CVE-2024-21545

Summary of CVE-2024-21545 (Proxmox VE) : A defect in Proxmox Virtual Environment allows an authenticated user with ‘Sys.Audit’ or ‘VM.Monitor’ privileges to read arbitrary host files via the API by leveraging the handle_api2_request logic that reads a local file when a malicious download object i...

Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update

An update for the virt:rhel and virt-devel:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown

A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption...

ALSA-2024:6964 Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

RHSA-2018:3470 Red Hat Security Advisory: Red Hat Virtualization security and bug fix update

Bulletin has no description...

Oracle VirtualBox: Multiple Vulnerabilities

Background VirtualBox is a powerful virtualization product from Oracle. Description Multiple vulnerabilities have been discovered in Oracle VirtualBox. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There...

RHSA-2020:1308 Red Hat Security Advisory: Red Hat Virtualization Engine security, bug fix 4.3.9

Bulletin has no description...

UBUNTU-CVE-2024-46794

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmioread The mmioread function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. Sean noticed that mmioread unintentionally exposes the value of an initialized variable val on the stack...

RHSA-2020:3807 Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2021:4103 Red Hat Security Advisory: OpenShift Virtualization 4.9.0 RPMs security and bug fix update

Bulletin has no description...

RHSA-2018:2321 Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2018:2079 Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

Bulletin has no description...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Forklift Controller component of the Red Hat Migration Toolkit for Virtualization allows a attacker to exploit the protected information.

The vulnerability of the Forklift Controller component in the Red Hat Migration Toolkit for Virtualization stems from deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise protected information...

Security Bulletin: This Power System update is being released to address CVE-2023-45871

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-45871, by upgrading PowerVM and thus addressing the exposure ...

Security Bulletin: This Power System update is being released to address CVE-2023-1206

Summary The Linux kernel is used by the Virtualization Management Interface in PowerVM to support network communication with the Hardware Management Console. This bulletin provides a remediation for the impacted vulnerability, CVE-2023-1206, by upgrading PowerVM and thus addressing the exposure t...

SUSE CVE-2024-46707

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the ICCSGIEL1 registers is...

RHSA-2022:1053 Red Hat Security Advisory: Red Hat Virtualization Host security and enhancement update [ovirt-4.4.10] Async #2

Bulletin has no description...

libvirt bug fix and enhancement update

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM offers a full virtualization solution forLin...

rhel bug fix and enhancement update

An update is available for libnbd, qemu-kvm, module.libvirt-python, module.swtpm, module.supermin, libvirt, module.qemu-kvm, module.sgabios, module.nbdkit, swtpm, libtpms, libguestfs, seabios, sgabios, module.libguestfs-winsupport, module.libguestfs, netcf, module.perl-Sys-Virt, module.virt-v2v,...