92 matches found
xiangshan-bpu-asid-poc
XiangShan Cross-ASID BPU Leak PoC Minimal proof of concept fo...
Astra Linux - уязвимость в linux
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure...
Astra Linux - уязвимость в linux, linux-5.10
The non-transparent sharing of branch predictor selectors between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001510)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001510 advisory. Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001518)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001518 advisory. Non-transparent sharing of branch predictor within a context in some IntelR Processors may allow an authorized user to potentially enable information disclosure via...
USN-7862-3 linux-xilinx-zynqmp vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
USN-7860-5 linux-hwe-6.14 vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
USN-7860-3: Linux kernel (FIPS) vulnerability
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
Astra Linux - уязвимость в pam
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This fla...
EUVD-2022-15223
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-24495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect initialization of resource in the branch prediction unit for some IntelR Core Ultra Processors may allow an authenticated user to potentially enable...
Amazon Linux 2 : pam (ALAS-2025-2959)
The version of pam installed on the remote host is prior to 1.1.8-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2959 advisory. A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to...
microcode_ctl: From CVEorg collector
A flaw was found in the Branch Prediction Unit BPU of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier IBPB protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with loca...
microcode_ctl: From CVEorg collector
A flaw was found in the Branch Prediction Unit BPU of Intel's Lion Core CPUs that make it possible for an attacker to bypass Indirect Branch Predictor Barrier IBPB protections. By employing branch predictor training techniques as described in the "Training Solo" publication, an attacker with loca...
OESA-2025-1528 microcode_ctl security update
This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via...
Branch Predictor Race Conditions (CVE-2024-45332)
Brocade is aware of Branch Privilege Injection: Exploiting Branch Predictor Race Conditions vulnerability CVE-2024-45332. Detail Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some...
DEBIAN-CVE-2025-24495
Incorrect initialization of resource in the branch prediction unit for some IntelR Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access...
Important: kernel
Issue Overview: A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. CVE-2022-23825 Non-transparent sharing of return predictor targets between contexts in some IntelR Processors may...