34 matches found
RHEL 9 : kernel (RHSA-2026:20593)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20593 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is preserved even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after preserving the existing SPTE if it is shadow-present. However, the fix proposed in commit 54aa15c6bd...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: powerpc/kasan: Fixed an issue where the early region was not updated correctly. The shadow’s page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. This not only causes false positives but also false negatives, ...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
RLSA-2026:13577 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend CVE-2025-40252 kernel: crypto: asymmetricke...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
AlmaLinux 8 : kernel (ALSA-2026:13577)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13577 advisory. kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend...
RHEL 8 : kernel (RHSA-2026:13577)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13577 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free speci...
RHEL 8 : kernel-rt (RHSA-2026:13578)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13578 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE
...
Linux Distros Unpatched Vulnerability : CVE-2026-23401
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SP...
EUVD-2026-17830
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
CVE-2026-23401
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...
UBUNTU-CVE-2026-23401
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...
CVE-2026-23402
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...
CVE-2026-23402
CVE-2026-23402 affects the Linux kernel KVM MMU on x86. The issue arises when overwriting a shadow-present SPTE with a different PFN, where KVM’s sanity check could allow harmful state changes in direct MMUs (i.e., MMUs without shadowed gPTEs). The problem is tracked in KVM’s mmu_set_spte path, a...