Lucene search
K

2277 matches found

OSV
OSV
added 2 days ago4 views

USN-8488-2 linux-raspi vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits7References237
OSV
OSV
added 3 days ago3 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits7References237
Ubuntu
Ubuntu
added 3 days ago5 views

USN-8488-1: Linux kernel vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS5.9AI score0.00675EPSS
Exploits7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, amd64-microcode

A side channel vulnerability in some AMD CPUs may allow an attacker to influence the prediction of the return address. This could result in speculative execution at an address controlled by the attacker, potentially leading to the disclosure of information...

4.7CVSS6.8AI score0.0616EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

There is a vulnerability in the Linux Kernel within the KVM framework: nVMX, which allows for speculative execution attacks. L2 can execute Spectre v2 attacks on L1, as L1 believes it does not need retpolines or IBPB after executing L2, due to KVM L0 indicating support for eIBRS to L1. An attacke...

8.8CVSS7.2AI score0.00285EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw in the boot CPU could be exploited by attacks targeting speculative execution behavior. This flaw is related to the power management options in the Linux kernel’s X86 CPU. It was discovered in the way users resume the CPU from suspend-to-RAM. A local user could utilize this flaw to...

5.5CVSS6.8AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7.5AI score0.03796EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

Intel’s microprocessor generations 6 to 8 are affected by a new Spectre variant that can bypass the retpoline mitigation mechanism in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to execute arbitrary speculative code under certain...

6.5CVSS7.2AI score0.04947EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369...

7.1CVSS5.4AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use arrayindexnospec with indices that come from the guest. min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks helps to mitigate speculative execution side-channels...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.15

When SMT is enabled, certain AMD processors may speculateively execute instructions using a target from the sibling thread after a SMT mode switch, which may potentially lead to information disclosure...

4.7CVSS6.1AI score0.00289EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.21 views

Astra Linux – Vulnerability in Xen

Potential speculative code storage bypasses exist in all supported CPU products. Combined with software vulnerabilities related to speculative execution of overwritten instructions, this could lead to incorrect speculation and potentially cause data leakage...

5.5CVSS5.9AI score0.00328EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/13 2:56 p.m.15 views

SUSE CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure...

5.6CVSS7.2AI score0.0616EPSS
Exploits1References53
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.13 views

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017633 advisory. Load value injection in some IntelR Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a sid...

5.6CVSS6.7AI score0.0104EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.9 views

Janus: Compiler-Based Defense against Transient Execution Attacks Using ARM Hardware Primitives

We present Janus, a compiler-based security framework that mitigates transient execution attacks like Spectre and control-flow hijacking on ARM64 platforms. Janus integrates speculative execution and control flow dependencies with PA modifiers, using PA and BTI microarchitectural features to...

6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.12 views

SUSE CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/01 11:43 p.m.7 views

CVE-2026-31781

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically in the drm/ioc32 component. This vulnerability, related to speculative execution a technique used by modern processors to guess future instructions, allows a local attacker to potentially disclose sensitiv...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.27 views

CVE-2026-31781 drm/ioc32: stop speculation on the drm_compat_ioctl path

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:15 p.m.8 views

EUVD-2026-26594

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.8AI score0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:15 p.m.8 views

CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder