Linux Distros Unpatched Vulnerability : CVE-2013-2152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization RHEV 3.2, allows local users to gain privileges vi...

Linux Distros Unpatched Vulnerability : CVE-2016-5432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ovirt-engine-provisiondb utility in Red Hat Enterprise Virtualization RHEV Engine 4.0 allows local users to obtain sensitive database provisioning informati...

Linux Distros Unpatched Vulnerability : CVE-2014-8170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovirtsafedeleteconfig in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 d...

Advisory ROSA-SA-2025-2755

Software: pam 1.3.1 OS: ROSA Virtualization 2.1 packageevrstring: pam-1.3.1-36.rv3 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

Advisory ROSA-SA-2025-2742

Software: postgresql 13.16 OS: ROSA Virtualization 3.0 packageevrstring: postgresql-13.16-1.rv30 CVE-ID: CVE-2024-7348 BDU-ID: 2024-06153 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pgdump utility of the PostgreSQL database management system is related to null pointer dereferencing due to...

Advisory ROSA-SA-2025-2738

Software: libndp 1.7 OS: ROSA Virtualization 3.0 packageevrstring: libndp-1.7-7.rv30 CVE-ID: CVE-2024-5564 BDU-ID: 2024-04337 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the libndp library is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could...

Advisory ROSA-SA-2025-2741

Software: orc 0.4.28 OS: ROSA Virtualization 3.0 packageevrstring: orc-0.4.28-4.rv30 CVE-ID: CVE-2024-40897 BDU-ID: 2024-06669 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the orcparse.c file of the library for compiling and executing programs that operate on GStreamer ORC data arrays is relate...

Advisory ROSA-SA-2025-2736

Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 packageevrstring: ghostscript-9.27-13.0.1.rv30 CVE-ID: CVE-2024-33871 BDU-ID: 2024-05064 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability exists in the contrib/opvp/gdevopvp.c component of the Ghostscript processing, conversion, and document...

Advisory ROSA-SA-2025-2732

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 packageevrstring: pam-1.3.1-36.0.1.rv30 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

Advisory ROSA-SA-2025-2730

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-12.0.2.rv30 CVE-ID: CVE-2024-0727 BDU-ID: 2024-01337 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes, and PKCS12newpass functions ...

Advisory ROSA-SA-2025-2726

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1.rv30.2 CVE-ID: CVE-2022-49043 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Use-after-free vulnerability in libxml2. CVE-STATUS: Vulnerability has been resolved. CVE-REV: To close the vulnerability, run the comman...

Advisory ROSA-SA-2025-2722

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 packageevrstring: curl-7.61.1-34.0.2.rv30.2 CVE-ID: CVE-2023-28322 BDU-ID: 2023-02895 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libcurl library is related to errors in sending POST and PUT HTTP requests using the same descriptor. Exploitati...

DEBIAN-CVE-2025-21779

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI hypercalls if local APIC isn't in-kernel Advertise support for Hyper-V's SENDIPI and SENDIPIEX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said...

SUSE CVE-2022-49557

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI size of KVM's guest FPU to 'struct kvmxsave', i.e. to KVM's historical uABI size. When saving FPU state for usersapce, KVM well, now th...

SUSE CVE-2022-49559

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a triple fault for L2 escape and incorrectly end up in L1. In normal operation, the sanity check is...

SUSE CVE-2022-49568

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...

SUSE CVE-2022-49626

In the Linux kernel, the following vulnerability has been resolved: sfc: fix use after free when disabling sriov Use after free is detected by kfence when disabling sriov. What was read after being freed was vf-pcidev: it was freed from pcidisablesriov and later read in efxef10sriovfreevfvports,...

PT-2025-9009 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, specifically in the xen hypercall hvm function used when running as a Xen PVH guest. This function clobbers the %rbx register,...

PT-2025-8923 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A vulnerability has been discovered in Windows Virtualization-Based Security. The issue was disclosed on 2025-02-25 and a patch was released in February 2025 Patch Tuesday. It was discovere...

USN-7304-1 linux-gcp, linux-gke, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...