Lucene search
+L

189 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.42 views

RHEL 7 : linux-firmware (RHSA-2024:0979)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0979 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: amd: INVD...

6.5CVSS6.9AI score0.01018EPSS
Exploits0References5
CloudLinux
CloudLinux
added 2024/02/15 8:15 p.m.15 views

Update of microcode_ctl

Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2024/01/10 10:50 a.m.9 views

Important: Red Hat Bug Fix Advisory: linux-firmware bug fix and enhancement update

An update for linux-firmware is now available for Red Hat Enterprise Linux 8. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Bug Fixes and Enhancements: Update linux-firmware to include latest AMD cpu microcode rhel-8.9.0.z...

8.2CVSS6.5AI score0.0061EPSS
Exploits0
Prion
Prion
added 2024/01/05 5:15 p.m.33 views

Design/Logic Flaw

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...

1.7CVSS5.5AI score0.02501EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.4 views

PT-2024-41086

Name of the Vulnerable Software and Affected Versions Debian Linux affected versions not specified amd64-microcode affected versions not specified linux affected versions not specified Description The issue concerns a microcode signature verification vulnerability in AMD CPU. It affects packages...

6.4CVSS7.5AI score0.00097EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/07 12:0 a.m.42 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4654-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4654-1 advisory. Update AMD ucode to 20231030 bsc1215831: - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attack...

9.8CVSS7.5AI score0.01018EPSS
Exploits0References25
SUSE CVE
SUSE CVE
added 2023/12/01 2:20 a.m.4 views

SUSE CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

5.3CVSS6AI score0.01018EPSS
Exploits0References9
OSV
OSV
added 2023/11/17 7:5 a.m.8 views

SUSE-SU-2023:4476-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...

7.8CVSS6.7AI score0.12405EPSS
Exploits0References17
OSV
OSV
added 2023/11/17 7:5 a.m.7 views

SUSE-SU-2023:4475-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...

7.8CVSS6.7AI score0.12405EPSS
Exploits0References17
OSV
OSV
added 2023/11/14 7:15 p.m.9 views

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

6.5CVSS7AI score
Exploits0References1
CVE
CVE
added 2023/11/14 6:54 p.m.196 views

CVE-2023-20592

CVE-2023-20592 covers AMD CPUs where improper behavior of the INVD instruction could let a malicious hypervisor affect cache line write-back and potentially compromise guest VM memory integrity. Public documents in the connected set describe the issue across multiple IBM Power HMC/LINUX-firmware ...

6.5CVSS6.5AI score0.01018EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2023/11/14 6:54 p.m.35 views

CVE-2023-20592

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...

6.5CVSS6.6AI score0.01018EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/24 12:0 a.m.37 views

Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-2 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

9.1CVSS8.2AI score0.54577EPSS
Exploits11References24
Citrix
Citrix
added 2023/10/10 2:57 p.m.60 views

Citrix Hypervisor Multiple Security Updates

Description of Problem Several issues have been discovered that affect Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to: i Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326 ii Compromise the host when a specific administrative acti...

7.8CVSS6.8AI score0.12405EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/02 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:3894-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.12405EPSS
Exploits2References7
OSV
OSV
added 2023/09/29 1:14 p.m.15 views

SUSE-SU-2023:3903-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.1AI score0.12405EPSS
Exploits1References7
OSV
OSV
added 2023/09/29 1:10 p.m.17 views

SUSE-SU-2023:3902-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.2AI score0.12405EPSS
Exploits2References9
OSV
OSV
added 2023/09/29 8:59 a.m.21 views

SUSE-SU-2023:3895-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.2AI score0.12405EPSS
Exploits2References9
OSV
OSV
added 2023/09/29 8:36 a.m.12 views

SUSE-SU-2023:3894-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.2AI score0.12405EPSS
Exploits2References9
OSV
OSV
added 2023/09/28 11:37 a.m.11 views

CLSA-2023-1695901043 Fix of 5 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide archcpufinalizeinit - x86/cpu: Switch to archcpufinalizeinit - init: Remo...

7.8CVSS7AI score0.12405EPSS
Exploits3References1
Rows per page
Query Builder