25 matches found
UBUNTU-CVE-2025-38518
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disable INVLPGB on Zen2 AMD Cyan Skillfish Family 17h, Model 47h, Stepping 0h has an issue that causes system oopses and panics when performing TLB flush using INVLPGB. However, the problem is that that machine has...
ROS-20240904-09
A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...
[slackware-security] kernel-firmware
New kernel-firmware packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/kernel-firmware-2023072459fbffa-noarch-1.txz: Upgraded. AMD microcode updated to fix a use-after-free in AMD Zen2...
x86/AMD: Zenbleed
ISSUE DESCRIPTION Researchers at Google have discovered Zenbleed, a hardware bug causing corruption of the vector registers. When a VZEROUPPER instruction is discarded as part of a bad transient execution path, its effect on internal tracking are not unwound correctly. This manifests as the wrong...
x86: Cross-Thread Return Address Predictions
ISSUE DESCRIPTION It has been discovered that on some AMD CPUs, the RAS Return Address Stack, also called RAP - Return Address Predictor - in some AMD documentation, and RSB - Return Stack Buffer - in Intel terminology is dynamically partitioned between non-idle threads. This allows an attacker t...