401 matches found
Astra Linux – Vulnerability in Linux
In intelpmudrainpebsnhm in arch/x86/events/intel/ds.c of the Linux kernel, up to version 5.11.8 on some Haswell CPUs, user-space applications such as perf-fuzzer can cause a system crash due to improper handling of the PEBS status in a PEBS record, also known as CID-d88d05a9e0b6...
Microsoft DirectX12: .spritefont multiply overflow only in 32-bit builds
Impact The spritefont reader can be induced to perform a 32-bit overflow multiply that could in theory result in a RCE. This impacts the use of the DirectX Tool Kit SpriteFont class file loading ctor if given untrusted data files. Note this only applies to x86/ARM builds of the library. ARM64 and...
CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
SUSE-SU-2026:20941-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046: - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...
SUSE-SU-2026:20758-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046: - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...
SUSE-SU-2026:20682-1 Security update for ucode-intel
This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046: - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...
SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2026:0669-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0669-1 advisory. - Intel CPU Microcode was updated to the 20260210 release bsc1258046 - CVE-2024-24853: Updated fix for incorrect behavior order in transition...
OESA-2026-1440 microcode_ctl security update
This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity atta...
microcode_ctl bug fix and enhancement update
An update is available for microcodectl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The microcodectl packages provide microcode updates for Intel and AMD...
CVE-2025-31648
Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...
CLSA-2026-1770373628 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770217418 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
CLSA-2026-1770215200 Update of microcode_ctl
Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
MiracleLinux 7 : microcode_ctl-2.1-73.11.el7 (AXSA:2021-2305:11)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2305:11 advisory. hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache Eviction Sampling...
MiracleLinux 4 : microcode_ctl-1.17-33.32.0.3.AXS4 (AXSA:2021-1922:07)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1922:07 advisory. hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observab...
MiracleLinux 8 : microcode_ctl-20190618-1.20191115.3.el8 (AXEA:2020-144:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2020-144:03 advisory. - Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004756)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004756 advisory. A NULL pointer dereference flaw was found in the Linux kernels KVM module, which can lead to a denial of service in the x86emulateinsn in arch/x86/kvm/emulate.c. Thi...
CVE-2021-0153
Out-of-bounds write in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access...
CVE-2019-11133
Improper access control in the IntelR Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access...
CVE-2020-12357
Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...