67 matches found
hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...
RHEL 8 : kernel-rt (RHSA-2022:7134)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7134 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 8 : kernel (RHSA-2022:7110)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7110 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter...
Updated kernel-linus packages fix security vulnerabilities
This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...
CVE-2022-37459
This CVE affects Ampere Altra line: Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a are vulnerable to a Retbleed-style attack that can hijack code flow by manipulating return-address predictions. Impact is the potential execution of arbitrary code via a side-channel. A...
PT-2022-24012 · Ampere · Ampere Altra +1
Name of the Vulnerable Software and Affected Versions: Ampere Altra devices before 1.08g Ampere Altra Max devices before 2.05a Description: The issue allows attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel...
Mageia: Security Advisory (MGASA-2022-0279)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.58 and fixes at least the following security issues: Kernel lockdown bypass when UEFI secure boot is disabled / unavailable and IMA appraisal is enabled CVE-2022-21505. Aliases in the branch predictor may cause some AMD processors to predict the wrong...
SUSE-SU-2022:2629-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information...
F5 Networks BIG-IP : RetBleed CPU vulnerability (K83713003)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83713003 advisory. - Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline...
GSD-2022-1004553 x86/bugs: Report Intel retbleed vulnerability
x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.133 by commit...
GSD-2022-1004372 x86/bugs: Report Intel retbleed vulnerability
x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.57 by commit...
GSD-2022-1004151 x86/bugs: Report Intel retbleed vulnerability
x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.14 by commit...
SUSE-SU-2022:2600-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...
SUSE-SU-2022:2599-2 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...
SUSE-SU-2022:2599-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...
SUSE-SU-2022:2597-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...
SUSE-SU-2022:2574-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...