493 matches found
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The publ...
USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...
CVE-2026-46174 x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50275)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50275 advisory. - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39368252 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...
Astra Linux – Vulnerability in Linux, Linux 5.10
LFENCE/JMP mitigation V2-2 may not be sufficient in mitigating CVE-2017-5715 on some AMD CPUs...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A division-by-zero error on some AMD processors may potentially return speculative data, resulting in a loss of confidentiality...
Astra Linux – Vulnerability in Linux 5.10
A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...
Astra Linux – Vulnerability in Linux, Linux 5.15
When SMT is enabled, certain AMD processors may speculateively execute instructions using a target from the sibling thread after a SMT mode switch, which may potentially lead to information disclosure...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: Avoid scanning potential huge holes. When using devmrequestfreememregion and devmmemremappages to add ZONEDEVICE memory, if the end PFN of the requested free memory region is huge e.g., 0x400000000, the nodeendpfn wi...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from unsafe default configuration states of DDR5 memory modules. These vulnerabilities could allow attackers with local user privileges to...
Security update for xen
This update for xen fixes the following issues: Update to Xen 4.20.3 bug fix release bsc1027519 jscPED-8907. CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v...
Security update for xen
This update for xen fixes the following issues: CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...
Security update for xen
This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...
Security update for xen
This update for xen fixes the following issues: CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant table v2 race in status page mapping bsc1262180. Special Instruction...
SUSE-SU-2026:1645-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-54505: floating point divider state sampling on AMD CPUs AMD-SN-7053 bsc1262428. - CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. - CVE-2026-23558: grant table v2 race in status page mapping bsc1262180...
CVE-2025-54505
A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality...
CVE-2025-54505
CVE-2025-54505 corresponds to an AMD FP-DSS vulnerability in the Floating Point Divider (FPU) path. The advisory and related sources describe a transient execution issue in AMD CPUs whereby a local, user-privileged attacker may leak data through the floating point divider unit, with confidentiali...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013420)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013420 advisory. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially...
USN-8126-1: Linux kernel (Azure) vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-1582)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the...