14 matches found
Astra Linux – Vulnerability in Linux
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure...
Astra Linux – Vulnerability in Linux
In kernel/bpf/verifier.c in the Linux kernel before version 5.12.13, a branch prediction can be mispredicted e.g., due to type confusion, allowing a non-privileged BPF program to access arbitrary memory locations through a side-channel attack, known as CID-9183671af6db...
EUVD-2022-43798
Malicious code in bioql PyPI...
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction...
Vulnerability of microprogramming software for Intel, AMD, ARM, and IBM processors: This vulnerability arises due to the creation of racing states in a speculative mode, which can lead to access to already freed memory areas. If the processor mispredicts the branching in the code, it allows a hacker to gain access to protected memory.
The vulnerability of microprogramming software for processors from Intel, AMD, ARM, and IBM arises from the existence of speculative execution states that can lead to access to already freed memory areas, if the processor mispredicts branch instructions in the code. Exploiting this vulnerability...
CVE-2022-40523
Information disclosure in Kernel due to indirect branch misprediction...
CVE-2022-40523
CVE-2022-40523 describes information disclosure in the Kernel caused by indirect branch misprediction. The connected records corroborate a kernel‑level information leakage issue; Red Hat and NVD entries simply state the kernel disclosure, with no vendor/version specifics provided in these documen...
hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions
A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...
PT-2021-7855 · Google · Android
Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: The issue is related to information disclosure in the Kernel due to indirect branch misprediction. This vulnerability is associated with insufficient protection of service data during...
SUSE SLED15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2021:2352-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2352-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: ...
SUSE SLES12: kernel-azure / kernel-azure-base / kernel-azure-devel / etc (SUSE-SU-2021:2321-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2321-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixe...
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13 a branch can be mispredicted (e.g. because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack aka CID-9183671af6db.
...
CVE-2021-33624
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db...
PT-2021-3381
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.13 Description The issue is related to a branch misprediction in the Linux kernel's eBPF subsystem, which can be exploited via a side-channel attack, allowing an unprivileged BPF program to read arbitrary...