Lucene search
+L

227 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.35 views

RHEL 9 : linux-firmware (RHSA-2024:0433)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0433 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw amd: Return Address...

4.7CVSS7.1AI score0.0616EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/01/12 12:0 a.m.54 views

Rocky Linux 8 : kernel-rt (RLSA-2024:0134)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0134 advisory. - A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative...

7.8CVSS7.5AI score0.0616EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2024/01/10 10:50 a.m.3 views

amd: Return Address Predictor vulnerability leading to information disclosure

A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure...

4.7CVSS6.8AI score0.0616EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.65 views

RHEL 8 : kernel-rt (RHSA-2024:0134)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0134 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS7.4AI score0.0616EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.92 views

RHEL 8 : kernel (RHSA-2024:0113)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0113 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use after free in...

7.8CVSS7.2AI score0.0616EPSS
Exploits3References13
NVD
NVD
added 2024/01/05 5:15 p.m.34 views

CVE-2023-34328

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS5.8AI score0.00256EPSS
Exploits0References2
OSV
OSV
added 2024/01/05 5:15 p.m.49 views

CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/05 5:15 p.m.30 views

CVE-2023-34327

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.5AI score0.00256EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/01/05 5:15 p.m.29 views

CVE-2023-34328

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS6.5AI score0.00256EPSS
Exploits0References2
Prion
Prion
added 2024/01/05 5:15 p.m.38 views

Design/Logic Flaw

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

1.7CVSS5.5AI score0.02501EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/05 4:34 p.m.119 views

CVE-2023-34328

CVE-2023-34328 relates to Xen where a PV vCPU can place a breakpoint over the live GDT, potentially locking up the CPU. This is described in the CNA as a Xen/AMD x86 debugging state handling issue that can lead to a denial of service. The entry references XSA-156 and CVE-2015-8104 as related cont...

5.5CVSS5.9AI score0.00256EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/01/05 4:34 p.m.64 views

CVE-2023-34328

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

5.5CVSS9.2AI score0.00256EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/05 4:34 p.m.3 views

CVE-2023-34327 x86/AMD: Debug Mask handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

6.8AI score0.00256EPSS
Exploits0References1
CVE
CVE
added 2024/01/05 4:34 p.m.107 views

CVE-2023-34327

CVE-2023-34327 and CVE-2023-34328 describe Xen handling flaws in AMD x86 debugging extensions where an HVM vCPU can run under a previous vCPU’s debug mask state or a PV vCPU can place breakpoints on a live GDT. This can cause denial of service and CPU lockups. Root cause: errors in Xen’s guest-st...

5.5CVSS5.9AI score0.00256EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.39 views

Oracle Linux 9 : kernel (ELSA-2023-7749)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7749 advisory. - x86/retpoline: Document some thunk handling aspects Borislav Petkov CVE-2023-20569 - objtool: Fix return thunk patching in retpolines Josh Poimboeuf...

7.8CVSS7.5AI score0.12405EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2023/12/22 12:0 a.m.53 views

CentOS 7 : linux-firmware (RHSA-2023:7513)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7513 advisory. - A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative...

5.5CVSS7.3AI score0.0616EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.38 views

RHEL 7 : linux-firmware (RHSA-2023:7782)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7782 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw amd: Retur...

5.5CVSS7.2AI score0.0616EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2023/12/12 1:58 p.m.32 views

CVE-2020-12965

A flaw was found in AMD CPUs. When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits, potentially resulting in data leakage...

7.8CVSS7.6AI score0.024EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2023/12/09 11:52 a.m.45 views

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new...

7.5CVSS6.9AI score0.024EPSS
Exploits0
Veracode
Veracode
added 2023/11/28 1:21 p.m.34 views

Memory Integrity Loss

amd64-microcode AMD CPU microcode patches is vulnerable to Memory Integrity Loss. The vulnerability is caused due to Improper or Unexpected behavior of the INVD instruction in some AMD CPUs. It can allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU...

6.5CVSS6.9AI score0.01018EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder