Astra Linux – Vulnerability in Firefox

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, it was rendered using page fonts. Side-channel attacks on the text using specially crafted fonts could have led to this text being interpreted by the webpage. This vulnerability affects Firefox versions earlier...

Astra Linux - уязвимость в chromium

Side-channel information leakage in keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2026-6923 Nuvoton - CWE-1300: Improper Protection of Physical Side Channels

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...

Quality-of-Service Feature Side Channels

Revisions Revision Date| Description ---|--- 2026-05-12| Initial publication...

EUVD-2026-27822

In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB Branch History Buffer attack, which can be exploited to leak information through branch prediction side channels. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the TSV110 processor’s susceptibility to Spectre-BHB attacks, potentially leading to information...

Mbed TLS 安全漏洞

Mbed TLS is an open-source, portable, easy-to-use, readable, and flexible SSL library developed by Mbed TLS. Mbed TLS versions 4.0.0 and earlier, as well as TF-PSA-Crypto versions 1.0.0 and earlier, have security vulnerabilities. These vulnerabilities stem from compiler-induced timing side...

Hardening Confidential Federated Compute against Side-Channel Attacks

In this work, we identify a set of side-channels in our Confidential Federated Compute platform that a hypothetical insider could exploit to circumvent differential privacy DP guarantees. We show how DP can mitigate two of the side-channels, one of which has been implemented in our open-source...

Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...

CVE-2026-0115

In Trusted Execution Environment, there is a possible key leak due to side channel information disclosure. This could lead to physical information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

EUVD-2026-9921

OpenClaw versions prior to 2026.2.13 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing side-channels across multiple requests to gradually...

PT-2026-23539

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.12 Description The software uses non-constant-time string comparison for hook token validation. This allows attackers to potentially infer tokens through timing measurements. Remote attackers with network acce...

SUSE CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

CVE-2025-71203 riscv: Sanitize syscall table indexing under speculation

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of purification of the system call table index during speculative execution. This...

Linux Distros Unpatched Vulnerability : CVE-2025-71203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospe...

AMD GPU Timing-Based Side Channels

Revisions Revision Date| Description ---|--- 2026-02-10| Initial publication...

Security Bulletin: Multiple Vulnerabilities in Hyper Converged Database

Summary Multiple vulnerabilities were addressed in Hyper Converged Database version 1.2.4 coming for base Docker images. Vulnerability Details CVEID:CVE-2019-12904 DESCRIPTION: In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical...

Side-Channel Attacks on Open VSwitch

Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with the physical network. The Open vSwitch OVS is one of the...

CVE-2025-68788

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events e.g. INACCESS/INMODIFY, but they do allow the same user to subscri...