12996 matches found
UBUNTU-CVE-2024-53196
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Don't retire aborted MMIO instruction Returning an abort to the guest for an unsupported MMIO access is a documented feature of the KVM UAPI. Nevertheless, it's clear that this plumbing has seen limited testing, since...
Vulnerabilities of components such as drivers, virt, and acrn in the Linux operating system, which allow attackers to increase their privileges within the system
The vulnerability of components like drivers/virt/acrn in the Linux operating system is related to errors that occur after the release of functions acrnvmmemsegunmap and acrnvmRamMap. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
SUSE SLES15 / openSUSE 15 Security Update : vhostmd (SUSE-SU-2024:4416-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4416-1 advisory. Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change...
DEBIAN-CVE-2024-53241
In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...
SUSE-SU-2024:4416-1 Security update for vhostmd
This update for vhostmd fixes the following issues: Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change actions to retrieve vendor and product info - Add a 'unit' attribute to the metrics element - vif-stats.py: convert to...
Security Bulletin: This Power System update is being released to address CVE-2023-52881
Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-52881, by upgrading PowerVM and thus addressing the exposure ...
vdo bug fix update
An update is available for vdo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The vdo packages provide Virtual Data Optimizer VDO, which is a block...
kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of...
kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown
A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption...
kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown
A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption...
kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown
A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption...
CISCO-SA-20190807-NFV
creationtimestamp| type| source ---|---|--- 2024-12-17 09:00:35+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113667342676998555 2024-12-17 09:00:37+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113667342840112322...
The vulnerability of the trusted execution environment of the Virtualization-Based Security (VBS) Enclave in Microsoft Windows operating systems allows attackers to enhance their privileges.
The vulnerability of the trusted execution environment for the Virtualization-Based Security VBS Enclave in Microsoft Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
OESA-2024-2550 linux-firmware security update
This package contains firmware images required by some devices. Security Fixes: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in...
OESA-2024-2549 linux-firmware security update
This package contains firmware images required by some devices. Security Fixes: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in...
KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
...
CVE-2024-49076
Windows Virtualization-Based Security VBS Enclave Elevation of Privilege Vulnerability...
CVE-2024-49076
Windows Virtualization-Based Security VBS Enclave Elevation of Privilege Vulnerability...
The vulnerability of the Windows Hyper-V hardware virtualization system, related to the return of an incorrect code state, allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to the return of an incorrect code state. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
...