189 matches found
RHEL 7 : linux-firmware (RHSA-2024:0979)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0979 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fixes: hw: amd: INVD...
Update of microcode_ctl
Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10...
Important: Red Hat Bug Fix Advisory: linux-firmware bug fix and enhancement update
An update for linux-firmware is now available for Red Hat Enterprise Linux 8. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Bug Fixes and Enhancements: Update linux-firmware to include latest AMD cpu microcode rhel-8.9.0.z...
Design/Logic Flaw
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensions to normal x86 debugging functionality. Xen supports guests using these extensions. Unfortunately there are errors in Xen's handling of...
PT-2024-41086
Name of the Vulnerable Software and Affected Versions Debian Linux affected versions not specified amd64-microcode affected versions not specified linux affected versions not specified Description The issue concerns a microcode signature verification vulnerability in AMD CPU. It affects packages...
SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4654-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4654-1 advisory. Update AMD ucode to 20231030 bsc1215831: - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attack...
SUSE CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...
SUSE-SU-2023:4476-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...
SUSE-SU-2023:4475-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...
CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...
CVE-2023-20592
CVE-2023-20592 covers AMD CPUs where improper behavior of the INVD instruction could let a malicious hypervisor affect cache line write-back and potentially compromise guest VM memory integrity. Public documents in the connected set describe the issue across multiple IBM Power HMC/LINUX-firmware ...
CVE-2023-20592
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine VM memory integrity...
Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-2 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...
Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been discovered that affect Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to: i Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326 ii Compromise the host when a specific administrative acti...
SUSE: Security Advisory (SUSE-SU-2023:3894-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:3903-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...
SUSE-SU-2023:3902-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...
SUSE-SU-2023:3895-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...
SUSE-SU-2023:3894-1 Security update for xen
This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...
CLSA-2023-1695901043 Fix of 5 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide archcpufinalizeinit - x86/cpu: Switch to archcpufinalizeinit - init: Remo...