RHEL 7 : microcode_ctl (RHSA-2021:3028)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3028 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...

CentOS 7 : microcode_ctl (CESA-2021:3028)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:3028 advisory. - hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 - hw: Vector Register Data Sampling CVE-2020-0548 - hw: L1D Cache Eviction Sampling...

SUSE: Security Advisory (SUSE-SU-2020:3372-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microarchitectural Data Sampling Advisory

Summary: A potential security vulnerability in CPUs may allow information disclosure. Intel is releasing Microcode Updates MCU updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2018-12126 Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some...

OESA-2021-1167 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow ...

CVE-2021-0263 Junos OS: PTX Series: Denial of Service in packet processing due to heavy route churn when J-Flow sampling is enabled

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

SUSE: Security Advisory (SUSE-SU-2019:1241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3457-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2021-3477

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to...

In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled aka CID-d88d05a9e0b6.

...

CentOS 8 : kernel (CESA-2019:1167)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1167 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...

CentOS 8 : virt:rhel (CESA-2019:1175)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1175 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...

FreeBSD : Intel CPU issues (fbcba194-ac7d-11ea-8b5e-b42e99a1b9c3)

Intel reports : Intel CPUs suffer Special Register Buffer Data Sampling vulnerability C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021 Jacques Vidrine and contributors Redistribution and us...

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:3864-1)

This update for webkit2gtk3 fixes the following issues : -webkit2gtk3 was updated to version 2.30.3 bsc1179122 bsc1179451 : - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code...

SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3372-1)

This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201110 official release. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack SGX bsc1170446 - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 bsc1173594 - CVE-2020-8696: Vector Register...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3514-1)

This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201118 official release. bsc1178971 - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack SGX INTEL-SA-00389 bsc1170446 -...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3457-1)

This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201110 official release. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack SGX INTEL-SA-00389 bsc1170446 - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 bsc1173594 - CVE-2020-8696: Vect...

Chinese Breakthrough in Quantum Computing a Warning for Security Teams

China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. And while it’s a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to...