New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM dynamic random-access memory attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh TRR. "This result proves that AMD system...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6325-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6325-1 advisory. Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various...

[SECURITY] [DLA 3512-1] linux-5.10 security update

Debian LTS Advisory DLA-3512-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings August 2, 2023 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.179-3deb10u1 CVE ID : CVE-2023-2156 CVE-2023-3390 CVE-2023-3610 CVE-2023-20593 CVE-2023-31248 CVE-2023-35001...

Debian: Security Advisory (DSA-5462-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5461-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5461-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5461-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 30, 2023 https://www.debian.org/security/faq -...

Zenbleed: cross-process infoleak vulnerability in AMD Zen 2 Processors - everything you need to know

Learn about the impact in cloud environments of CVE-2023-20593, a cross-process information leak vulnerability in AMD Zen 2 Processors...

Cross-Process Information Leak

Bulletin ID: AMD-SB-7008 Potential Impact: Information disclosure Severity: Medium Summary Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which...

Vulnerabilities fixed in Citrix Hypervisor

Vulnerabilities have been fixed in Citrix Hypervisor and Citrix XenServer. The vulnerabilities potentially enable a malicious party to able to derive memory content from another virtual machine. These vulnerabilities are only present when the vulnerable products are used on AMD Zen 1 or AMD Zen 2...