Astra Linux - уязвимость в linux-5.10, linux

Linux PV device frontends vulnerable to attacks by backends This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Several Linux PV device frontends are using the grant table interfaces for removing access rights of the...

EUVD-2025-4434

Malicious code in bioql PyPI...

PT-2025-21766 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory. Recommendations:...

Fedora: Security Advisory (FEDORA-2024-9974808629)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: rust-vm-memory-0.14.0-1.fc38

Safe abstractions for accessing the VM physical memory...

Fedora: Security Advisory for rust-vm-memory (FEDORA-2024-f2305d485f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-vm-memory-0.14.0-1.fc39

Safe abstractions for accessing the VM physical memory...

Fedora: Security Advisory for rust-vm-memory (FEDORA-2024-04877592b7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-20592

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity. Mitigation...

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

Fedora 37 : firecracker (2023-1db67725f2)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-1db67725f2 advisory. Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - https://vulners.com/cve/CVE-2023-41051 -...

Default functions in VolatileMemory trait lack bounds checks in vm-memory

...

Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses

Impact An issue was discovered in the default implementations of the VolatileMemory::getatomicref, alignedasref, alignedasmut, getref, getarrayref trait functions, which allows out-of-bounds memory access if the VolatileMemory::getslice function returns a VolatileSlice whose length is less than t...

GHSA-49HH-FPRX-M68G Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses

Impact An issue was discovered in the default implementations of the VolatileMemory::getatomicref, alignedasref, alignedasmut, getref, getarrayref trait functions, which allows out-of-bounds memory access if the VolatileMemory::getslice function returns a VolatileSlice whose length is less than t...

fuse-backend-rs (>=0.10.5 <=0.12.0), linux-loader (>=0.8.0 <=0.9.0) +6 more potentially affected by CVE-2023-41051 via vm-memory (>=0.10.0 <=0.11.0)

vm-memory CARGO version =0.10.0, =0.10.5, =0.8.0, =0.6.0, =0.8.0, =0.7.0, =0.4.0, =0.2.0, =1.5.1, =1.6.1 Source cves: CVE-2023-41051 Source advisory: OSV:GHSA-49HH-FPRX-M68G...

CVE-2023-41051 Default functions in VolatileMemory trait lack bounds checks in vm-memory

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

CVE-2023-41051

CVE-2023-41051 concerns the vm-memory crate used in VMMs. A flaw in the default implementations of VolatileMemory::get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, and get_array_ref allows out-of-bounds access if VolatileMemory::get_slice returns a VolatileSlice whose length is less than ...

CVE-2023-41051

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

fuse-backend-rs (>=0.10.5 <=0.12.0), linux-loader (>=0.8.0 <=0.9.0) +6 more potentially affected by CVE-2023-41051 via vm-memory (>=0.10.0 <=0.11.0)

vm-memory CARGO version =0.10.0, =0.10.5, =0.8.0, =0.6.0, =0.8.0, =0.7.0, =0.4.0, =0.2.0, =1.5.1, =1.6.1 Source cves: CVE-2023-41051 Source advisory: OSV:RUSTSEC-2023-0056...

PT-2023-27763 · Vm-Memory +1 · Vm-Memory +1

Name of the Vulnerable Software and Affected Versions: vm-memory versions 0.1.0 through 0.12.1 Description: An issue was discovered in the default implementations of the VolatileMemory::get atomic ref, aligned as ref, aligned as mut, get ref, get array ref trait functions, which allows...