CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

CVE-2026-45862

iommu/vt-d: Flush cache for PASID table before using it...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from KVM/SVM failing to properly save and restore the LBR MSR, resulting in the restoration function...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX – Prevent RSB underflow before vmenter On VMX, there is some timing balance between the time the guest’s SPECCTRL value is written and the vmenter. Balanced returns matched by a preceding call are usually acceptable...

KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish

...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006999 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010846 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...

Microsoft Hyper-V Code Execution Vulnerability (CNVD-2026-17151)

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

CVE-2023-54098 drm/i915/gvt: fix gvt debugfs destroy

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm minor's debugfs...

CVE-2023-54098

CVE-2023-54098 affects the Linux kernel’s DRM/I915/GVT component. The issue occurs when destroying gvt debugfs: if the drm minor’s debugfs root is already removed (e.g., due to device removal/unbinding), intel_gvt_debugfs_clean() may operate on a dangling pointer, leading to a NULL pointer derefe...

CVE-2025-68244 drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

CVE-2025-40058

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must...

CVE-2025-40058

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must...

DEBIAN-CVE-2025-38351

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALLFLUSHVIRTUALADDRESSLIST and HVCALLFLUSHVIRTUALADDRESSLISTEX allow a guest to request...

[SECURITY] Fedora 41 Update: libkrun-1.13.0-1.fc41

Dynamic library providing Virtualization-based process isolation capabilities...

vdo bug fix update

An update is available for vdo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The vdo packages provide Virtual Data Optimizer VDO, which is a block...

UBUNTU-CVE-2024-31145

Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region Reporting, "RMRR" for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions ...

Microsoft Windows Secure Kernel Mode 安全漏洞

Microsoft Windows Secure Kernel Mode is a security feature from Microsoft Corporation USA that uses virtualization technology to enhance system security. A security vulnerability exists in Microsoft Windows Secure Kernel Mode that stems from an elevation of privilege vulnerability in the Secure...

Microsoft Hyper-V 安全漏洞

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A remote code execution vulnerability exists in Microsoft Hyper-V, which can be exploited by an attacker to execute arbitrary code on a system...

Microsoft Hyper-V 安全漏洞

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A denial of service vulnerability exists in Microsoft Hyper-V. An attacker could exploit this vulnerability to cause a denial of service...