Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Write-protecting of L2 SPTEs in TDP MMU when clearing dirty status Check kvmmmupageadneedwriteprotect when deciding whether to write-protect or clear D-bits on TDP MMU SPTEs. This ensures that the TDP MMU takes into...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of a vCPU that has already been launched/encrypted. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been...

Astra Linux - уязвимость в qemu

A use-after-free vulnerability was discovered in the virtio-net device of QEMU. This vulnerability can occur when the address of the descriptor belongs to the non-direct access region, due to the numbuffers being set after the virtqueue elem has been unmapped. A malicious guest can exploit this...

Astra Linux - уязвимость в libvirt

A flaw was discovered in the libvirt libxl driver. A malicious guest could continuously reboot itself, causing libvirtd on the host to become locked out or crash, resulting in a denial-of-service condition...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in KVM. When updating a guest’s page table entry, vmpgoff was incorrectly used as the offset to obtain the page’s pfn. Since vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region...

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed double calls to idafree in the hvpciprobe error path. If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, a call to free this domainnr is made via pcibusreleaseemuldomainnr. However, during...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Removed a user-triggered WARN message in nestedsvmloadcr3. The WARN message in svmsetnestedstate in nestedsvmloadcr3 was removed. This is because it is trivially easy for userspace to trigger this message by modifying...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xen/gntdev: Accommodation for VMA splitting Prior to this commit, the gntdev driver code did not handle the following scenario correctly with paravirtualized PV Xen domains: The user process sets up a gntdev mapping consisting of...

Astra Linux - уязвимость в qemu

A flaw was discovered in the implementation of the 9p passthrough filesystem 9pfs in QEMU. The 9pfs server did not prevent the opening of special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Flushing pages under kvm-lock to fix a Use-After-Free error in svmregisterencregion It is necessary to flush the cached pages in svmregisterencregion before releasing kvm-lock to address use-after-free issues. In such...

Astra Linux - уязвимость в open-vm-tools

A malicious actor who has been granted “Guest Operation Privileges” https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias...

Astra Linux - уязвимость в linux-5.10, linux

A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: The existing SPTE is preserved even when creating an MMIO SPTE. When installing an emulated MMIO SPTE, do so after preserving the existing SPTE if it is shadow-present. However, the fix proposed in commit 54aa15c6bd...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Fixed a stack-out-of-bounds memory access from ioapicwriteindirect. KASAN reports the following issue: BUG: In kvmmakevcpusrequestmask+0x174/0x440 kvm, there is a stack-out-of-bounds situation. A read of size 8 at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed the host’s stage-2 PGD refcount issue The KVM page-table library counts the pages of concatenated stage-2 PGs individually. However, when KVM runs in protected mode, the host’s stage-2 PGD is currently managed b...

Astra Linux - уязвимость в linux

A flaw was discovered in the KVM’s AMD code, responsible for supporting SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest, which is used to spawn or handle a nested guest L2. Due to improper validation of the “intct...

Astra Linux - уязвимость в linux, linux-5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV – Lock all vCPUs when synchronizing VMSAs for SNP launches to complete. Lock all vCPUs when synchronizing and encrypting VMSAs for SNP guests. Allowing the user space to manipulate or run a vCPU while its state is being...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix for NULL pointer dereferencing After committing change 45c7e8af4a5e3f0bea4ac209 “MIPS: Remove KVMTE support”, we encountered a NULL pointer dereferencing issue when creating a KVM guest: 146.243409 Starting KVM wit...