Lucene search
K

13008 matches found

SUSE CVE
SUSE CVE
added 2024/04/05 2:22 a.m.1 views

SUSE CVE-2023-52639

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap-private being zero in kvms390vsiegmapnotifier resulting in a crash. This is due to the fact that we add gmap-private == kvm after creation:...

5.5CVSS6.2AI score0.00175EPSS
Exploits0References15
OSV
OSV
added 2024/04/03 3:15 p.m.9 views

DEBIAN-CVE-2024-26691

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

5.5CVSS6AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 3:15 p.m.1 views

UBUNTU-CVE-2023-52639

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap-private being zero in kvms390vsiegmapnotifier resulting in a crash. This is due to the fact that we add gmap-private == kvm after creation:...

4.7CVSS6.1AI score0.00175EPSS
Exploits0References24
OSV
OSV
added 2024/04/03 2:54 p.m.5 views

CVE-2024-26691 KVM: arm64: Fix circular locking dependency

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu-mutex is taken inside kvm-lock. The rule is violated by the pkvmcreatehypvm which acquires the kvm-lock while already holding the vcpu-mutex...

5.5CVSS6AI score0.00183EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/03 2:0 p.m.20 views

CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics

An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...

4.3CVSS4.6AI score0.00397EPSS
Exploits0References2
CVE
CVE
added 2024/04/03 2:0 p.m.91 views

CVE-2024-31419

CVE-2024-31419 describes an information disclosure in OpenShift Virtualization where the DownwardMetrics feature, enabled by default, exposes limited host metrics of a node to any VM guest across namespaces. The root cause is the inadvertent exposure through DownwardMetrics by default, leading to...

4.3CVSS4.3AI score0.00397EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/03 2:0 p.m.10 views

CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics

An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...

4.3CVSS4.4AI score0.00397EPSS
Exploits0References2
OSV
OSV
added 2024/04/03 11:7 a.m.5 views

OESA-2024-1357 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not...

7.8CVSS7.7AI score0.00585EPSS
Exploits0References10
OSV
OSV
added 2024/04/03 11:7 a.m.3 views

OESA-2024-1353 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Don't advance iterator after restart due to yielding After dropping mmulock in the TDP MMU, restart the iterator during tdpiternext and do not...

7.8CVSS7.4AI score0.00283EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.6 views

Red Hat OpenShift Virtualization 安全漏洞

Red Hat OpenShift Virtualization is a component of Red Hat, Inc. that allows running virtual machines VMs on OpenShift and integrating containers and virtualized resources on the same platform. A security vulnerability exists in Red Hat OpenShift Virtualization that stems from the presence of an...

4.3CVSS4.8AI score0.00397EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.3 views

KubeVirt 代码问题漏洞

Kubevirt is a virtual machine manager. A code issue vulnerability exists in KubeVirt that stems from a null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service DOS...

6.5CVSS6.3AI score0.00639EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.6 views

PT-2024-24059 · Red Hat · Openshift Virtualization

Name of the Vulnerable Software and Affected Versions: OpenShift Virtualization affected versions not specified Description: An information disclosure flaw was found in OpenShift Virtualization, related to the DownwardMetrics feature, which exposes host metrics to virtual machine guests and is...

4.3CVSS6.7AI score0.00397EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2024/04/02 7:3 a.m.20 views

Advisory ROSA-SA-2024-2387

Software: slapi-nis 0.56.6 OS: ROSA Virtualization 2.1 packageevrstring: slapi-nis-0.56.6-2.rv3 CVE-ID: CVE-2021-3480 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Dereferencing a null pointer during DN binding analysis could allow an unauthenticated attacker to cause the 389-ds-base directory server to...

7.5CVSS7AI score0.01701EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/04/02 7:1 a.m.27 views

Advisory ROSA-SA-2024-2386

Software: samba 4.12.3 OS: ROSA Virtualization 2.1 packageevrstring: samba-4.12.3-12.0.1.rv3.3.x8664.rpm CVE-ID: CVE-2020-10745 BDU-ID: 2021-01741 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Samba networking software package is associated with uncontrolled resource consumption. Exploitation ...

7.8CVSS6.9AI score0.03874EPSS
Exploits0
Fedora
Fedora
added 2024/03/28 1:43 a.m.35 views

[SECURITY] Fedora 38 Update: libvirt-9.0.0-5.fc38

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

5.5CVSS6.8AI score0.00398EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/03/26 11:41 a.m.29 views

Advisory ROSA-SA-2024-2381

Software: rsyslog 8.1911.0 OS: ROSA Virtualization 2.1 packageevrstring: rsyslog-8.1911.0-6.0.1.rv3 CVE-ID: CVE-2022-24903 BDU-ID: 2022-04363 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the TCP modules of the Rsyslog log processing software utility is related to writing beyond buffer boundaries ...

8.1CVSS7.6AI score0.03821EPSS
Exploits0
Rosalinux
Rosalinux
added 2024/03/26 11:28 a.m.26 views

Advisory ROSA-SA-2024-2380

Software: rpm 4.14.3 OS: ROSA Virtualization 2.1 packageevrstring: rpm-4.14.3-26.rv3 CVE-ID: CVE-2021-3521 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is a flaw in RPM's proprietary functionality. OpenPGP connections are bound to the primary key via a "binding signature". RPM does not verify t...

4.7CVSS6.7AI score0.00302EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.19 views

EulerOS Virtualization 2.11.1 : python-cryptography (EulerOS-SA-2024-1419)

According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling...

7.5CVSS6.2AI score0.00985EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.36 views

EulerOS Virtualization 2.11.0 : shim (EulerOS-SA-2024-1449)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it trie...

6.2CVSS6.8AI score0.04459EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.31 views

EulerOS Virtualization 2.11.0 : libXpm (EulerOS-SA-2024-1432)

According to the versions of the libXpm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows ...

5.5CVSS6.2AI score0.00365EPSS
Exploits0References3
Rows per page
Query Builder