189 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-34328
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. AMD CPUs since 2014 have extensio...
K000149745: AMD CPU ROM Vulnerability CVE-2024-56161
Security Advisory Description Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP. Mitigation Mitigation requires to...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56161
CVE-2024-56161 concerns AMD SEV-SNP: Improper signature verification in the AMD CPU ROM microcode patch loader may permit a local administrator to load tampered microcode, compromising confidentiality and integrity of a confidential guest. Affected component: AMD microcode patch loader; root caus...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...
CVE-2024-56721
CVE-2024-56721 affects the Linux kernel x86/CPU/AMD handling of the erratum_1386_microcode array. The issue occurs because the array requires an empty entry at the end; without it, x86_match_cpu_with_stepping() may continue iterating past the end. The fix is to add an empty entry to the end of er...
CVE-2024-56721
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Terminate the erratum1386microcode array The erratum1386microcode array requires an empty entry at the end. Otherwise x86matchcpuwithstepping will continue iterate the array after it ended. Add an empty entry to...
Fedora 40 : linux-firmware (2024-5f9b20882f)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-5f9b20882f advisory. Update to upstream 20241210 Update firmware file for Intel BlazarU core amdgpu: numerous firmware updates upstream amdnpu firmware QCA: Add Bluetooth nvm fil...
Fedora 41 : linux-firmware (2024-516b214c25)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-516b214c25 advisory. Update to upstream 20241210 Update firmware file for Intel BlazarU core amdgpu: numerous firmware updates upstream amdnpu firmware QCA: Add Bluetooth nvm fil...
tuned security update
2.24.0-2.0.1 - Fix RPS/XPS and busy polling optimization not getting applied Orabug: 32153315 - Fix error in uninstalling tuned Orabug: 351528377 - Updated patch with the more recent version Orabug: 30730976 - Set AMD CPU freq governor to ondemand when unapplying cpu tunings Orabug: 30033199 -...
PT-2025-3198
Name of the Vulnerable Software and Affected Versions AMD CPU versions affected versions not specified Description The issue is related to improper signature verification in the AMD CPU ROM microcode patch loader, which may allow an attacker with local administrator privilege to load malicious CP...
CLSA-2024-1729015920 linux-firmware: Fix of CVE-2023-31315
Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10ver:0x0A00107A, cpuid:0x00A10F12ver:0x0A101248, cpuid:0x00AA0F02ver:0x0AA00215, cpuid:0x00A00F12ver:0x0A001238, cpuid:0x00A10F11ver:0x0A101148, cpuid:0x00A00F11ver:0x0A0011D5; - Update AMD CPU microcode for processor family 0x17:...
CLSA-2024-1727288321 linux-firmware: Fix of 2 CVEs
Update AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10ver:0x0A00107A, cpuid:0x00A10F12ver:0x0A101248, cpuid:0x00AA0F02ver:0x0AA00215, cpuid:0x00A00F12ver:0x0A001238, cpuid:0x00A10F11ver:0x0A101148, cpuid:0x00A00F11ver:0x0A0011D5; - Update AMD CPU microcode for processor family 0x17:...
openSUSE: Security Advisory for xen (SUSE-SU-2023:3831-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for xen (SUSE-SU-2023:4476-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for xen (SUSE-SU-2023:4475-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...