EulerOS Virtualization 3.0.6.0 : systemd (EulerOS-SA-2024-2066)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains ev...

EulerOS Virtualization 3.0.6.0 : python-jinja2 (EulerOS-SA-2024-2065)

According to the versions of the python-jinja2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. ...

EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2024-2064)

According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component ncwrapentry.CVE-2023-50495 Tenable has...

kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered...

kernel: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()

A security vulnerability was identified in the Linux kernel's Kernel-based Virtual Machine subsystem KVM, specifically affecting the Secure Virtual Machine SVM feature used on AMD processors. The issue arises from a use-after-free condition in the svmregisterencregion function, which can lead to...

kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up There are cases after NPIV deletion where the fabric switch still believes the NPIV is logged into the fabric. This occurs when a vport is unregistered...

Moderate: Red Hat Security Advisory: libvirt security update

An update for libvirt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

kernel: KVM: s390: vsie: fix race during shadow creation

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap-private being zero in kvms390vsiegmapnotifier resulting in a crash. This is due to the fact that we add gmap-private == kvm after creation:...

Important: Red Hat Security Advisory: Advanced Virtualization 8.2.1z security update

The updated Advanced Virtualization module is now available for Red Hat Enterprise Linux 8.2.1 Advanced Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: virt:av and virt-devel:av security update

An update for the virt:av and virt-devel:av modules is now available for Advanced Virtualization for RHEL 8.4.0.EUS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Advisory ROSA-SA-2024-2457

Software: snappy 1.1.8 OS: ROSA Virtualization 2.1 packageevrstring: snappy-1.1.8 CVE-ID: CVE-2023-28115 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the generateFromHtml function of the PHP Snappy library involves the recovery of invalid data from memory. Exploitation of the...

Advisory ROSA-SA-2024-2456

Software: selinux-policy 3.14.3 OS: ROSA Virtualization 2.1 packageevrstring: selinux-policy-3.14.3 CVE-ID: CVE-2020-24612 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A problem was detected in the selinux-policy package because the .config/Yubico directory is not handled correctly. Consequently, whe...

The vulnerability of the SEV-SNP and SEV-ES security mechanisms in Linux operating systems allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the SEV-SNP and SEV-ES protection mechanisms in Linux operating systems is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and...

RHEL 8 : Advanced Virtualization 8.2.1z (RHSA-2024:4727)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4727 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat...

Moderate: libvirt security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

CLSA-2024-1721660263 Fix of 96 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-35902 - net/rds: fix possible cp null dereference CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

The vulnerability of the SEV-SNP and SEV-ES mechanisms in Linux operating systems allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the SEV-SNP and SEV-ES mechanisms in Linux operating systems stems from incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability allows an attacker to compromise the confidentiality and integrity of the...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2017)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1999)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...