CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

CVE•added 2026/05/27 12:56 p.m.•10 views

CVE-2026-46032

CVE-2026-46032 concerns the Linux kernel KVM/nSVM path. When restoring host CR3 fails during a nested #VMEXIT, nested_svm_vmexit() returns an error code that can be ignored, allowing L1 to run with corrupted state. The documented mitigation is to inject a triple fault and avoid returning early fr...

6AI score0.00025EPSS

Exploits0References2

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43899

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if restore host CR3 fails on nested VMEXIT If loading L1's CR3 fails on a nested VMEXIT, nested svm vmexit returns an error code that is ignored by most callers, and continues to run L1 with corrupted stat...

6AI score0.00025EPSS

Exploits0References3

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...

5.8AI score0.0003EPSS

Exploits0References2

RedHat Linux•added 2025/11/12 11:50 a.m.•3 views

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS5.7AI score0.00035EPSS

Exploits0References5

RedHat Linux•added 2025/11/11 9:13 a.m.•1 views

kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

5.5CVSS6.7AI score0.00025EPSS

Exploits0References5

Tenable Nessus•added 2025/11/06 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990585 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...

5.5CVSS6.2AI score0.00009EPSS

Exploits0References4

RedhatCVE•added 2025/10/28 7:27 p.m.•1 views

CVE-2025-40038

6.1CVSS5.7AI score0.0003EPSS

Exploits0References4

OSV•added 2025/10/28 11:48 a.m.•2 views

CVE-2025-40038 KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid

6.4AI score0.0003EPSS

Exploits0References7

CVE•added 2025/10/28 11:48 a.m.•9 views

CVE-2025-40038

CVE-2025-40038 affects the Linux kernel KVM/SVM fastpath handling. The vulnerability arises when VM-Exit handling attempts to decode and emulate an instruction to skip WRMSR/HLT fastpaths if the next RIP is not valid, which can require reading guest memory. Reading guest memory via the emulator c...

6AI score0.0003EPSS

Exploits0References4

EUVD•added 2025/10/28 11:48 a.m.•2 views

EUVD-2025-36490

5.9AI score0.0003EPSS

Exploits0References5

Cvelist•added 2025/10/28 11:48 a.m.•2 views

CVE-2025-40038 KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid

0.0003EPSS

Exploits0References4

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g...

5.8AI score0.0003EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-7590

Malicious code in bioql PyPI...

7.2AI score0.00025EPSS

Exploits0References6

Tenable Nessus•added 2025/09/16 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-53208

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested...

5.5CVSS5.8AI score0.00017EPSS

Exploits0References3

OSV•added 2025/09/11 4:49 p.m.•1 views

CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation

5.5CVSS6.2AI score0.00035EPSS

Exploits0References23

Tenable Nessus•added 2025/08/08 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-23141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extrem...

5.5CVSS6.4AI score0.00035EPSS

Exploits0References3

Positive Technologies•added 2025/04/04 12:0 a.m.•0 views

PT-2025-18395

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc3 Description A vulnerability in the Linux kernel has been resolved, specifically in the KVM Kernel-based Virtual Machine module. The issue arises when the vCPU is in L2 with INIT and a TRIPLE FAULT...

5.5CVSS6.3AI score0.00035EPSS

Exploits0