EUVD-2021-26949

Malware in sbrugna...

Rocky Linux 8 : kernel (RLSA-2021:3548)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3548 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provide...

Amazon Linux 2 : microvm-kernel (ALASMICROVM-KERNEL-4.14-2023-002)

The version of microvm-kernel installed on the remote host is prior to 4.14.246-199.474. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MICROVM-KERNEL-4.14-2023-002 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the...

K11546763: Linux kernel vulnerability CVE-2021-3653

Security Advisory Description A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this...

K80212034: Linux kernel vulnerability CVE-2021-3656

Security Advisory Description A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-1328)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege wi...

Input validation

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

AlmaLinux 8 : kernel (ALSA-2021:3548)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3548 advisory. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided ...

Debian DLA-2843-1 : linux - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory. - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listene...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9564)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9564 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9565)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9565 advisory. - LTS tag: v5.4.142 Jack Vogel CVE-2021-3653 CVE-2021-3656 - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested CVE-2021-3656 Maxim Levitsky -...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

RHEL 8 : kernel (RHSA-2021:4056)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4056 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3415-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3415-1 advisory. - An issue was discovered in the Linux kernel through 5.6.11. sgwrite lacks an sgremoverequest call in a certain failure case, aka...

RHEL 7 : kernel (RHSA-2021:3801)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3801 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Improper handling of...

RHEL 7 : kernel (RHSA-2021:3767)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3767 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Improper handling of...

Oracle Linux 7 : kernel (ELSA-2021-3801)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3801 advisory. - KVM: nSVM: always intercept VMLOAD/VMSAVE when nestedCVE-2021-3656 Jon Maloy 1985425 CVE-2021-3656 - KVM: nSVM: avoid picking up unsupported bits fro...