Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2026/01/19 1:38 p.m.5 views

kernel: KVM: arm64: Tear down vGIC on failed vCPU creation

A use-after-free flaw was found in KVM for arm64 in the Linux Kernel, if the kvmarchvcpucreate fails to share the vCPU page with the hypervisor. This vulnerability could even lead to a kernel information leak problem...

7.8CVSS5.8AI score0.00234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001010 advisory. Array index error in the kvmvmioctlcreatevcpu function in virt/kvm/kvmmain.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain...

7.2CVSS7AI score0.0053EPSS
Exploits0References22
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra-host migration if vCPU creation is in progress Migrations of SEV-ES state are rejected if either the source or destination VM is actively creating a vCPU. This occurs when the kvmvmioctlcreatevcpu...

5.5CVSS6AI score0.00147EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Destroying vGIC structures during failed vCPU creation If the function kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl, but leave the vGIC vCPU structures...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References3
OSV
OSV
added 2025/05/09 7:16 a.m.5 views

DEBIAN-CVE-2025-37849

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this leak...

7.8CVSS5.7AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 2025/05/09 7:16 a.m.2 views

UBUNTU-CVE-2025-37849

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this leak...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References48
OSV
OSV
added 2025/03/06 5:15 p.m.10 views

DEBIAN-CVE-2024-58083

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

7.8CVSS5.5AI score0.00195EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/06 3:48 a.m.4 views

SUSE CVE-2024-50114

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...

7.2CVSS6.4AI score0.00227EPSS
Exploits0References5
OSV
OSV
added 2024/11/05 6:15 p.m.1 views

UBUNTU-CVE-2024-50114

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvmputkvm+0x300/0xe68...

7.8CVSS5.7AI score0.00227EPSS
Exploits0References8
Rows per page
Query Builder