135 matches found
AZL-78282 CVE-2026-27211 affecting package cloud-hypervisor 48.0.246-1
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...
PT-2026-21357
Name of the Vulnerable Software and Affected Versions Cloud Hypervisor versions 34.0 through 50.0 Description Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads, has an issue where a malicious guest can potentially access sensitive host files. This occurs when using virtio-block...
Cloud hypervisor 安全漏洞
Cloud Hypervisor is a virtual machine monitor developed by Cloud Hypervisor Company, designed for modern cloud workloads. Versions 34.0 to 50.0 of Cloud Hypervisor contain security vulnerabilities. These vulnerabilities stem from defects in the virtio-block device supported by original images,...
MiracleLinux 7 : qemu-kvm-1.5.3-126.el7.5 (AXSA:2017-1328:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1328:02 advisory. qemu-kvm is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu-kvm acts as a virtual machine monitor together...
Astra Linux – Vulnerability in Qemu
A flaw was discovered in QEMU, specifically in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size of virtqueuepush, as specified in virtioscsicompletereq, virtioblkreqComplete, and viritocryptoreqComplete, might be larger than the actual size of the data that has been sent to the...
USN-7865-1 linux-fips vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7865-1: Linux kernel (FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990227)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990227 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de virtio-blk: Ensure ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989847)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989847 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: don't keep queue frozen during system suspend Commit 4ce6e2db00de virtio-blk: Ensure ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989128)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989128 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...
USN-7797-3: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...
USN-7797-3 linux-aws vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...
CLSA-2025-1760983231 Fix of 25 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading Bionic update: upstream stable patchset 2021-06-11 LP: 1931740 // CVE- url:...
EUVD-2014-3483
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986832)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986832 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986508)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986508 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986328)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986328 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk-vqs should be freed before we...