SUSE-SU-2025:20419-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer...

[SECURITY] Fedora 41 Update: rust-sev-6.1.0-2.fc41

Library for AMD SEV...

[SECURITY] Fedora 41 Update: libkrun-1.13.0-1.fc41

Dynamic library providing Virtualization-based process isolation capabilities...

[SECURITY] Fedora 42 Update: libkrun-1.13.0-1.fc42

Dynamic library providing Virtualization-based process isolation capabilities...

[SECURITY] Fedora 42 Update: rust-sev-6.1.0-2.fc42

Library for AMD SEV...

On the Impossibility of a Perfect Hypervisor

We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...

CVE-2025-47969 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability

...

CVE-2025-47969 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability

...

CVE-2025-47969

CVE-2025-47969 is a Windows Hello information-disclosure vulnerability. It affects Windows Hello components and enables a local attacker with high privileges to disclose sensitive data via the Windows Hello flow. The CVSS vector indicates Local access, low attack complexity, and high confidential...

IBM AIX和IBM VIOS 安全漏洞

IBM AIX and IBM VIOS are both products of the International Business Machines IBM Corporation.IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture.IBM VIOS is part of the PowerVm® Editions hardware feature. IBM VIOS is part of the PowerVm® Editions...

VulnCheck KEV: CVE-2024-21407

Windows Hyper-V Remote Code Execution Vulnerability...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions CVE-2024-58098 In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs CVE-2024-58100 I...

USN-7560-1 amd64-microcode vulnerability

Josh Eads, Kristoffer Janke, Eduardo Nava, Tavis Ormandy and Matteo Rizzo discovered that AMD Microcode incorrectly verified signatures. An attacker with local administrator privilege could possibly use this issue to cause loss of confidentiality and integrity of a confidential guest running unde...

Advisory ROSA-SA-2025-2893

Software: libtiff 4.0.9 OS: ROSA Virtualization 3.0 packageevrstring: libtiff-4.0.9-34.rv30 CVE-ID: CVE-2017-17095 BDU-ID: 2019-03339 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the LibTIFF library is related to a heap-based buffer overflow in TIFFSetupStrips. Exploitation of the vulnerability...

Advisory ROSA-SA-2025-2888

Software: jose 10 OS: ROSA Virtualization 3.0 packageevrstring: jose-10-2.rv30.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...

Advisory ROSA-SA-2025-2885

Software: expat 2.2.5 OS: ROSA Virtualization 3.0 packageevrstring: expat-2.2.5-17.0.1.rv30 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a stack-based buffer overflow. Exploitation of the vulnerability...

Advisory ROSA-SA-2025-2886

Software: freetype 2.9.1 OS: ROSA Virtualization 3.0 packageevrstring: freetype-2.9.1-10.rv30 CVE-ID: CVE-2025-27363 BDU-ID: 2025-02719 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the FreeType font rasterization library is related to reading beyond buffer boundaries in memory. Exploitation of th...

Advisory ROSA-SA-2025-2884

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2018-25013 BDU-ID: 2021-03103 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libwebp library for WebP image encoding and decoding is related to reading beyond buffer boundaries in...

Advisory ROSA-SA-2025-2878

Software: jose 10 OS: ROSA Virtualization 2.1 packageevrstring: jose-10-2.rv3.3 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource consumption...

The vulnerability of the sev_vcpu_deliver_sipi_vector() function in the arch/x86/kvm/svm/sev.c module of the virtualization subsystem on the Linux kernel-based x86 platform allows a attacker to cause a service failure.

The vulnerability of the sevvcpudeliversipivector function in the arch/x86/kvm/svm/sev.c module of the virtualization subsystem on the Linux kernel-based x86 platform is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...