12898 matches found
Astra Linux - уязвимость в qemu
A flaw was discovered in the implementation of the 9p passthrough filesystem 9pfs in QEMU. The 9pfs server did not prevent the opening of special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared...
Astra Linux - уязвимость в linux
A flaw was discovered in the KVM’s AMD code, which handles SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the “virtext” field, this issue could all...
Astra Linux - уязвимость в qemu
A flaw was discovered in the virtio-net device in QEMU. When the RSS feature is enabled on the virtio-net network card, the indirectionstable data within RSS becomes controllable. Setting values that are excessively large may lead to an index out-of-bounds issue, potentially resulting in a heap...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Disabling Intel PT virtualization in both guest and host modes is enabled by default under CONFIGBROKEN. This means that KVM disables support for virtualizing Intel PT via guest/host mode, unless the BROKEN=y flag is se...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – If the new GSI Global Service Interface route prevents the IRQ being posted directly to a vCPU, then the IRTE should be reset to host control. The IRTE should also be restored to host control if it is in MSI mode or in...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Mapping EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
A issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of a vCPU that has already been launched/encrypted. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing the DMACR register The chapter “B Generic UART” in “ARM Server Base System Architecture” 1 describes a generic UART interface. Such a generic UART does not support DMA. In current cod...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...
Astra Linux - уязвимость в qemu
A use-after-free vulnerability was discovered in the virtio-net device of QEMU. This vulnerability can occur when the address of the descriptor belongs to the non-direct access region, due to the numbuffers being set after the virtqueue elem has been unmapped. A malicious guest can exploit this...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is preserved even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after preserving the existing SPTE if it is shadow-present. However, the fix proposed in commit 54aa15c6bd...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Fixed a stack-out-of-bounds memory access from ioapicwriteindirect. KASAN reports the following issue: BUG: In kvmmakevcpusrequestmask+0x174/0x440 kvm, there is a stack-out-of-bounds situation. A read of size 8 at...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Fix for a panic occurring on an out-of-bounds guest IRQ. Since the guestIRQ comes from the KVMIRQFD API call, it may trigger a crash in svmupdatepiirte, due to an out-of-bounds access. Crash output: pid: 22218 task:...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM – Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1’s MSRAMD64TSCRATIO has diverged from KVM’s...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Removed a user-triggered WARN message in nestedsvmloadcr3. The WARN message in svmsetnestedstate in nestedsvmloadcr3 was removed. This is because it is trivially easy for userspace to trigger this message by modifying...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMSAVE/VMLOAD emulation. The commit cc3ed80ae69f states that “KVM: nSVM: always use vmcb01 for vmsave/vmload of guest state”. This commit ensured that KVM always used vmcb01 for the fields controll...
Astra Linux - уязвимость в linux
A flaw was discovered in the KVM’s AMD code, responsible for supporting SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest, which is used to spawn or handle a nested guest L2. Due to improper validation of the “intct...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: moved xesvminit earlier. In xevmcloseandput, we need to be able to call xesvmfini. However, during vm creation, we can call this function on the error path, before actually initializing the svm state. This leads to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: A WARN message is generated on vNMI when an NMI is requested, provided that the NMIs are effectively masked. This occurs only if the vCPU is already handling an NMI. KVM’s approach for handling simultaneous NMIs is to...