Lucene search
+L

67 matches found

redhat
redhat
added 2022/10/25 8:45 a.m.4 views

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.7AI score
Exploits0References5
nessus
nessus
added 2022/10/25 12:0 a.m.79 views

RHEL 8 : kernel-rt (RHSA-2022:7134)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7134 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS7.6AI score0.05871EPSS
Exploits7References15
nessus
nessus
added 2022/10/25 12:0 a.m.200 views

RHEL 8 : kernel (RHSA-2022:7110)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7110 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A use-after-free in clsroute filter...

7.8CVSS7.5AI score0.05871EPSS
Exploits7References18
mageia
mageia
added 2022/08/25 9:21 p.m.200 views

Updated kernel-linus packages fix security vulnerabilities

This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...

7.8CVSS2.8AI score0.12746EPSS
Exploits15References6
osv
osv
added 2022/08/17 1:15 p.m.4 views

CVE-2022-37459

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...

7.8CVSS6.1AI score0.00212EPSS
Exploits0References2
cvelist
cvelist
added 2022/08/17 12:49 p.m.25 views

CVE-2022-37459

Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...

8.2AI score0.00212EPSS
Exploits0References2
cve
cve
added 2022/08/17 12:49 p.m.62 views

CVE-2022-37459

This CVE affects Ampere Altra line: Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a are vulnerable to a Retbleed-style attack that can hijack code flow by manipulating return-address predictions. Impact is the potential execution of arbitrary code via a side-channel. A...

7.8CVSS7.9AI score0.00212EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2022/08/17 12:0 a.m.5 views

PT-2022-24012 · Ampere · Ampere Altra +1

Name of the Vulnerable Software and Affected Versions: Ampere Altra devices before 1.08g Ampere Altra Max devices before 2.05a Description: The issue allows attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel...

7.8CVSS8AI score0.00212EPSS
Exploits0References4
openvas
openvas
added 2022/08/08 12:0 a.m.32 views

Mageia: Security Advisory (MGASA-2022-0279)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.04831EPSS
Exploits1References8
mageia
mageia
added 2022/08/06 3:43 p.m.125 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.58 and fixes at least the following security issues: Kernel lockdown bypass when UEFI secure boot is disabled / unavailable and IMA appraisal is enabled CVE-2022-21505. Aliases in the branch predictor may cause some AMD processors to predict the wrong...

7.8CVSS7.8AI score0.05542EPSS
Exploits2References6
osv
osv
added 2022/08/02 1:58 p.m.5 views

SUSE-SU-2022:2629-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information...

8.2CVSS8.8AI score0.06451EPSS
Exploits11References108
nessus
nessus
added 2022/08/02 12:0 a.m.59 views

F5 Networks BIG-IP : RetBleed CPU vulnerability (K83713003)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K83713003 advisory. - Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline...

6.5CVSS7.7AI score0.04831EPSS
Exploits0References2
osv
osv
added 2022/07/31 2:20 p.m.26 views

GSD-2022-1004553 x86/bugs: Report Intel retbleed vulnerability

x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.133 by commit...

7.2AI score
Exploits0
osv
osv
added 2022/07/31 2:4 p.m.17 views

GSD-2022-1004372 x86/bugs: Report Intel retbleed vulnerability

x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.57 by commit...

7.2AI score
Exploits0
osv
osv
added 2022/07/31 1:46 p.m.13 views

GSD-2022-1004151 x86/bugs: Report Intel retbleed vulnerability

x86/bugs: Report Intel retbleed vulnerability This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.14 by commit...

7.2AI score
Exploits0
osv
osv
added 2022/07/29 2:13 p.m.8 views

SUSE-SU-2022:2600-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.6AI score0.06451EPSS
Exploits3References16
osv
osv
added 2022/07/29 2:13 p.m.14 views

SUSE-SU-2022:2599-2 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.8AI score0.06451EPSS
Exploits3References17
osv
osv
added 2022/07/29 2:13 p.m.6 views

SUSE-SU-2022:2599-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.8AI score0.06451EPSS
Exploits3References17
osv
osv
added 2022/07/29 2:12 p.m.13 views

SUSE-SU-2022:2597-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.8AI score0.06451EPSS
Exploits3References17
osv
osv
added 2022/07/28 9:0 a.m.7 views

SUSE-SU-2022:2574-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings XSA-402 bsc1199966. - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 XSA-404 bsc1200549. - CVE-2022-26362: Fixed a rac...

8.8CVSS7.6AI score0.06451EPSS
Exploits3References16
Rows per page
Query Builder