Kvm
Monthly
Linux kernel KVM ARM64 fails to properly initialize ID registers for non-protected pKVM guests, causing feature detection checks to incorrectly return zero and preventing proper save/restore of system registers like TCR2_EL1 during world switches, potentially leading to state corruption. The vulnerability affects the hypervisor's ability to detect CPU features in non-protected virtual machines despite the initialization flag being incorrectly set. This is a kernel-level logic error that impacts system register handling in ARM64 virtualization.
Linux kernel KVM x86/MMU incorrectly installs emulated MMIO shadow page table entries (SPTEs) without first zapping existing shadow-present SPTEs when host userspace modifies guest page tables outside KVM's scope, causing kernel warnings and potential memory consistency issues. The vulnerability affects KVM on x86 systems running vulnerable kernel versions and can be triggered by a local attacker with ability to manipulate guest memory or run guest VMs, though the practical impact beyond kernel instability remains limited.
Arbitrary host file exfiltration from Cloud Hypervisor VMM versions 34.0-50.0. CVSS 10.0. Patch available.
Linux kernel KVM ARM64 fails to properly initialize ID registers for non-protected pKVM guests, causing feature detection checks to incorrectly return zero and preventing proper save/restore of system registers like TCR2_EL1 during world switches, potentially leading to state corruption. The vulnerability affects the hypervisor's ability to detect CPU features in non-protected virtual machines despite the initialization flag being incorrectly set. This is a kernel-level logic error that impacts system register handling in ARM64 virtualization.
Linux kernel KVM x86/MMU incorrectly installs emulated MMIO shadow page table entries (SPTEs) without first zapping existing shadow-present SPTEs when host userspace modifies guest page tables outside KVM's scope, causing kernel warnings and potential memory consistency issues. The vulnerability affects KVM on x86 systems running vulnerable kernel versions and can be triggered by a local attacker with ability to manipulate guest memory or run guest VMs, though the practical impact beyond kernel instability remains limited.
Arbitrary host file exfiltration from Cloud Hypervisor VMM versions 34.0-50.0. CVSS 10.0. Patch available.