EulerOS Virtualization 2.13.0 : libxslt (EulerOS-SA-2025-2587)

According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to...

EulerOS Virtualization 2.13.0 : libxml2 (EulerOS-SA-2025-2586)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances whe...

EulerOS Virtualization 2.13.0 : gnutls (EulerOS-SA-2025-2576)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

EulerOS Virtualization 2.13.1 : libxslt (EulerOS-SA-2025-2552)

According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to...

EulerOS Virtualization 2.13.1 : coreutils (EulerOS-SA-2025-2535)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

Moderate: Red Hat Enhancement Advisory: OpenShift Virtualization 4.18.25 Images

Red Hat OpenShift Virtualization release 4.18.25 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced

...

SUSE CVE-2025-68259

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

Moderate: Red Hat Enhancement Advisory: OpenShift Virtualization 4.20.3 Images

Red Hat OpenShift Virtualization release 4.20.3 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

CVE-2025-68259

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

UBUNTU-CVE-2025-68259

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

CVE-2025-68259

Summary: In the Linux kernel’s KVM/SVM path, re-injecting a soft interrupt when replacing INT3/INT0/INTn can lead to decoding a different instruction and thus a wrong next RIP. This can clobber guest state and trigger a guest panic (e.g., Oops: int3) if the RIP lookup uses the incorrect instructi...

CVE-2025-68244

Technical details for CVE-2025-68244 are not publicly available in the provided documents; monitor for updates.

CVE-2025-68244 drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (December 2025)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

Ubuntu 24.04 LTS / 25.04 : Linux kernel (Azure) vulnerabilities (USN-7934-1)

The remote Ubuntu 24.04 LTS / 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7934-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest...

Linux Distros Unpatched Vulnerability : CVE-2025-68259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard t...

PT-2025-51672

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the KVM SVM component. Specifically, when re-injecting a soft interrupt from an INT3 instruction, the system may discard the exception and retry t...

ROS-20251216-7339

A vulnerability in the qemuFwCfgMmioRead function of the Box/Devices/PC/DevQemuFwCfg.cpp component of the Oracle VM VirtualBox virtualization software tool is related to integer overflow. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

USN-7934-1 linux-azure, linux-azure-6.14 vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux...