Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: KVM: SVM: Do not generate errors if the user space injects an interrupt with GIF=0. Do not generate errors or warnings during interrupt injection when GIF is cleared. It is trivial for the user space to force this situation...

CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000767 advisory. Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service host OS memory corruption or...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001776)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001776 advisory. Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execu...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002090)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002090 advisory. The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002070)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002070 advisory. arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial o...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993123)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993123 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt...

PT-2026-4667

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc2-ffa07f7fd437-x86 amx nm xfd non init-vm Description The Linux kernel contains a flaw related to the handling of XSTATE BV and XFD during guest XSAVE state loading via KVM SET XSAVE. Specifically, the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20520)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20520 advisory. - perf: Fix perfeventvalidatesize lockdep splat Mark Rutland Orabug: 36261485 CVE-2023-6931 - perf: Fix perfeventvalidatesize Peter Zijlstra Orabu...

SUSE CVE-2022-2196

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...

kernel: KVM: s390: vsie: fix race during shadow creation

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap-private being zero in kvms390vsiegmapnotifier resulting in a crash. This is due to the fact that we add gmap-private == kvm after creation:...

UBUNTU-CVE-2024-26991

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: x86: Don't overflow lpageinfo when checking attributes Fix KVMSETMEMORYATTRIBUTES to not overflow lpageinfo array and trigger KASAN splat, as seen in the privatememconversionstest selftest. When memory attributes ar...

CLSA-2023-1693424916 kernel: Fix of 18 CVEs

netfilter: nftsetpipapo: fix improper element removal CVE-2023-4004 - net: tun: fix bugs for oversize packet when napi frags enabled CVE-2023-3812 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 - net/sched: schqfq: account for stab overhead in qfqenqueue...

April 10, 2018—KB4093115 (Security-only update)

April 10, 2018—KB4093115 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Windows Update and WSUS will offer this update to applicable Windows client and serve...

kvm: device assignment page leak

The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service memory leak and host OS crash by leveraging administrative access to the guest OS to conduct hotunplug an...

UBUNTU-CVE-2012-0045

The emsyscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 aka syscall opcode, which allows guest OS users to cause a denial of service guest OS crash via a crafted application, as demonstrated by an NASM file...

PT-2010-5009 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36 Description: The issue is related to the KVM implementation in the Linux kernel, which does not properly reload the FS and GS segment registers. This can be exploited by host OS users to cause a denial of...

kvm: cat /dev/port in guest cause the host hang

The pitioportread function in the Programmable Interval Timer PIT emulation in i8254.c in KVM 83 does not properly use the pitstate data structure, which allows guest OS users to cause a denial of service host OS crash or hang by attempting to read the /dev/port file...