Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Correctly handling the kvmarminit failure in finalizepkvm Currently, there is no synchronization between the finalizepkvm and kvmarminit initcalls. finalizepkvm continues to execute even if kvmarminit fails, resulting...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fixed a memory leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory. kvmdevice-destroy seems to be supposed to free up the kvmdevice structure, but kvmeiointcDestroy does not do this...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fixed the flushtlbrange function when it is used to erase normal PMD entries PMD entries that point to page tables, along with the PTE entries in the pointed-to page table. In the arm64 version of flushtlbrange, there is ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: KVM: SVM: Do not generate errors if the user space injects an interrupt with GIF=0. Do not generate errors or warnings during interrupt injection when GIF is cleared. It is trivial for the user space to force this situation...

Astra Linux - уязвимость в linux-6.1

A flaw was discovered in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to the host’s x2apic MSRs when the guest resets its APIC, potentially leading to a denial-of-service condition...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Acquiring kvm-srcu when handling KVMSETVCPUEVENTS Acquire kvm-srcu when processing KVMSETVCPUEVENTS. When KVM sets the SMM mode, it forcibly leaves the nested VMX/SVM state. Leaving such a state also causes nested VM...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Pages are leaked if setmemoryencrypted fails. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail. This results in an error being returned, and the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: Cleanup in all error paths when enabling SR-IOV After commit 50f303496d92 “igb: Enabling SR-IOV after reinit”, removing the igb module could cause a hang or crash depending on the machine when the module was loaded with t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM – Writing hgatp registers with valid mode bits According to the RISC-V Privileged Architecture Specification, when MODE=Bare is selected, software must write zero to the remaining fields of hgatp. We have previously...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/gpusvm: fixed the usage of hmmpfntomaporder This issue involves handling cases where the hmm range partially covers a large page such as 2M. Otherwise, we might end up doing something unpleasant, such as mapping memory tha...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/tdx: Panics occur in cases of incorrect configurations involving access to “private” memory, resulting in a VE exception. All normal kernel memory is considered “TDX private memory”. This includes everything, from kernel...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of proper checki...

Astra Linux - уязвимость в linux, linux-5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.4 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021593 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest...

Important: Red Hat Security Advisory: MTV RHEL9 Images

Updated Release packages that fix several bugs and add various enhancements are now available. Migration Toolkit for Virtualization Images...

Important: Red Hat Security Advisory: MTV RHEL9 Images

Updated Release packages that fix several bugs and add various enhancements are now available. Migration Toolkit for Virtualization Images...

[SECURITY] Fedora 44 Update: rust-sevctl-0.6.2-7.fc44

Administrative utility for AMD SEV...