CVE-2026-43133

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM nSVM module. When a nested virtual machine L2 guest executes VMSAVE/VMLOAD instructions, and these are not intercepted by the first-level hypervisor L1, KVM incorrectly uses vmcb02 instead of vmcb01 for managing guest state...

Astra Linux - уязвимость в qemu

A flaw was discovered in the implementation of the 9p passthrough filesystem 9pfs in QEMU. The 9pfs server did not prevent the opening of special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared...

Linux Distros Unpatched Vulnerability : CVE-2025-29939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested pagin...

MiracleLinux 9 : qemu-kvm-8.2.0-11.el9_4.4 (AXSA:2024-8508:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8508:05 advisory. qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write CVE-2024-4467 Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002559 advisory. A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilegeCPL lev...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002498 advisory. The apicgettmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000232)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000232 advisory. A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access...

EUVD-2021-26951

Malware in sbrugna...

kernel: i40e: Do not allow untrusted VF to remove administratively set MAC

A flaw was found in Intel network adapters in the Linux kernel, where untrusted virtualized network interfaces can remove MAC addresses set by the system. This flaw allows an attacker with sufficient privileges to cause a denial of service...

kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning

A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

USN-6503-1 linux, linux-aws, linux-laptop, linux-lowlatency, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Bien Pham discovered that the netfiler subsystem in the Linux...

Important: kernel

Issue Overview: A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations. CVE-2022-39189 In the Linux...

kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva

A flaw was found in KVM. With shadow paging enabled if INVPCID is executed with CR0.PG=0, the invlpg callback is not set, and the result is a NULL pointer dereference. This flaw allows a guest user to cause a kernel oops condition on the host, resulting in a denial of service...

SUSE CVE-2012-3433

Xen 4.0 and 4.1 allows local HVM guest OS kernels to cause a denial of service domain 0 VCPU hang and kernel panic by modifying the physical address space in a way that triggers excessive shared page search time during the p2m teardown...

SUSE CVE-2013-6375

Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a denial of service or gain privileges via unspecified vectors related to an "inverted boolean...

SUSE CVE-2016-10025

VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions aka SVM allows local HVM guest OS users to cause a denial of service hypervisor crash by leveraging a missing NULL pointer check...

SUSE CVE-2019-17340

An issue was discovered in Xen through 4.11.x allowing x86 guest OS users to cause a denial of service or gain privileges because grant-table transfer requests are mishandled...

SUSE CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

SUSE CVE-2021-3656

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "virtext" field, this issue could allow a malicious...

SUSE CVE-2021-22543

An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and ca...