48671 was added to this advisory. 2024-08-27: CVE-2022-48672 was added to this...

Linux Distros Unpatched Vulnerability : CVE-2022-0171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel b...

CVE-2021-47389

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sevdecommission in sevreceivestart DECOMMISSION the current SEV context if binding an ASID fails after RECEIVESTART. Per AMD's SEV API, RECEIVESTART generates a new guest context and thus needs to be paired...

CVE-2021-47389 KVM: SVM: fix missing sev_decommission in sev_receive_start

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sevdecommission in sevreceivestart DECOMMISSION the current SEV context if binding an ASID fails after RECEIVESTART. Per AMD's SEV API, RECEIVESTART generates a new guest context and thus needs to be paired...

CVE-2021-47389

CVE-2021-47389 is a Linux kernel/KVM SVM issue related to SevReceiveStart and SEV context decommission. The root cause was a missing SEV decommission step when ASID binding fails after RECEIVE_START, which can leak firmware memory and eventually prevent allocating new SEV guest contexts, causing ...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-070 advisory. 2024-04-10: CVE-2023-0461 was added to this advisory. 2024-02-01: CVE-2024-0562 was added to this advisory. 2024-02-01: CVE-2022-48619 was added to this advisory. 2023-10-10: CVE-2023-3357 was...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-2 advisory. Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secu...

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-185)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-185 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2022-009 (ALASKERNEL-5.15-2022-009)

The version of kernel installed on the remote host is prior to 5.15.73-48.135. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-009 advisory. A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2022-021 (ALASKERNEL-5.10-2022-021)

The version of kernel installed on the remote host is prior to 5.10.147-133.644. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-021 advisory. A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allow...

MGASA-2022-0379 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...

CVE-2022-0171

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV...