13008 matches found
[SECURITY] Fedora 39 Update: libvirt-9.7.0-3.fc39
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...
kernel: KVM: nVMX: missing consistency checks for CR0 and CR4
A flaw was found in the KVM's Intel nested virtualization feature nVMX. The effective values of the guest CR0 and CR4 registers could differ from those included in the VMCS12. In rare circumstances i.e., kvmintel module loaded with parameters nested=1 and ept=0 this could allow a malicious guest ...
kernel: KVM: x86/mmu: race condition in direct_page_fault()
A flaw was found in the Linux kernel in the KVM. A race condition in directpagefault allows guest OS users to cause a denial of service host OS crash or host OS memory corruption when nested virtualization and the TDP MMU are enabled...
Advisory ROSA-SA-2024-2375
Software: resteasy 3.0.26 OS: ROSA Virtualization 2.1 packageevrstring: resteasy-c-3.0.26-6.0.1.rv3 CVE-ID: CVE-2020-10688 BDU-ID: 2024-01096 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RESTEasy software tool is related to the failure to take measures to protect the structure of a web page...
USN-6699-1 linux vulnerabilities
Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service guest crash. CVE-2023-30456 It was discovered that the...
UBUNTU-CVE-2021-47112
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Teardown PV features on boot CPU as well Various PV features Async PF, PV EOI, steal time work through memory shared with hypervisor and when we restore from hibernation we must properly teardown all these features to ma...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the x86/kvm module...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an error in the x86/kvm module...
The vulnerability of the Windows Hyper-V hardware virtualization system allows a attacker to trigger a service failure.
The vulnerability of the Windows Hyper-V hardware virtualization system is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
Microsoft Windows Hyper-V Remote Code Execution Vulnerability (CNVD-2024-19327)
Microsoft Windows Hyper-V is a tool from Microsoft USA that provides hardware virtualization. A remote code execution vulnerability exists in Microsoft Windows Hyper-V, which is caused by a flaw in the Hyper-V component. An attacker could exploit this vulnerability to execute arbitrary code on th...
EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-1368)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process ...
EulerOS Virtualization 2.10.1 : libXpm (EulerOS-SA-2024-1364)
According to the versions of the libXpm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows ...
EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2024-1393)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in...
EulerOS Virtualization 2.10.0 : shim (EulerOS-SA-2024-1392)
According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow...
EulerOS Virtualization 2.10.1 : samba (EulerOS-SA-2024-1370)
According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when...
EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2024-1363)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...
EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2024-1366)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very...
EulerOS Virtualization 2.10.0 : python-configobj (EulerOS-SA-2024-1388)
According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate...
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2024-1372)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in...
EulerOS Virtualization 2.10.1 : binutils (EulerOS-SA-2024-1354)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Binutils. The use of an uninitialized field in the struct module module may lead to application crash and...