Security update for xen

This update for xen fixes the following issues CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant tabl...

EUVD-2025-209577

A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality...

CVE-2025-29943

Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest...

Important: linux-firmware

Issue Overview: Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity. CVE-2025-54514 Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence...

EUVD-2025-198505

Improper handling of insufficient entropy in the AMD CPUs could allow a local attacker to influence the values returned by the RDSEED instruction, potentially resulting in the consumption of insufficiently random values...

EUVD-2021-13147

Malware in sbrugna...

EUVD-2012-2913

Malware in sbrugna...

EUVD-2021-13124

Malware in sbrugna...

EUVD-2020-5245

Malware in sbrugna...

EUVD-2021-13207

Malware in sbrugna...

EUVD-2021-33400

Malicious code in bioql PyPI...

EUVD-2023-38408

Malicious code in bioql PyPI...

EUVD-2023-24771

Malicious code in bioql PyPI...

EUVD-2023-38409

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-26401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. CVE-2021-26401 Note that Nessus relies on the presence of the package a...

x86: Transitive Scheduler Attacks

ISSUE DESCRIPTION Researchers from Microsoft and ETH Zurich have discovered several new speculative sidechannel attacks which bypass current protections. They are detailed in a paper titled "Enter, Exit, Page Fault, Leak: Testing Isolation Boundaries for Microarchitectural Leaks". Two issues, whi...

AMD Transient Scheduler Attacks

AMD ID: AMD-SB-7029 Potential Impact: Loss of Confidentiality Severity: Medium Summary AMD discovered several transient scheduler attacks related to the execution timing of instructions under specific microarchitectural conditions while investigating a Microsoft® report titled “Enter, Exit, Page...

TencentOS Server 2: linux-firmware (TSSA-2023:0274)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0274 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 2: linux-firmware (TSSA-2024:0042)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0042 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

ABB M2M Gateway Arbitrary Code Execution in embedded Linux Kernel for some AMD CPUs (CVE-2021-26401)

LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503249;...