The vulnerability of the Secure Encrypted Virtualization (SEV) technology of AMD’s microprogramming processor allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Secure Encrypted Virtualization SEV technology of AMD microprocessors lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX Series routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. "The backdoors had varying...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.15.9 Images

Red Hat OpenShift Virtualization release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033. CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization guest/host mode behind...

Microsoft Hyper-V 安全漏洞

Microsoft Hyper-V is an application from Microsoft USA. A system hypervisor virtualization technology that enables desktop virtualization. A security vulnerability exists in Microsoft Hyper-V. An attacker exploiting the vulnerability can elevate privileges. The following products and versions are...

Advisory ROSA-SA-2025-2773

Software: zabbix 6.0.34 OS: ROSA Virtualization 3.0 packageevrstring: zabbix-6.0.34-2.rv30 CVE-ID: CVE-2024-22114 BDU-ID: 2025-00959 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Zabbix Universal Monitoring System is related to improper saving of permissions. Exploitation of the vulnerabilit...

Advisory ROSA-SA-2025-2766

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 packageevrstring: rsync-3.1.3-20.rv30 CVE-ID: CVE-2024-12085 BDU-ID: 2025-00376 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding buffer...

SUSE CVE-2025-21839

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

DEBIAN-CVE-2025-21839

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

UBUNTU-CVE-2025-21839

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in Python.

Summary IBM Virtualization Engine TS7700 is susceptible to four denial-of-service conditions due to the use of Python CVE-2024-7592, CVE-2024-8088, CVE-2024-0450, CVE-2024-6232, one elevation of privilege CVE-2024-6345, two tampering CVE-2024-4032, CVE-2024-6923, one information disclosure...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to Spoofing due to IBM WebSphere Application Server Liberty (CVE-2023-50314).

Summary IBM Virtualization Engine TS7700 is susceptible to spoofing due to IBM WebSphere Application Server Liberty vulnerability CVE-2023-50314. TS7700 uses IBM WebSphere Application Server Liberty to provide the management interface. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM...

Linux Distros Unpatched Vulnerability : CVE-2024-50075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are...

Linux Distros Unpatched Vulnerability : CVE-2022-0171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel b...

Linux Distros Unpatched Vulnerability : CVE-2023-4155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a doubl...

Linux Distros Unpatched Vulnerability : CVE-2022-48763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVMSETVCPUEVENT...

Linux Distros Unpatched Vulnerability : CVE-2013-2144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat Enterprise Virtualization Manager RHEVM before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2015-5293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when boot protocol is set to None, which might allow...

Linux Distros Unpatched Vulnerability : CVE-2015-5201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor aka RHEV-H 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red H...

Linux Distros Unpatched Vulnerability : CVE-2013-2151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization RHEV 3 and 3.2 allows local users to gain privileges via a crafted application i...