GHSA-49HH-FPRX-M68G Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses

Impact An issue was discovered in the default implementations of the VolatileMemory::getatomicref, alignedasref, alignedasmut, getref, getarrayref trait functions, which allows out-of-bounds memory access if the VolatileMemory::getslice function returns a VolatileSlice whose length is less than t...

CVE-2023-41051

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

CVE-2023-41051

CVE-2023-41051 concerns the vm-memory crate used in VMMs. A flaw in the default implementations of VolatileMemory::get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, and get_array_ref allows out-of-bounds access if VolatileMemory::get_slice returns a VolatileSlice whose length is less than ...

CVE-2023-41051

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

CVE-2023-41051 Default functions in VolatileMemory trait lack bounds checks in vm-memory

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-2153)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2153 advisory. - A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it possible f...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5728-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5728-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading t...

Update Rollup 1 for System Center 2022 Virtual Machine Manager

Update Rollup 1 for System Center 2022 Virtual Machine Manager Applies to Microsoft System Center 2022 Virtual Machine ManagerIntroduction This article describes the issues that are fixed in System Center Virtual Machine Manager 2022 UR1 release. There are two updates that are available for Virtu...

CVE-2022-2153

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9709)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9709 advisory. - netsched: clsroute: remove from list when handle is 0 Thadeu Lima de Souza Cascardo Orabug: 34480880 CVE-2022-2588 - arm64: proton-pack: provide...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:10067-1 Rating: important References: 1198676 1198677 1198678 1198679 1198680 1198703 1199803 1201720 Cross-References: CVE-2022-21465 CVE-2022-21471 CVE-2022-21487 CVE-2022-21488 CVE-2022-21491...

CVE-2022-2153

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1403-1 Rating: important References: 1191104 1191526 1191869 Cross-References: CVE-2021-2475 CVE-2021-35538 CVE-2021-35540 CVE-2021-35542 CVE-2021-35545 CVSS scores: CVE-2021-2475 NVD : 4.4...

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2021:1393-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1393-1 Rating: important References: 1191104 1191526 1191869 Cross-References: CVE-2021-2475 CVE-2021-35538 CVE-2021-35540 CVE-2021-35542 CVE-2021-35545 CVSS scores: CVE-2021-2475 NVD : 4.4...

esmvalcore (>=2.0.0 <=2.2.0), esque (>=0.2.0 <=0.3.1) +7 more potentially affected by CVE-2021-38305 via yamale (>=1.10.1 <=3.0.7)

yamale PYPI version =1.10.1, =2.0.0, =0.2.0, =0.1.0, =0.0.2, =1.0.0, =0.0.1.dev3092, =0.1.0b0, =0.1.0b6 Source cves: CVE-2021-38305 Source advisory: OSV:GHSA-435P-F82X-MXWM...

esmvalcore (>=2.0.0 <=2.2.0), esque (>=0.2.0 <=0.3.1) +7 more potentially affected by CVE-2021-38305 via yamale (>=1.10.1 <=3.0.7)

yamale PYPI version =1.10.1, =2.0.0, =0.2.0, =0.1.0, =0.0.2, =1.0.0, =0.0.1.dev3092, =0.1.0b0, =0.1.0b6 Source cves: CVE-2021-38305 Source advisory: OSV:PYSEC-2021-119...

An EPYC escape: Case-study of a KVM breakout

Posted by Felix Wilhelm, Project Zero Introduction KVM for Kernel-based Virtual Machine is the de-facto standard hypervisor for Linux-based cloud environments. Outside of Azure, almost all large-scale cloud and hosting providers are running on top of KVM, turning it into one of the fundamental...

Q3 2018 Speculative Execution Side Channel Update

Summary: Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault L1TF. This method impacts select microprocessor products supporting Intel® Software Guard Extensions Intel® SGX. Further investigation by Intel has identified two related application...

Security update for virtualbox (moderate)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2020:1486-1 Rating: moderate References: 1114605 1174075 1174159 1175201 Cross-References: CVE-2020-14628 CVE-2020-14629 CVE-2020-14646 CVE-2020-14647 CVE-2020-14648 CVE-2020-14649 CVE-2020-14650 CVE-2020-14673...