27 matches found
EUVD-2026-39788
Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...
CVE-2026-12411
Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled...
CVE-2026-12411
CVE-2026-12411 concerns Canonical LXD where the devLXDInstancePatchHandler component suffers a broken access control, allowing an untrusted guest to mount, read, and overwrite another guest’s custom storage volume via a crafted device PATCH to /dev/lxd when security.devlxd.management.volumes is e...
PT-2026-52840
Name of the Vulnerable Software and Affected Versions Canonical LXD affected versions not specified Description Broken Access Control in the devLXDInstancePatchHandler component allows an untrusted guest to mount, read, and overwrite the custom storage volume of another guest. This is achieved by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001323)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001323 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003072)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003072 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003429)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003429 advisory. Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can...
CVE-2020-10565
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...
EUVD-2018-1787
Malware in sbrugna...
EulerOS 2.0 SP11 : dpdk (EulerOS-SA-2025-1154)
According to the versions of the dpdk package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest ...
dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
CVE-2024-0094 CVE
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where an untrusted guest VM can cause improper control of the interaction frequency in the host. A successful exploit of this vulnerability might lead to denial of service...
K35504111: Linux kernel vulnerability CVE-2018-1000026
Security Advisory Description Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitabl...
CVE-2020-10565
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...
Design/Logic Flaw
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command read or write by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhy...
MGASA-2019-0107 Updated kernel packages fix security vulnerability
This kernel update is based on the upstream 4.14.104 and fixes at least the following security issue: Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware...
kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet
Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...
kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet
Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...
kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet
Improper validation in the bnx2x network card driver of the Linux kernel version 4.15 can allow for denial of service DoS attacks via a packet with a gsosize larger than 9700 bytes. Untrusted guest VMs can exploit this vulnerability in the host machine, causing a crash in the network card...
AZL-6517 CVE-2018-1000026 affecting package kernel for versions less than 5.10.78.1-1
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pa...