SUSE CVE-2024-44943

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

Low: Red Hat Security Advisory: OpenShift Virtualization 4.15.5 Images

Red Hat OpenShift Virtualization release 4.15.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

DEBIAN-CVE-2024-44943

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect method being invoked when starting the SEV virtual machine...

The vulnerability of the nested_svm_load_cr3() function in the nSVM component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the nestedsvmloadcr3 function in the nSVM component of the Linux operating system is related to the assignment of NULL during an embedded migration. Exploiting this vulnerability can allow an attacker to cause a service failure...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

SUSE CVE-2022-48943

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvmarchcandequeueasyncpagepresent to determine whether to deliver a READY event to the Guest. This function te...

DEBIAN-CVE-2022-48943

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: make apf token non-zero to fix bug In current async pagefault logic, when a page is ready, KVM relies on kvmarchcandequeueasyncpagepresent to determine whether to deliver a READY event to the Guest. This function te...

UBUNTU-CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

VMware Workstation 17.0.x < 17.5.1 Multiple Vulnerabilities (VMSA-2024-0011)

The version of VMware Workstation installed on the remote host is 17.0.x prior to 17.5.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

PT-2024-32233

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc7-332d2c1d713e-next-vm 552 Description The issue is related to the KVM Kernel-based Virtual Machine component in the Linux kernel. Specifically, it involves the handling of KVM SET VCPU EVENTS, where KVM...

Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2024-2299)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2024-2293)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for device-mapper-multipath (EulerOS-SA-2024-2262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6951-4 linux-bluefield vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

virt-v2v bug fix update

An update is available for virt-v2v. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-v2v package provides a tool for converting virtual machines to use...

CVE-2022-48895

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Don't unregister on shutdown Michael Walle says he noticed the following stack trace while performing a shutdown with "reboot -f". He suggests he got "lucky" and just hit the correct spot for the reboot while ther...

UBUNTU-CVE-2024-43874

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix null pointer dereference in sevsnpshutdownlocked Fix a null pointer dereference induced by DEBUGTESTDRIVERREMOVE. Return from sevsnpshutdownlocked if the pspdevice or the sevdevice structs are not initialized...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

EulerOS Virtualization 2.11.0 : openssh (EulerOS-SA-2024-2184)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A signal handler race condition was found in OpenSSH's server sshd, where a client does not authenticate within LoginGraceTime...