346 matches found
DEBIAN-CVE-2024-40953
In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on lastboostedvcpu in kvmvcpuonspin Use READ,WRITEONCE to access kvm-lastboostedvcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compiler tears the stores, it's...
CVE-2024-40953
In the Linux kernel, the following vulnerability has been resolved: KVM: Fix a data race on lastboostedvcpu in kvmvcpuonspin Use READ,WRITEONCE to access kvm-lastboostedvcpu to ensure the loads and stores are atomic. In the extremely unlikely scenario the compiler tears the stores, it's...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a data contention issue in the kvmvcpuonspin function of the KVM virtualization component...
UBUNTU-CVE-2022-48763
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVMSETVCPUEVENTS or KVMSYNCX86EVENTS. If userspace forces the vCPU out of SMM while...
PT-2024-29195
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the KVM Kernel-based Virtual Machine on arm64 architecture, where a dangling pointer to a redistributor region could be stored in a vcpu when tearing down the...
CVE-2024-36953
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...
DEBIAN-CVE-2024-36953
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...
CVE-2024-36953
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...
UBUNTU-CVE-2024-36953
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...
CVE-2024-36953 KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...
CVE-2024-36953
CVE-2024-36953 affects the Linux kernel KVM for arm64 with vgic-v2. The issue: vgic_v2_parse_attr() searches for a vCPU matching the CPUID and may receive a NULL from kvm_get_vcpu_by_id() if the ID is invalid. Unlike the safe GICv3 flow, the code did not verify the returned vCPU object. Affected ...
SUSE CVE-2021-47296
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak vcpuput is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues...
DEBIAN-CVE-2021-47390
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvmmakevcpusrequestmask+0x174/0x440 kvm Read of size 8 at addr ffffc9001364f638 by tas...
CVE-2021-47390
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapicwriteindirect KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvmmakevcpusrequestmask+0x174/0x440 kvm Read of size 8 at addr ffffc9001364f638 by tas...
CVE-2021-47296
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak vcpuput is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues...
UBUNTU-CVE-2021-47296
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak vcpuput is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues...
CVE-2021-47296 KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak vcpuput is not called if the user copy fails. This can result in preempt notifier corruption and crashes, among other issues...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the kvmarchvcpuioctl vcpuload leak...
SUSE CVE-2024-26976
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...
CVE-2024-26976
In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...