Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevention of Spectre v1 exploits in sysrtas Smatch warning: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: Potential Spectre issue with ‘args args’ r local limit The locals variables nargs and nret originate from ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990309)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990309 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989353 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

(Dis)Proving Spectre Security with Speculation-Passing Style

Constant-time CT verification tools are commonly used for detecting potential side-channel vulnerabilities in cryptographic libraries. Recently, a new class of tools, called speculative constant-time SCT tools, has also been used for detecting potential Spectre vulnerabilities. In many cases, the...

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

UBUNTU-CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the risk of a Spectre v1 attack on ipmetricsconvert...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a Spectre v1 attack risk in fibmetricsmatch...

SUSE CVE-2024-46774

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sysrtas Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warn: potential spectre issue 'args.args' r local cap The 'nargs' and 'nret' locals come directly from a...

UBUNTU-CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...

SUSE CVE-2023-52746

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be used as a Spectre v1 gadget. if nlalennla...

DEBIAN-CVE-2024-2193

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

kernel: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()

A vulnerability was found in the Linux kernel's ipmetricsconvert function, where improper handling of user input can potentially leak kernel memory via side channels. This issue is caused by the use of @type, a user-controlled input, which is an array within this function. If a CPU speculatively...

SUSE CVE-2019-15902

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptracegetdebugreg" commit reintroduced the...