Lucene search
K

13007 matches found

OSV
OSV
added 2024/06/15 12:0 a.m.14 views

OPENSUSE-SU-2024:13257-1 xen-4.17.2_04-1.1 on GA media

These are all security issues fixed in the xen-4.17.204-1.1 package on the GA media of openSUSE Tumbleweed...

7.8CVSS7AI score0.12405EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/06/14 2:0 p.m.21 views

qemu-kvm bug fix update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...

7.3AI score
Exploits0
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.20 views

virt:rhel and virt-devel:rhel security update

An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...

6.2CVSS6.8AI score0.00364EPSS
Exploits0
OSV
OSV
added 2024/06/14 1:59 p.m.33 views

RLSA-2024:2962 Moderate: virt:rhel and virt-devel:rhel security and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

7CVSS6.9AI score0.01405EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.27 views

virt:rhel and virt-devel:rhel security and enhancement update

An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...

7CVSS7.4AI score0.01405EPSS
Exploits0
OSV
OSV
added 2024/06/13 10:15 p.m.4 views

CVE-2024-0086

NVIDIA vGPU software for Linux contains a vulnerability where the software can dereference a NULL pointer. A successful exploit of this vulnerability might lead to denial of service and undefined behavior in the vGPU plugin...

5.5CVSS5.8AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.3 views

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

5.5CVSS6.7AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.4 views

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

5.5CVSS6.6AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.2 views

NVIDIA vGPU Software Security Vulnerability

NVIDIA vGPU Software is a management software from NVIDIA, USA, used to provide GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. A security vulnerabili...

7.8CVSS6.5AI score0.00229EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/06/12 2:50 a.m.7 views

kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability

A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...

5.6CVSS6.8AI score0.00158EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/06/12 1:43 a.m.5 views

kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...

6CVSS6.8AI score0.00234EPSS
Exploits0References4
Amazon
Amazon
added 2024/06/12 12:0 a.m.6 views

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when...

7.8CVSS6.3AI score0.0047EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/06/11 5:33 p.m.4 views

hw: amd: Instruction raise #VC exception at exit

A vulnerability was found in AMD SEV-SNP, where a malicious hypervisor can potentially break confidentiality and integrity of SEV-SNP on Linux guests by injecting interrupts. An attacker can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the...

6.5CVSS6.8AI score0.0018EPSS
Exploits0References6
Fedora
Fedora
added 2024/06/11 1:51 a.m.11 views

[SECURITY] Fedora 40 Update: libvirt-10.1.0-2.fc40

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

6.2CVSS6.8AI score0.00486EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/06/11 12:0 a.m.17 views

Fedora: Security Advisory (FEDORA-2024-ee96e0c470)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.8AI score0.00486EPSS
Exploits0References5
Redos
Redos
added 2024/06/07 12:0 a.m.41 views

ROS-20240607-04

Vulnerability of the virNetClientIOEventLoop method of the Libvirt virtualization management library is related to incorrect execution of the data pointer to the structure virNetClientIOEventLoop in the virNetClientIOEventLoop method virNetClientIOIOEventData. Exploitation of the vulnerability...

6.2CVSS6.7AI score0.00486EPSS
Exploits0
CNVD
CNVD
added 2024/06/05 12:0 a.m.4 views

Zoom Workplace VDI App for Windows Elevation of Privilege Vulnerability

Zoom Workplace VDI App for Windows is a client application designed for virtualized desktop environments such as Windows 365 Cloud PCs, supporting virtualization platforms such as Azure Virtual Desktop. An elevation of privilege vulnerability exists in the Zoom Workplace VDI App for Windows, whic...

7.8CVSS7.2AI score0.001EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/06/04 1:12 p.m.4 views

SUSE CVE-2020-12966

AMD EPYCtm Processors contain an information disclosure vulnerability in the Secure Encrypted Virtualization with Encrypted State SEV-ES and Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. A local authenticated attacker could potentially exploit this vulnerability leading to...

5.5CVSS4.9AI score0.00313EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/06/04 2:25 a.m.1 views

SUSE CVE-2024-36953

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgicv2parseattr vgicv2parseattr is responsible for finding the vCPU that matches the user-provided CPUID, which of course may not be valid. If the ID is invalid, kvmgetvcpubyid...

4.7CVSS6.4AI score0.00231EPSS
Exploits0References15
Rosalinux
Rosalinux
added 2024/06/03 9:0 a.m.24 views

Advisory ROSA-SA-2024-2430

Software: libvirt 6.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libvirt-6.0.0-28.module+el8.3.0+7827+5e65edd7.src.rpm CVE-ID: CVE-2021-3631 BDU-ID: 2024-02428 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libvirt virtualization management library is related to the creation of SELinux M...

6.5CVSS6.5AI score0.01217EPSS
Exploits1
Rows per page
Query Builder