Improper handling of direct memory writes in the input-output memory management unit could allow a malicious guest virtual machine (VM) to flood a host with writes, potentially causing a fatal machine
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.
Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.
Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.
Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity.
Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine (VM) to perform unauthorized access to specific victim range of GPU MMIO register space
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be
Improper isolation of VCN-JPEG HW register space could allow a malicious Guest Virtual Machine (VM) or a process to perform unauthorized access to the register space of the JPEG cores assigned a victi
Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory.
A logic error in the address
Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity.
Improper restriction of operations within the bounds of a memory buffer in PCIe® Link could allow an attacker with access to a guest virtual machine to potentially perform a denial of service attack a
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised G
A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, can exploit this by causing the agent to report an excessive number of network interfaces. This action
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity.
[This CNA information record relates to multiple CVEs; the
text explains which aspects/vulnerabilities correspond to which CVE.]
There are multiple issues related to the handling and accessing of gue
Page 1+ Next →