3971 matches found
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:2382-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2382-1 advisory. - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka d...
Fedora 36 : kernel (2022-c69ef9c1dd)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c69ef9c1dd advisory. The 5.18.11 stable kernel update contains a number of important fixes across the tree. In addition to the 5.18.11 stable patches, this build contain...
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:2376-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2376-1 advisory. - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage...
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2377-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2377-1 advisory. - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection...
DEBIAN-CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
Design/Logic Flaw
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
UBUNTU-CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-30938
A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...
CVE-2022-29901 Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...
CVE-2022-29901
CVE-2022-29901 : Intel microprocessor generations 6–8 are affected by a Spectre variant that can bypass the kernel retpoline mitigation to leak arbitrary data. An unprivileged local attacker can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitec...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-9590)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9590 advisory. - floppy: use a statically allocated error counter Willy Tarreau Orabug: 34218638 CVE-2022-1652 - x86: Disable RET on kexec Konrad Rzeszutek Wilk...
AMD CPU Branch Type Confusion
Bulletin ID: AMD-SB-1037 Potential Impact: Information disclosure, arbitrary speculative code execution Severity: Medium Summary This security bulletin addresses two issues related to CVE-2017-5715 previously known as Spectre Variant 2. As part of our efforts to continue improving security...
CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
DEBIAN-CVE-2022-30591
quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the...
Design/Logic Flaw
DISPUTED quic-go through 0.27.0 allows remote attackers to cause a denial of service CPU consumption via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtudiscoverer.go misparses the MTU Discovery service and consequently overflows the probe timer...