CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

346 matches found

SUSE CVE•added 2023/02/15 3:48 a.m.•2 views

SUSE CVE-2021-4032

A vulnerability was found in the Linux kernel's KVM subsystem in arch/x86/kvm/lapic.c kvmfreelapic when a failure allocation was detected. In this flaw the KVM subsystem may crash the kernel due to mishandling of memory errors that happens during VCPU construction, which allows an attacker with...

4.9CVSS6.3AI score0.00393EPSS

Exploits3References3

SUSE CVE•added 2023/02/15 3:34 a.m.•2 views

SUSE CVE-2022-1263

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service...

4.7CVSS6.7AI score0.00419EPSS

Exploits1References10

Oracle linux•added 2022/11/22 12:0 a.m.•33 views

virt-v2v security, bug fix, and enhancement update

2.0.7-6.0.1 - Replaced bugzilla.oracle.com references Orabug: 34202300 - replaced upstream references Orabug:34089586 1:2.0.7-6 - Install qemu-ga package during conversion resolves: rhbz2028764 1:2.0.7-5 - Remove LVM2 devices file during conversion resolves: rhbz2112801 - Add support for Zstandar...

6.5CVSS7.1AI score0.00774EPSS

Exploits0

Microsoft CVE•added 2022/09/09 7:0 a.m.•3 views

An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.

...

7.8CVSS7.1AI score0.00323EPSS

Exploits0

Microsoft CVE•added 2022/09/08 7:0 a.m.•2 views

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls causing a kernel oops condition that results in a denial of service.

...

5.5CVSS7.3AI score0.00419EPSS

Exploits1

ATTACKERKB•added 2022/08/31 4:15 p.m.•6 views

CVE-2022-1263

5.5CVSS6.7AI score0.00419EPSS

Exploits1References5

Prion•added 2022/08/31 4:15 p.m.•28 views

Null pointer dereference

1.7CVSS5.6AI score0.00419EPSS

Exploits1References4Affected Software2

CVE•added 2022/08/31 3:33 p.m.•242 views

CVE-2022-1263

CVE-2022-1263 is a Linux kernel KVM NULL pointer dereference bug that triggers when releasing a vCPU with dirty ring support enabled. An unprivileged local attacker on the host can issue specific ioctl calls to cause a kernel oops and DoS. Public advisories (e.g., Amazon Linux 2 ALAS2KERNEL-5.15-...

5.5CVSS5.6AI score0.00419EPSS

Exploits1References4Affected Software1

Spring Security Advisories•added 2022/08/31 7:0 a.m.•11 views

Price Reduction - Azure Spring Apps does more, costs less!

We believe in providing the most innovative cloud offerings at incredibly competitive prices. As we operate Azure Spring Apps, we continue to build efficiencies and economies of scale. We are passing those efficiencies to you. Many customers have asked us to lower the size of the base unit to mak...

0.6AI score

Exploits0

OSV•added 2022/04/24 10:33 p.m.•7 views

GSD-2022-1002315 xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32

xen: delay xenhvminittimeops if kdump is boot on vcpu=32 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.238 by commit...

7.2AI score

Exploits0

OSV•added 2022/04/24 10:20 p.m.•10 views

GSD-2022-1002191 xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32

7.2AI score

Exploits0

OSV•added 2022/04/24 10:1 p.m.•6 views

GSD-2022-1001991 xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32

7.2AI score

Exploits0

OSV•added 2022/04/24 9:36 p.m.•6 views

GSD-2022-1001701 xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32

7.2AI score

Exploits0

Microsoft CVE•added 2022/03/16 7:0 a.m.•5 views

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1.

...

5.5CVSS7.3AI score0.00387EPSS

Exploits1

ATTACKERKB•added 2022/01/21 7:15 p.m.•5 views

CVE-2021-4032

4.9CVSS6.5AI score0.00393EPSS

Exploits3References4

Prion•added 2022/01/21 7:15 p.m.•21 views

Session fixation

4.9CVSS4.3AI score0.00393EPSS

Exploits3References3Affected Software1

OSV•added 2022/01/21 7:15 p.m.•1 views

UBUNTU-CVE-2021-4032

4.4CVSS6.6AI score0.00393EPSS

Exploits3References3

Debian CVE•added 2022/01/21 6:17 p.m.•31 views

CVE-2021-4032

4.9CVSS6.2AI score0.00393EPSS

Exploits3

CNNVD•added 2022/01/21 12:0 a.m.•5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux, of which KVM is a kernel-based virtual machine. Linux kernel suffers from a denial-of-service vulnerability, which stems from the possibility that the KVM subsystem may mishandle a memory error that...

4.9CVSS8.1AI score0.00393EPSS

Exploits3References4

CNVD•added 2021/12/24 12:0 a.m.•27 views

Linux Kernel kvm_dirty_ring_get() function denial of service vulnerability

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux Kernel kvmdirtyringget suffers from a function denial of service vulnerability, which is caused by the kvmdirtyring function in virt/kvm/dirtyring.c without creating a vCPU. dirtyring function in...

5.5CVSS3.6AI score0.00387EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by