SUSE CVE-2019-19577

An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number ...

SUSE CVE-2020-12965

When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage...

SUSE CVE-2021-26335

Improper input and range checking in the AMD Secure Processor ASP boot loader image header may allow an attacker to use attacker-controlled values prior to signature validation potentially resulting in arbitrary code execution...

PT-2023-1409 · Amd · Amd Processor Security

Name of the Vulnerable Software and Affected Versions: AMD processor security software affected versions not specified Description: The issue is related to insufficient input validation during the parsing of the System Management Mode SMM binary, which may allow a maliciously crafted SMM executab...

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

...

AMD Processor Execution Unit Scheduler Contention Side-Channel Vulnerability - Lenovo Support US

No description provided...

CVE-2022-23825

A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure...

AMD Speculative Load Disordering - Lenovo Support US

No description provided...

PT-2022-6302 · Amd · System Management Mode

Name of the Vulnerable Software and Affected Versions: System Management Mode SMM affected versions not specified Description: The issue is related to the failure to validate inputs in SMM, which may allow an attacker to create a mishandled error, leaving the DRTM UApp in a partially initialized...

AMD Platform Security Processor 竞争条件问题漏洞

AMD Platform Security Processor is a security processor from AMD. AMD Platform Security Processor suffers from a Competitive Conditions Issue vulnerability, which stems from a vulnerability that can be exploited by an attacker to exploit multiple vulnerabilities in AMD processors...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

kernel: SVM nested virtualization issue in KVM (AVIC support)

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

USN-5071-2 linux-hwe-5.4 vulnerabilities

USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for...

Moderate: Red Hat Bug Fix Advisory: microcode_ctl bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8. The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: rhel-8.3.0.z HPEMC 8.3.z REGRESSION Regression in intel microcode as of 20201110 BZ1907898...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one th...

Scientific Linux Security Update : libvirt on SL7.x x86_64 (20180626) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged...

USN-3679-1 qemu update

Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update...

April 10, 2018—KB4093112 (OS Build 16299.371)

April 10, 2018—KB4093112 OS Build 16299.371 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides support to control usage of Indirect Branch Prediction Barrier IBPB within some AMD...

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

A team of security researchers has reportedly discovered a total of eight new "Spectre-class" vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial...

APT Trends report Q1 2018

In the second quarter of 2017, Kaspersky's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports in an effort to make the public aware of the research we have been conducting. This report serves as the next installment, focusing on...