Lucene search
+L

60 matches found

osv
osv
added 2022/08/06 3:43 p.m.12 views

MGASA-2022-0279 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.58 and fixes at least the following security issues: Kernel lockdown bypass when UEFI secure boot is disabled / unavailable and IMA appraisal is enabled CVE-2022-21505. Aliases in the branch predictor may cause some AMD processors to predict the...

7.8CVSS7.3AI score0.04831EPSS
Exploits1References7
nessus
nessus
added 2022/07/30 12:0 a.m.51 views

SUSE SLES15 Security Update : xen (SUSE-SU-2022:2591-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2591-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable...

8.8CVSS7.5AI score0.06451EPSS
Exploits3References25
nessus
nessus
added 2022/07/30 12:0 a.m.163 views

SUSE SLES15 Security Update : xen (SUSE-SU-2022:2600-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2600-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable...

8.8CVSS7.5AI score0.06451EPSS
Exploits3References24
openvas
openvas
added 2022/07/28 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2022:2574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8AI score0.06451EPSS
Exploits3References8
nessus
nessus
added 2022/07/28 12:0 a.m.40 views

SUSE SLES12 Security Update : xen (SUSE-SU-2022:2557-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2557-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable...

8.8CVSS7.4AI score0.06451EPSS
Exploits0References16
nessus
nessus
added 2022/07/28 12:0 a.m.45 views

SUSE SLES12 Security Update : xen (SUSE-SU-2022:2569-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2569-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information...

8.8CVSS7.5AI score0.06451EPSS
Exploits3References24
nessus
nessus
added 2022/07/27 12:0 a.m.54 views

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2549-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2549-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in...

8.2CVSS8AI score0.05496EPSS
Exploits13References83
nessus
nessus
added 2022/07/16 12:0 a.m.240 views

Debian DSA-5184-1 : xen - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5184 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via loca...

7.2CVSS8AI score0.06451EPSS
Exploits3References19
nvd
nvd
added 2022/07/12 7:15 p.m.23 views

CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

6.5CVSS0.04831EPSS
Exploits0References14
osv
osv
added 2022/07/12 7:15 p.m.5 views

ALPINE-CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.8AI score0.03764EPSS
Exploits0References1
osv
osv
added 2022/07/12 7:15 p.m.1 views

DEBIAN-CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.3AI score0.03764EPSS
Exploits0References1
prion
prion
added 2022/07/12 7:15 p.m.37 views

Design/Logic Flaw

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

2.1CVSS7.4AI score0.03764EPSS
Exploits0References6Affected Software2
osv
osv
added 2022/07/12 4:0 p.m.6 views

UBUNTU-CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.4AI score0.03764EPSS
Exploits0References18
cve
cve
added 2022/07/12 3:50 p.m.393 views

CVE-2022-29900

CVE-2022-29900 describes mis-trained branch predictions for return instructions that may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. Connected advisories confirm this affects Linux-kernel components (e.g., linux-5.10 in Astra Linux; multiple Am...

6.5CVSS7.3AI score0.03764EPSS
Exploits0References6Affected Software3
vulnrichment
vulnrichment
added 2022/07/12 3:50 p.m.18 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

7.8AI score0.03764EPSS
Exploits0References6
debiancve
debiancve
added 2022/07/12 3:50 p.m.94 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.7AI score0.03764EPSS
Exploits0
amd
amd
added 2022/07/12 12:0 a.m.186 views

AMD CPU Branch Type Confusion

Bulletin ID: AMD-SB-1037 Potential Impact: Information disclosure, arbitrary speculative code execution Severity: Medium Summary This security bulletin addresses two issues related to CVE-2017-5715 previously known as Spectre Variant 2. As part of our efforts to continue improving security...

6.5CVSS7.6AI score0.74041EPSS
Exploits9
debiancve
debiancve
added 2022/07/12 12:0 a.m.59 views

CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

6.5CVSS7.2AI score0.04831EPSS
Exploits0
cvelist
cvelist
added 2022/07/12 12:0 a.m.35 views

CVE-2022-29901 Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

5.6CVSS7.5AI score0.04831EPSS
Exploits0References14
ubuntucve
ubuntucve
added 2022/07/12 12:0 a.m.54 views

CVE-2022-29900

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.3AI score0.03764EPSS
Exploits0References17
Rows per page
Query Builder