CVE-2025-27077

Memory corruption while processing message in guest VM...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.12.20 Images

Red Hat OpenShift Virtualization release 4.12.20 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...

SUSE-SU-2025:03301-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. - CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points bsc1232089. -...

September 22, 2025—KB5068221 (OS Build 26100.6588) Out-of-band

September 22, 2025—KB5068221 OS Build 26100.6588 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business...

Build Numbers and Versions of Veeam Plug-in for Scale Computing HyperCore

This KB article lists all versions of the Veeam Plug-in for Scale Computing HyperCore and their respective worker build numbers. Version | Plug-In / Worker Build | Release Date ---|---|--- Veeam Plug-in for Scale Computing HyperCore 3 Releases Veeam Plug-in for Scale Computing HyperCore 3.1...

Huawei EulerOS: Security Advisory for iputils (EulerOS-SA-2025-2167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2023-53319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no...

Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2025-2187)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-53319

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

DEBIAN-CVE-2023-53319

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

CVE-2023-53319

CVE-2023-53319 (Linux kernel, KVM arm64) : The issue arises from a race between finalize_pkvm() and kvm_arm_init() initcalls, where finalize_pkvm() proceeds even if kvm_arm_init() fails, causing warnings and a potential HYP panic. The connected Astra/SUSE OSV entries confirm this vulnerability in...

CVE-2023-53319 KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvmarminit failure correctly in finalizepkvm Currently there is no synchronisation between finalizepkvm and kvmarminit initcalls. The finalizepkvm proceeds happily even if kvmarminit fails resulting in the...

CVE-2025-39823

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks clamps these values to mitigate speculative execution side-channels...

DEBIAN-CVE-2025-39823

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks clamps these values to mitigate speculative execution side-channels...

CVE-2025-39823

CVE-2025-39823 is a Linux kernel KVM/CPU virtualization vulnerability affecting x86 where indices from the guest (min, dest_id) were used with array_index_nospec after bounds checks. The issue enables speculative execution side-channel leakage affecting confidentiality, integrity, and availabilit...

CVE-2025-39815 RISC-V: KVM: fix stack overrun when loading vlenb

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...

[SECURITY] Fedora 43 Update: qemu-10.1.0-6.fc43

qemu is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu acts as a virtual machine monitor together with the KVM kernel modules, and emulates the hardware for a full system such as a PC and its associated peripherals...

PT-2025-37878

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The relid2channel function within the vmbus driver makes an assumption about the allocation of the vmbus channel array. Specifically, it assumes the array is allocated when called...

EulerOS Virtualization 2.13.0 : perl (EulerOS-SA-2025-2181)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including...

EulerOS Virtualization 2.13.0 : ppp (EulerOS-SA-2025-2186)

According to the versions of the ppp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description...