UBUNTU-CVE-2024-53228

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvmriscvvcpusbiinit the entry-extidx can contain an out-of-bound index. This is used as a special marker for the base extensions, that cannot be disabled. However, when traversing the...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

edk2 security update

20240524-6.0.1 - Replace upstream references Orabug:36569119 20240524-6 - edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch RHEL-56974 - edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch RHEL-55336 - Resolves: RHEL-56974 qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion:...

CVE-2024-50114 KVM: arm64: Unregister redistributor for failed vCPU creation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...

CVE-2024-50114

CVE-2024-50114 affects Linux kernel KVM on arm64. The flaw originates in the vCPU teardown path when a failed vCPU creation leads to an MMIO redistributor being unregistered, triggering a use-after-free in kvm_put_kvm during VM teardown. The root cause is improper teardown ordering that could all...

CVE-2024-50114 KVM: arm64: Unregister redistributor for failed vCPU creation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...

kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

virt:kvm_utils3 security update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport libiscsi libnbd 1.6.0-6.el8 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 1.6.0-5.el8 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or wri...

SUSE CVE-2024-46830

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm-srcu when handling KVMSETVCPUEVENTS Grab kvm-srcu when processing KVMSETVCPUEVENTS, as KVM will forcibly leave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX reads guest memory. Note,...

DEBIAN-CVE-2024-46830

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm-srcu when handling KVMSETVCPUEVENTS Grab kvm-srcu when processing KVMSETVCPUEVENTS, as KVM will forcibly leave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX reads guest memory. Note,...

CVE-2024-46822

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...

UBUNTU-CVE-2024-46830

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm-srcu when handling KVMSETVCPUEVENTS Grab kvm-srcu when processing KVMSETVCPUEVENTS, as KVM will forcibly leave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX reads guest memory. Note,...

CVE-2024-46822 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...

CVE-2024-46822 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...

CVE-2024-46822

CVE-2024-46822 αφορά Linux kernel, prädominantemente为 ARM64 架构，涉及 acpi_map_gic_cpu_interface() 中对 MPIDR 检查失败时导致 cpu_madt_gicc[cpu] 为 NULL 的情况，从而可能造成空指针解引用。修复为对 get_cpu_for_acpi_id() 的调用路径进行强化，确保获取到有效 CPU 条目后再进行索引，避免空指针 dereference。相关公开资料（如 Astra Linux、CIRCL/CVE 记录）确认了该漏洞存在于内核实现并已通过 Harden get_cpu...

CVE-2024-46822 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden getcpuforacpiid against missing CPU entry In a review discussion of the changes to support vCPU hotplug where a check was added on the GICC being enabled if was online, it was noted that there is need to map...

kernel: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...

PT-2024-32233

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc7-332d2c1d713e-next-vm 552 Description The issue is related to the KVM Kernel-based Virtual Machine component in the Linux kernel. Specifically, it involves the handling of KVM SET VCPU EVENTS, where KVM...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...

OESA-2024-1862 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak vcpuput is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among othe...