Lucene search
K

128 matches found

RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.4 views

kernel: speculation on incompletely validated data on IBM Power9

A flaw was found in the Linux kernel. IBM Power9 processors can speculatively operate on data stored in the L1 cache before it has been completely validated. The attack has limited access to memory and is only able to access memory normally permissible to the execution context. The highest threat...

5.1CVSS6.7AI score0.00387EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.221 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS7.2AI score0.74041EPSS
Exploits25References58
OSV
OSV
added 2022/05/10 8:11 a.m.36 views

RLSA-2022:1988 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 kernel: avoid cyclic entity chains due to malformed USB descriptors CVE-2020-0404 kernel: speculation on...

8.2CVSS9.2AI score0.06846EPSS
Exploits13References56
Rockylinux
Rockylinux
added 2022/05/10 8:11 a.m.77 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

9.8CVSS8.4AI score0.06846EPSS
Exploits13
CNVD
CNVD
added 2022/02/10 12:0 a.m.16 views

IBM OPENBMC OP910 Information Disclosure Vulnerability

IBM OPENBMC OP910 is a POWER8 and POWER9 emulator from International Business Machines Corporation IBM.IBM OPENBMC OP920, OP930 and OP940 have a security vulnerability that could be exploited by an unauthenticated attacker to gain access to sensitive information...

7.5CVSS2.4AI score0.01063EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 7:14 p.m.15 views

Security Bulletin: This Power System update is being released to address CVE 2018-1992

Summary POWER9: In response to a buffer overflow vulnerability on the boot loader, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2018-1992. Vulnerability Details CVEID: CVE-2018-1992 DESCRIPTION: The IBM POWER9 boot firmware'...

6.9CVSS2.3AI score0.00353EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 7:14 p.m.55 views

Security Bulletin: This Power System update is being released to address CVE-2018-5391

Summary POWER9: In response to a denial of service vulnerability, a new Power Systems firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-5391. A remote attacker could use large IP frames to trigger time and calculation expensive calls in the...

7.8CVSS1AI score0.24575EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/07 7:14 p.m.49 views

Security Bulletin: This Power System update is being released to address CVE 2019-6260

Summary POWER8/POWER9: In response to a security issue with BMC's physical address space, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE 2019-6260. Vulnerability Details CVEID: CVE 2019-6260 DESCRIPTION: The ASPEED AST2400 and...

9.8CVSS8.7AI score0.03631EPSS
Exploits0Affected Software2
Oracle linux
Oracle linux
added 2021/11/23 12:0 a.m.112 views

glibc security update

2.28-164.0.1 - Merge of RH patches for ol8-u5 beta release Review-exception: Routine merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for...

9.8CVSS8.3AI score0.02898EPSS
Exploits1
Rosalinux
Rosalinux
added 2021/07/02 4:44 p.m.24 views

Advisory ROSA-SA-2021-1838

Software: gcc 4.8.5 OS: Cobalt 7.9 CVE-ID: CVE-2018-12886 CVE-Crit: HIGH CVE-DESC: stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate sequences of instructions when targeting ARM targets that...

8.1CVSS7.2AI score0.03207EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.248 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9308)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9308 advisory. - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860493 CVE-2021-31916 - powerpc/64s: flush L1D after user accesses...

6.7CVSS6.6AI score0.0072EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/06/15 12:0 a.m.109 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9305)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9305 advisory. - dm ioctl: fix out of bounds array access when no devices Mikulas Patocka Orabug: 32860493 CVE-2021-31916 - powerpc/64s: flush L1D after user accesses...

6.7CVSS6.6AI score0.0072EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:3713-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.01026EPSS
Exploits8References2
Oracle linux
Oracle linux
added 2021/06/04 12:0 a.m.254 views

glibc security update

2.28-151.0.1.el84 - merge RH patches for ol8-u4 release Review-exception: Patch merge - Provide glibc.pthread.mutexspincount tunable for pthread adaptive - spin mutex Orabug: 27982358. Reviewed-by: Qing Zhao - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag ...

9.8CVSS0.4AI score0.04731EPSS
Exploits2
NVD
NVD
added 2021/05/26 5:15 p.m.18 views

CVE-2021-20487

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

9.1CVSS0.0068EPSS
Exploits0References2
OSV
OSV
added 2021/05/26 5:15 p.m.5 views

CVE-2021-20487

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

9.1CVSS5.8AI score0.0068EPSS
Exploits0References2
Prion
Prion
added 2021/05/26 5:15 p.m.18 views

Code injection

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

6.5CVSS8.8AI score0.0068EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2021/05/26 4:20 p.m.37 views

CVE-2021-20487

CVE-2021-20487 affects IBM Power9 Self Boot Engine (SBE). The SBE vulnerability could let a privileged user inject malicious code and compromise the integrity of the host firmware by bypassing the host firmware signature verification process. Affects IBM Power Systems with Power9 SBE, with remedi...

9.1CVSS8.9AI score0.0068EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/26 4:20 p.m.21 views

CVE-2021-20487

IBM Power9 Self Boot EngineSBE could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature verification process...

8CVSS9.1AI score0.0068EPSS
Exploits0References2
CNVD
CNVD
added 2021/05/26 12:0 a.m.6 views

IBM Power9 Self Boot Engine (SBE) Data Forgery Issue Vulnerability

The IBM Power9 Self Boot Engine is a chip from the American company IBM. A security vulnerability exists in the IBM Power9 Self Boot Engine SBE that could allow a user with appropriate privileges to inject malicious code and compromise the integrity of the host firmware through the host firmware...

9.1CVSS6.8AI score0.0068EPSS
Exploits0References1
Rows per page
Query Builder