13009 matches found
UBUNTU-CVE-2023-53208
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208
CVE-2023-53208 : Linux kernel KVM nested virtualization flaw where L1’s TSC multiplier is loaded based on L1 state instead of L2, causing a mismatch that userspace can trigger via MSR writes and guest CPUID changes. The fix ensures L1’s multiplier is loaded when exiting nested VM, preventing the ...
PT-2025-37496
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was identified in the qlcnic sriov init function within the qlcnic driver. If virtual port vp allocation fails during initialization, previously allocated virtual ports a...
CVE-2025-36035
IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would disclose memory contents or consume excessive memory...
CVE-2025-36035 IBM PowerVM Hypervisor denial of service
IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would disclose memory contents or consume excessive memory...
CLSA-2025-1757699693 kernel-uek: Fix of 16 CVEs
Bluetooth: afbluetooth: Fix Use-After-Free in btsockrecvmsg CVE-2024-21803 - net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - netfilter: validate user input for expected length CVE-2024-35896 - drm/amd/display: Fix out-of-bounds access in 'dcn21linkencodercreate'...
CLSA-2025-1757698145 kernel: Fix of 42 CVEs
x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 - aio: mark AIO pseudo-fs noexec CVE-2016-10044 - cifs:...
GHSA-52X7-WCQQ-WFJP vulnerabilities
Vulnerabilities for packages: linux-gcp-generic, linux-qemu-rc, linux-azure, linux-vmware-generic, linux-gcp, linux-aws-generic, linux-qemu-generic, linux-vmware, linux-qemu, linux-azure-generic, linux-aws...
DEBIAN-CVE-2025-58142
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
CISA Releases Eleven Industrial Control Systems Advisories
CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. Xen has a security vulnerability that can be exploited by...
RHSA-2020:4058 Red Hat Security Advisory: virt:rhel security update
Bulletin has no description...
RHSA-2020:3040 Red Hat Security Advisory: virt:rhel security update
Bulletin has no description...
RHSA-2020:1344 Red Hat Security Advisory: virt:rhel security update
Bulletin has no description...
PT-2025-37070
Name of the Vulnerable Software and Affected Versions: Dell PowerProtect Data Manager versions 19.19 and 19.20 Description: Dell PowerProtect Data Manager, running on Hyper-V, contains an Incorrect Default Permissions issue. A low-privileged attacker with local access could potentially exploit th...
Mutiple vulnerabilities in the Viridian interface
ISSUE DESCRIPTION There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference TSC area. This is CVE-2025-27466. 2. A NULL pointer dereference by assuming the SIM page is mapped when a...
Advisory ROSA-SA-2025-2967
Software: avahi 0.7 OS: ROSA Virtualization 2.1 unaffected versions = avahi-0.7-27.0.2.rv3.1 affected versions avahi-0.7-27.0.2.2.rv3.1 CVE-ID: CVE-2018-1000845 BDU-ID: 2019-00693 CVE-Crit: CRITICAL. CVE-DESC: Duplicate CVE-2017-6519 CVE-STATUS: The vulnerability has been resolved CVE-REV: To clo...
CVE-2025-40804
A vulnerability has been identified in SIMATIC Virtualization as a Service SIVaaS All versions. The affected application exposes a network share without any authentication. This could allow an attacker to access or alter sensitive data without proper authorization...