17 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...
SUSE CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
EUVD-2023-60469
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
UBUNTU-CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
CVE-2023-54172 affects the Linux kernel's x86/hyperv integration. The vulnerability arose because Hyper-V VMs with ConfigVersion 9.3+ support IBT in the guest, but the hypercall page could be missing ENDBR64. Since hypercalls use an indirect call to the hypercall page, this caused an exception an...
CVE-2023-54172 x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
CVE-2023-54172 x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current versions of Hyper-...
SUSE-SU-2025:20355-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in...
SUSE CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
DEBIAN-CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
AZL-55029 CVE-2024-56761 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
kernel: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
A compatibility issue was found between Linux and Hyper-V when Indirect Branch Tracking IBT is enabled. The Hyper-V hypercall page lacks the required ENDBR64 instruction, causing all hypercalls to fail with an exception and panic the guest...
PT-2025-54001
Name of the Vulnerable Software and Affected Versions linux affected versions not specified Description A flaw exists in the Linux kernel related to Indirect Branch Tracking IBT on x86/Hyperv systems. Specifically, when running on hardware supporting IBT within Hyper-V VMs with ConfigVersion 9.3 ...
Intel Adds Anti-Malware Protection in Tiger Lake CPUs
Intel’s upcoming class of mobile CPUs, code named “Tiger Lake,” will feature a long anticipated security layer, called Control-flow Enforcement Technology CET, which aims to protect against common malware attacks. CET protects against attacks on processors’ control flow, which refers to the order...