Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/30 12:0 a.m.3 views

SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2026:0329-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0329-1 advisory. - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fix...

8.8CVSS6AI score0.00129EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.5 views

openSUSE 15: xen / xen-devel / xen-doc-html / xen-libs / xen-libs-32bit / etc (SUSE-SU-2026:0306-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0306-1 advisory. - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation...

8.8CVSS6AI score0.00129EPSS
Exploits0References7
NVD
NVD
added 2026/01/28 4:16 p.m.8 views

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

2.9CVSS0.00129EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/01/27 4:15 p.m.5 views

Security update for xen

This update for xen fixes the following issues: CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 Special Instructions and Notes: Please reboot the system after installing this update...

6.8CVSS6AI score0.00129EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Conditional IBPB mitigation has been added. VMSCAPE is a vulnerability that exploits the insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already...

5.5CVSS6.5AI score0.00331EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/10 1:5 a.m.5 views

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS5.7AI score0.00331EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/09/11 11:23 p.m.5 views

SUSE CVE-2025-40300

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

6.5CVSS6.4AI score0.00331EPSS
Exploits0References28
OSV
OSV
added 2025/09/11 5:15 p.m.14 views

AZL-67238 CVE-2025-40300 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS6AI score0.00331EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 5:15 p.m.1 views

DEBIAN-CVE-2025-40300

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS5.9AI score0.00331EPSS
Exploits0References1
OSV
OSV
added 2025/09/11 4:49 p.m.5 views

CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

5.5CVSS6.2AI score0.00331EPSS
Exploits0References24
Vulnrichment
Vulnrichment
added 2025/09/11 4:49 p.m.6 views

CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

6.5AI score0.00331EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2025/07/01 6:51 p.m.4 views

microcode_ctl: From CVEorg collector

A flaw was found in the Branch Prediction Unit BPU of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier IBPB protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with loca...

6.8CVSS6.4AI score0.00169EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 3:49 p.m.5 views

microcode_ctl: From CVEorg collector

A flaw was found in the Branch Prediction Unit BPU of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier IBPB protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with loca...

6.8CVSS6.4AI score0.00169EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 2:44 p.m.6 views

microcode_ctl: From CVEorg collector

A flaw was found in the Branch Prediction Unit BPU of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier IBPB protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with loca...

6.8CVSS6.4AI score0.00169EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/10/29 5:53 a.m.41 views

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh...

5.6CVSS7.4AI score0.74041EPSS
Exploits9
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.4 views

kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks

A flaw was found in the KVM's Intel nested virtualization feature nVMX. Since L1 and L2 shared branch prediction modes guest-user and guest-kernel, KVM did not protect indirect branches in L1 from steering by a malicious agent in L2. This could allow a malicious nested guest to carry out Spectre ...

8.8CVSS6.6AI score0.00285EPSS
Exploits0References4
OSV
OSV
added 2020/09/03 4:51 p.m.12 views

USN-4485-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915gemexecbuffer2ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. CVE-2018-20669 It was discovered that the...

7.8CVSS7.1AI score0.00617EPSS
Exploits3References15
OSV
OSV
added 2020/09/03 4:41 p.m.8 views

USN-4483-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service memory exhaustion. CVE-2019-20810 Fan Yang discovered that the mremap...

7.8CVSS6.8AI score0.00992EPSS
Exploits4References14
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.239 views

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4485-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4485-1 advisory. Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the...

7.8CVSS7.3AI score0.00617EPSS
Exploits3References15
OSV
OSV
added 2020/07/31 1:22 a.m.11 views

USN-4440-1 linux-hwe, linux-aws-5.3, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, linux-raspi2-5.3 vulnerabilities

It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...

7.8CVSS7.1AI score0.01314EPSS
Exploits2References13
Rows per page
Query Builder