Search CVE reports
1 – 10 of 34 results
Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss...
162 affected packages
amd64-microcode, linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
| linux | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
| linux-hwe | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-hwe-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-hwe-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-hwe-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-hwe-7.0 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-kvm | Not in release | Not in release | Not affected | Not affected | Not affected |
| linux-allwinner-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-aws | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
| linux-aws-5.0 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-5.3 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-aws-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-aws-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-aws-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-aws-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-azure | Vulnerable | Vulnerable | Not affected | Not affected | Ignored |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.3 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-azure-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-azure-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-azure-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-azure-fde | Vulnerable | Vulnerable | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-azure-fde-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-azure-fde-6.8 | Not in release | Not in release | Needs evaluation | Not in release | Not in release |
| linux-azure-fde-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-azure-fde-6.17 | Not in release | Needs evaluation | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-azure-nvidia-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-bluefield | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-fips | Not in release | Vulnerable | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Vulnerable | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Vulnerable | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Vulnerable | Not affected | Not affected | Not affected |
| linux-gcp | Vulnerable | Vulnerable | Not affected | Not affected | Ignored |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.3 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-gcp-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-gke | Not in release | Vulnerable | Not affected | Ignored | Not in release |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke-5.4 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke-5.15 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-gkeop | Not in release | Vulnerable | Not affected | Ignored | Not in release |
| linux-gkeop-5.4 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gkeop-5.15 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-ibm | Vulnerable | Vulnerable | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-ibm-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-intel-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-intel-iotg | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not in release | Vulnerable | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-nvidia | Vulnerable | Vulnerable | Not affected | Not in release | Not in release |
| linux-nvidia-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-nvidia-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-nvidia-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-nvidia-7.0 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not in release | Vulnerable | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
| linux-oracle-5.0 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-oracle-5.3 | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oracle-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oracle-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oracle-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-oracle-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-oracle-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-oem-5.6 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.10 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.13 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.14 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-oem-5.17 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.0 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.1 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-oem-6.8 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-oem-6.11 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-oem-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-oem-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-oem-7.0 | Vulnerable | Not in release | Not in release | Not in release | Not in release |
| linux-raspi | Vulnerable | Vulnerable | Not affected | Not affected | Not in release |
| linux-raspi2 | Not in release | Not in release | Not in release | Ignored | Ignored |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-realtime | Vulnerable | Vulnerable | Not affected | Not in release | Not in release |
| linux-realtime-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-realtime-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Vulnerable | Ignored | Ignored | Ignored | Not in release |
| linux-riscv-5.8 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-riscv-5.11 | Not in release | Not in release | Not in release | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-riscv-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| linux-riscv-6.14 | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-starfive-5.19 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-starfive-6.2 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-starfive-6.5 | Not in release | Not in release | Ignored | Not in release | Not in release |
| linux-xilinx | Not in release | Vulnerable | Not in release | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not in release | Not affected | Not affected | Not in release |
| linux-realtime-6.17 | Not in release | Vulnerable | Not in release | Not in release | Not in release |
Some fixes available 3 of 8
Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Fixed | Fixed | Vulnerable | Vulnerable | Vulnerable |
Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
Some fixes available 3 of 8
Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Fixed | Fixed | Vulnerable | Vulnerable | Vulnerable |
Insufficient Granularity of Access Control in SEV firmware could allow a privileged user with a malicious hypervisor to create a SEV-ES guest with an ASID in the range meant for SEV-SNP guests potentially resulting in a partial...
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
Insufficient Granularity of Access Control in SEV firmware can allow a privileged attacker to create a SEV-ES Guest to attack SNP guest, potentially resulting in a loss of confidentiality.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
Improper Initialization within the AMD Secure Encrypted Virtualization (SEV) firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |
Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory.
1 affected package
amd64-microcode
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | Vulnerable | Vulnerable | Not affected | Not affected | Not affected |