ALPINE-CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

UBUNTU-CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

...

AZL-68717 CVE-2022-49610 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPECCTRL value is written, and the vmenter. Balanced returns matched by a preceding call are usually ok, but it's...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from VMX before vmenter that could lead to an RSB underflow...

CVE-2024-11149

In OpenBSD 7.4 before errata 014, vmm4 did not restore GDTR limits properly on Intel VMX CPUs...

UBUNTU-CVE-2024-46830

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm-srcu when handling KVMSETVCPUEVENTS Grab kvm-srcu when processing KVMSETVCPUEVENTS, as KVM will forcibly leave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX reads guest memory. Note,...

PT-2024-11057 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to KVM: VMX, where vmx handle exit uses vcpu-run-internal.ndata as an index for an array access. Since...

Speculative execution attacks in KVM VMX

...

Update Veeam MP Core Services to Support TLS 1.2 Protocol

Challenge Starting with vSphere 6.5, the TLS protocol version 1.2 is enabled by default. Cause To allow Veeam Virtualization Extensions Service and Veeam VMware Collectors to connect to vCenter Servers that use the TLS 1.2 protocol, you must update Veeam MP core services. Solution NOTE: The...

PT-2017-12369 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.13.3 Description: The issue arises from the prepare vmcs02 function in arch/x86/kvm/vmx.c, which fails to ensure the existence of "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls when L1 omits the...

UBUNTU-CVE-2017-8106

The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer dereference and host OS crash via a single-context INVEPT instruction with a NULL EPT pointer...

Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection

Posted by Gal Beniamini, Project Zero Traditionally, the operating system’s kernel is the last security boundary standing between an attacker and full control over a target system. As such, additional care must be taken in order to ensure the integrity of the kernel. First, when a system boots, t...

Null pointer dereference

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

UBUNTU-CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

Important: Red Hat Security Advisory: rhev-hypervisor security update

Updated rhev-hypervisor packages that fix one security issue are now available. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the...

RHEL 5 : rhev-hypervisor5 (RHSA-2012:1262)

An updated rhev-hypervisor5 package that fixes multiple security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue is now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE...

Important: Red Hat Security Advisory: rhev-hypervisor6 security update

An updated rhev-hypervisor6 package that fixes one security issue is now available for Red Hat Enterprise Virtualization Hypervisor 3.2. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives...