Lucene search
K

82 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, reappears in the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influence mispredict...

5.5CVSS6.6AI score0.00264EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-43699

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2025/09/18 3:58 p.m.16 views

CLSA-2025-1756482270 kernel: Fix of CVE-2024-2201

spec: up spec/misc to 1160.136.1, spectre mitigation is off by default - hugetlb, mempolicy: fix the mbind hugetlb migration - net: atm: fix use after free in lecsend - net: atlantic: fix aqvec index out of range error - block: initialize flush request via blkmqrqctxinit - ALSA: usb-audio: Fix a...

4.7CVSS7.2AI score0.08555EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/08 12:0 a.m.8 views

Exploiting Inaccurate Branch History in Side-Channel Attacks

Modern out-of-order CPUs heavily rely on speculative execution for performance optimization, with branch prediction serving as a cornerstone to minimize stalls and maximize efficiency. Whenever shared branch prediction resources lack proper isolation and sanitization methods, they may originate...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2023-3006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A known cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is...

5.5CVSS6.7AI score0.00264EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/19 8:28 p.m.38 views

CVE-2024-2201

A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...

4.7CVSS6.8AI score0.08555EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.6 views

kernel: x86/bhi: Avoid warning in #DB handler due to BHI mitigation

A denial of service vulnerability was found in the Linux kernel. When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set, then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag is cleared. This causes the DB handler excdebugkernel to iss...

5.5CVSS6.6AI score0.00219EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2024/11/08 3:57 p.m.34 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS9.8AI score0.08555EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.16 views

RockyLinux 9 : kernel (RLSA-2024:8617)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

7.8CVSS7.7AI score0.08555EPSS
Exploits0References44
RedHat Linux
RedHat Linux
added 2024/10/30 1:41 a.m.6 views

hw: cpu: intel: Native Branch History Injection (BHI)

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information...

4.7CVSS7.3AI score0.08555EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/10/30 12:39 a.m.44 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS7.1AI score0.08555EPSS
Exploits1References16
RedHat Linux
RedHat Linux
added 2024/10/30 12:15 a.m.9 views

hw: cpu: intel: Native Branch History Injection (BHI)

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information...

4.7CVSS7.3AI score0.08555EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/10/30 12:15 a.m.44 views

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS7.3AI score0.08555EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2024/09/25 12:0 a.m.22 views

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:3423-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3423-1 advisory. - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86...

7.5CVSS7AI score0.08555EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2024/09/25 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2024:3423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.08555EPSS
Exploits0References8
OSV
OSV
added 2024/09/24 3:25 p.m.13 views

SUSE-SU-2024:3423-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-2201: Mitigation for Native Branch History Injection XSA-456, bsc1222453 - CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling XSA-458, bsc1227355 - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460,...

7.5CVSS7AI score0.08555EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/09/24 1:21 a.m.5 views

hw: cpu: intel: Native Branch History Injection (BHI)

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information...

4.7CVSS7.3AI score0.08555EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.5 views

hw: cpu: intel: Native Branch History Injection (BHI)

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information...

4.7CVSS7.3AI score0.08555EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.7 views

hw: cpu: intel: Native Branch History Injection (BHI)

A flaw was found in some Intel CPUs where mitigations for the Spectre V2/BHI vulnerability were incomplete. This issue may allow an attacker to read arbitrary memory, compromising system integrity and exposing sensitive information...

4.7CVSS7.3AI score0.08555EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/08/08 2:20 a.m.4 views

SUSE CVE-2024-42240

In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entrySYSENTERcompat uses CLEARBRANCHHISTORY and calls the clearbhbloop before the TF flag...

5.5CVSS6.5AI score0.00219EPSS
Exploits0References19
Rows per page
Query Builder