346 matches found
CVE-2021-4095
A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVMXENHVMSETATTR ioctl...
PT-2021-7295 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15 rc7 Description: The issue is related to incomplete cleanup of temporary or auxiliary resources in the arch/x86/kvm/lapic.c component of the Kernel-based Virtual Machine KVM subsystem in the Linux kernel...
UVI-2021-1001312 KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.136 by commit...
UVI-2021-1001244 KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak
KVM: PPC: Fix kvmarchvcpuioctl vcpuload leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.54 by commit...
UVI-2021-1000022 KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
KVM: VMX: Don't use vcpu-run-internal.ndata as an array index This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.32 by commit...
UVI-2021-1000012 KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
KVM: VMX: Don't use vcpu-run-internal.ndata as an array index This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...
GSD-2021-1000012 KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
KVM: VMX: Don't use vcpu-run-internal.ndata as an array index This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.16 by commit...
SUSE: Security Advisory (SUSE-SU-2018:0007-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2020-29570
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. Malicious or buggy guest kernels c...
FIFO event channels control block related ordering
ISSUE DESCRIPTION Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also ready for use. IMPACT Malicious or buggy guest kernels can mount a Denial of...
Fedora 31 : xen (2020-d46fe34349)
x86 pv: Crash when handling guest access to MSRMISCENABLE XSA-333, CVE-2020-25602 1881619 Missing unlock in XENMEMacquireresource error path XSA-334, CVE-2020-25598 1881616 race when migrating timers between x86 HVM vCPU-s XSA-336, CVE-2020-25604 1881618 PCI passthrough code reading back hardware...
CVE-2020-15564
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOPregistervcpuinfo. The hypercall VCPUOPregistervcpuinfo is used by a guest to register a shared region with the hypervisor. The region will be mapped...
ALPINE-CVE-2020-15564
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOPregistervcpuinfo. The hypercall VCPUOPregistervcpuinfo is used by a guest to register a shared region with the hypervisor. The region will be mapped...
DEBIAN-CVE-2020-15564
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOPregistervcpuinfo. The hypercall VCPUOPregistervcpuinfo is used by a guest to register a shared region with the hypervisor. The region will be mapped...
PT-2020-5907 · Xen +2 · Xen +2
Name of the Vulnerable Software and Affected Versions: Xen versions through 4.13.x Description: An issue in Xen allows Arm guest OS users to cause a hypervisor crash due to a missing alignment check in the VCPUOP register vcpu info hypercall. This hypercall is used by a guest to register a shared...
Updating vCPU in Nutanix prov scheme via Powershell, new machines are not getting the new setting
Tried to decrease the number of cores per vCPU in a Nutanix machine catalog. However, the new machines did not have the desired change...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1528)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:2353-1)
This update for qemu fixes the following issues : Security issues fixed : CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. CVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources bsc1135902. CVE-2019-13164: Security fix fo...
SUSE SLES12 Security Update : libvirt (SUSE-SU-2019:2227-2)
This update for libvirt fixes the following issues : Security issues fixed : CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd...
SUSE-SU-2019:2353-1 Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources bsc1135902. - CVE-2019-13164: Security fi...