SUSE CVE-2023-52768

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: use vmmtable as array in wilc struct Enabling KASAN and running some iperf tests raises some memory issues with vmmtable: BUG: KASAN: slab-out-of-bounds in wilcwlanhandletxq+0x6ac/0xdb4 Write of size 4 at addr...

DEBIAN-CVE-2023-52768

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: use vmmtable as array in wilc struct Enabling KASAN and running some iperf tests raises some memory issues with vmmtable: BUG: KASAN: slab-out-of-bounds in wilcwlanhandletxq+0x6ac/0xdb4 Write of size 4 at addr...

UBUNTU-CVE-2023-52768

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: use vmmtable as array in wilc struct Enabling KASAN and running some iperf tests raises some memory issues with vmmtable: BUG: KASAN: slab-out-of-bounds in wilcwlanhandletxq+0x6ac/0xdb4 Write of size 4 at addr...

CVE-2023-52874

CVE-2023-52874 (Linux kernel, x86/tdx): the vulnerability stems from an omission in the TDX_HYPERCALL path where RSI was not cleared when returning from TDCALL, risking speculation of VMM-provided values after the guest legally shares registers with the untrusted VMM. The issue originates from a ...

CVE-2023-52874 x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDXHYPERCALL macro In the TDXHYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

Fedora 40 : firecracker / virtiofsd (2023-eb87748e07)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-eb87748e07 advisory. Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - https://vulners.com/cve/CVE-2023-41051 -...

Fedora 40 : firecracker / libkrun / rust-event-manager / rust-kvm-bindings / etc (2024-9974808629)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-9974808629 advisory. Update rust-vmm components and their consumers to address CVE-2023-50711 Tenable has extracted the preceding description block directly from the Fedora...

ROS-20240410-10

Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

Ubuntu 22.04 LTS / 23.10 : Linux kernel (AWS) vulnerabilities (USN-6680-3)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6680-3 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6680-2)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6680-2 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2023:0351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25744

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side. Mitigation This vulnerability can be mitigated by disabling 32-bit emulation by default for TDX and SEV. The user can...

[SECURITY] Fedora 38 Update: rust-vmm-sys-util-0.12.1-2.fc38

A system utility set...

Fedora: Security Advisory for rust-vmm-sys-util (FEDORA-2024-f2305d485f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

DEBIAN-CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

Code injection

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...