Design High-Confidence Computers Using Trusted Instructional Set Architecture and Emulators

High-confidence computing relies on trusted instructional set architecture, sealed kernels, and secure operating systems. Cloud computing depends on trusted systems for virtualization tasks. Branch predictions and pipelines are essential in improving performance of a CPU/GPU. But Spectre and...

The vulnerability of the __kvm_vgic_vcpudestroy() function in the kernel of the Linux operating system’s arch/arm64/kvm/vgic/vgic-init.c file allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmvgicvcpuDestroy function in the kernel of the Linux operating system’s arch/arm64/kvm/vgic/vgic-init.c module is related to the re-use of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

Security Bulletin: Multiple vulnerabilities affect IBM Data Virtualization on Cloud Pak for Data (June 2025)

Summary Multiple vulnerabilities have been addressed in IBM Data Virtualization on Cloud Pak for Data. Note that IBM Data Virtualization was named Watson Query in IBM Cloud Pak for Data version 4.6, 4.7, and 4.8. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists a security...

The vulnerability of the kvm_arch_vcpu_ioctl() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the kvmarchvcpuioctl function in the arch/x86/kvm/x86.c module of the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

GodFather Android Malware Runs Real Apps in a Sandbox to Steal Data

Zimperium zLabs reveals GodFather malware’s advanced virtualization that hijacks mobile banking and crypto apps. Learn how it steals data on your phone...

CVE-2022-50227

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvmxeninittimer is called on every KVMXENVCPUATTRTYPETIMER, which is causing the following ODEBUG crash whe...

UBUNTU-CVE-2022-50224

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT Treat the NX bit as valid when using NPT, as KVM will set the NX bit when the NX huge page mitigation is enabled mindblowing and trigger the WARN that fires on reserved SPTE bits...

UBUNTU-CVE-2022-50226

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal to SEVFWBLOBMAXSIZE, but larger than the data that PSP firmware return...

CVE-2022-50041 ice: Fix call trace with null VSI during VF reset

In the Linux kernel, the following vulnerability has been resolved: ice: Fix call trace with null VSI during VF reset During stress test with attaching and detaching VF from KVM and simultaneously changing VFs spoofcheck and trust there was a call trace in iceresetvf that VF's VSI is null...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. It simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from a parameter injection vulnerability in file upload processing tha...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. that simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from an improper implementation of two-factor authentication, which...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. that simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from the default exposure of the websockify service, which could lea...

Versa Director 安全漏洞

Versa Director is a virtualization and service creation platform from Versa USA. that simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from abuse of the Webhook feature and could lead to elevation of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from KVM x86 xen initializing timers multiple times, which could lead to debugging object conflicts...

CLSA-2025-1750175787 kernel: Fix of 4 CVEs

media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit CVE-2022-49478 - x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - cifs: fix potential double free during failed mount CVE-2022-49541 - drm/amd/pm: fix double free in siparsepowertable CVE-2022-49530...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization bsc1230581...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect bsc122459...

Astra Linux – Vulnerability in amd64-microcode

Improper signature verification in the AMD CPU ROM microcode patch loader may allow an attacker with local administrator privileges to load malicious CPU microcode, resulting in a loss of confidentiality and integrity for confidential guests running under AMD SEV-SNP...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with the guest value only before entering the .vcpurun loop. Move the conditional loading of hardware DR6 with the guest’s DR6 value out of the core .vcpurun loop to fix a bug where KVM may load hardware with a...

SUSE-SU-2025:20408-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...