Lucene search
K

58 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dmasetdecrypted failure In TDX, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the return of decrypted/membered pages. Callers...

7.1CVSS6.1AI score0.00215EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

An improperly implemented security check for standard in the DDRIO configuration for some IntelR XeonR 6 processors, when using IntelR SGX or IntelR TDX, may allow a privileged user to potentially enable privilege escalation through local access...

7.2CVSS5.4AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Intel Microcode

A protection mechanism failure in some third- and fourth-generation IntelR XeonR processors, when using IntelR SGX or IntelR TDX, may allow a privileged user to potentially enable privilege escalation through local access...

6.1CVSS6.5AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/24 2:35 p.m.40 views

CVE-2026-31561 x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86CR4FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so that whenever something else modifies CR4, that bit remains set. Which in itself is a perfectly fine...

0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 6:19 p.m.6 views

CVE-2026-31470

A flaw was found in the Linux kernel's TDX guest virtualization component. A malicious host can manipulate the 'quote' buffer length, allowing it to specify a response length larger than the guest's allocated memory. This can lead to information disclosure, where sensitive data beyond the intende...

7.1CVSS5.9AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.6 views

CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

5.6CVSS5.3AI score0.00098EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 5:16 p.m.9 views

CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

5.6CVSS0.00115EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 4:25 p.m.17 views

CVE-2025-27572

CVE-2025-27572 is an information-disclosure vulnerability in some Intel® Trust Domain Extensions (TDX) modules. A privileged, highly capable attacker with local access could trigger data exposure during transient execution in Ring 0 of the hypervisor. The impact is confined to confidentiality (hi...

5.6CVSS5.5AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/10 4:25 p.m.23 views

CVE-2025-27572

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...

5.6CVSS0.00105EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7296

Name of the Vulnerable Software and Affected Versions TDX Module versions prior to tdx1.5 Description An out-of-bounds read issue exists within the hypervisor in some TDX Module versions prior to tdx1.5 when operating in Ring 0. A software side channel adversary with a privileged user, combined...

5.6CVSS5.3AI score0.00098EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7298

Name of the Vulnerable Software and Affected Versions versions prior to 2025-30513 Description A race condition exists within a TDX Module operating in Ring 0, potentially allowing an escalation of privilege. A system software adversary with privileged user access and a low complexity attack may...

8.3CVSS5.2AI score0.00122EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53024

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the Advanced Programmable Interrupt Controller APIC. The APIC supports legacy APIC xAPIC and Extended APIC x2APIC modes. A new feature allows...

6.2AI score0.00203EPSS
Exploits0References16
OSV
OSV
added 2025/11/12 10:15 p.m.1 views

DEBIAN-CVE-2025-40181

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...

5.3AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/12 9:56 p.m.5 views

CVE-2025-40181 x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...

0.00172EPSS
Exploits0References3
OSV
OSV
added 2025/11/12 9:56 p.m.9 views

CVE-2025-40181 x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the legacy PCI hole, i.e. memory between Top of Lower Usable DRAM and 4GiB, to be mapped as UC via a forc...

6.4AI score0.00172EPSS
Exploits0References6
EUVD
EUVD
added 2025/11/11 5:59 p.m.4 views

EUVD-2025-93411

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally...

7.8CVSS5.3AI score0.00378EPSS
Exploits0References2
OSV
OSV
added 2025/11/10 8:11 p.m.7 views

USN-7866-1 intel-microcode vulnerabilities

Barak Gross discovered that some Intel® Xeon® processors with SGX enabled did not properly handle buffer restrictions. A local authenticated user could potentially use this issue to escalate their privileges. CVE-2025-20053 Avinash Maddy discovered that some Intel® processors did not properly...

7.9CVSS6AI score0.00169EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24430

Malicious code in bioql PyPI...

3.3CVSS6.6AI score0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-24424

Malicious code in bioql PyPI...

1.9CVSS6.6AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54872

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00121EPSS
Exploits0References1
Rows per page
Query Builder