Lucene search
+L

81 matches found

EUVD
EUVD
added 2026/03/25 12:30 p.m.4 views

EUVD-2026-15329

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

5.7AI score0.00129EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.11 views

CVE-2026-23354

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References6
OSV
OSV
added 2026/03/25 11:16 a.m.6 views

UBUNTU-CVE-2026-23354

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.8 views

CVE-2026-23354

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

5.7AI score0.00129EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.23 views

CVE-2026-23354 x86/fred: Correct speculative safety in fred_extint()

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

0.00129EPSS
Exploits0References4
CVE
CVE
added 2026/03/25 10:27 a.m.25 views

CVE-2026-23354

CVE-2026-23354 concerns the Linux kernel x86/fred speculative safety. The fix removes the index variable and repositions array_index_nospec() so it’s calculated immediately before the array access, addressing the incorrect placement that allowed the result to be spilled to the stack across irqent...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23354 x86/fred: Correct speculative safety in fred_extint()

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/16 6:49 a.m.8 views

CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.1AI score0.00126EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/16 12:27 a.m.9 views

SUSE CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.2AI score0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/02/14 5:15 p.m.11 views

CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS0.00126EPSS
Exploits0References4
OSV
OSV
added 2026/02/14 5:15 p.m.9 views

AZL-77757 CVE-2025-71203 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.6AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2026/02/14 4:27 p.m.20 views

CVE-2025-71203

CVE-2025-71203 concerns the Linux kernel where a user-controlled syscall number could be used to index the syscall table, enabling potential data leakage via cache side channels. The mitigation is to clamp the index with array_index_nospec() after the bounds check to prevent speculative out-of-bo...

7CVSS5.2AI score0.00126EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/14 4:27 p.m.4 views

CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

5.2AI score0.00126EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 exploits in sysrtas. Smatch warns: arch/powerpc/kernel/rtas.c:1932 dosysrtas warning: potential Spectre issue with ‘args args’ r local variable. The ‘nargs’ and ‘nret’ locals originate from a...

7.1CVSS6.5AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988990 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...

5.5CVSS6.1AI score0.00257EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990020 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

5.5CVSS6.3AI score0.00295EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989353 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...

5.5CVSS6.3AI score0.00295EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989930)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989930 advisory. In the Linux kernel, the following vulnerability has been resolved: vtioctl: fix arrayindexnospec in vtsetactivate arrayindexnospec ensures that an out-of-bounds val...

5.5CVSS6AI score0.00306EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)

"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...

5.5CVSS6.3AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986985 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...

5.5CVSS6.1AI score0.00257EPSS
Exploits0References4
Rows per page
Query Builder