324 matches found
QSAF: a Novel Mitigation Framework for Cognitive Degradation in Agentic AI
We introduce Cognitive Degradation as a novel vulnerability class in agentic AI systems. Unlike traditional adversarial external threats such as prompt injection, these failures originate internally, arising from memory starvation, planner recursion, context flooding, and output suppression. Thes...
ROS-20250624-01
A vulnerability in the SEV-SNP functions of AMD processor firmware is related to incorrectly input validation for serial presence detection DIMM SPD metadata. Exploitation of the vulnerability allows an attacker to overwrite guest memory, resulting in a loss of the guest data integrity...
TencentOS Server 2: linux-firmware (TSSA-2024:0042)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0042 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
PT-2025-24580 · Amd · Amd Versal Adaptive Soc
Name of the Vulnerable Software and Affected Versions: AMD Versal Adaptive SoC devices affected versions not specified Description: The issue arises from the lack of address validation when executing PLM runtime services through the PLM firmware, allowing access to isolated or protected memory...
RLSA-2024:3178 Important: linux-firmware security update
The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: intel: Protection mechanism failure for some IntelR PROSet/Wireless WiFi CVE-2022-46329 hw: amd: INVD instruction may lead to a loss of SEV-ES guest machine memory...
RockyLinux 8 : linux-firmware (RLSA-2024:3178)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3178 advisory. hw: intel: Protection mechanism failure for some IntelR PROSet/Wireless WiFi CVE-2022-46329 hw: amd: INVD instruction may lead to a loss of SEV-ES guest...
The vulnerability of the `prepare_uprobe_buffer()` function in the kernel/trace/trace_uprobe.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the prepareuprobebuffer function in the kernel/trace/traceuprobe.c module of the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
SUSE CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
CVE-2024-52939
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory...
CVE-2023-20581
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity...
CVE-2023-20582
Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...
CVE-2023-20582
Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...
CVE-2023-20581
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity...
CVE-2023-20582
Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...
CVE-2023-20582
Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry PTE faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity...
CVE-2023-20582
CVE-2023-20582 describes an AMD SEV-SNP/IOMMU vulnerability where improper handling of invalid nested page table entries can cause PTE faults to bypass RMP checks, potentially compromising guest memory integrity. The issue affects AMD Secure Virtualization components and cannot be confirmed as ex...
CVE-2023-20581
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity...
CVE-2023-20581
Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity...
CVE-2023-20581
CVE-2023-20581 concerns improper access control in the IOMMU, potentially allowing a privileged attacker to bypass RMP checks and compromise guest memory integrity. The vulnerability is associated with AMD IOMMU/ASP components in AMD platforms, with exploitation classified as LOCAL and requiring ...
PT-2025-6394 · Iommu · Iommu
Name of the Vulnerable Software and Affected Versions: IOMMU affected versions not specified Description: The issue is related to improper access control in the IOMMU, which may allow a privileged attacker to bypass RMP checks. This could potentially lead to a loss of guest memory integrity...