Astra Linux - уязвимость в linux-5.10, linux

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR in the function speculationctrlupdate, but the IBPB is only issued at the next schedul...

Astra Linux - уязвимость в linux-5.10, linux-5.15

The Linux kernel allows user-space processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL, which disables the speculation feature, as well as through the use of seccomp. We noticed that on virtual machines of at least one major cloud provider, the kernel still left the victim...

EUVD-2026-9392

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

ALPINE-CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

UBUNTU-CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553 x86: incomplete IBPB for vCPU isolation

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

EUVD-2026-4882

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

CVE-2026-23553

CVE-2026-23553 is an issue in the Xen hypervisor: during context switches, Xen may skip IBPB when a vCPU returns to the same physical CPU, potentially allowing stale BTB/GPU state to persist across tasks and undermine guest kernel isolation. The advisory chain shows the vulnerability is tied to i...

Xen security vulnerabilities

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has security vulnerabilities; these...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004365 advisory. The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by usi...

MiracleLinux 7 : linux-firmware-20170606-57.gitc990aae.el7 (AXSA:2018-2499:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2499:01 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

CVE-2023-53634

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...

UBUNTU-CVE-2023-53634

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...

CVE-2023-53634

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...

CVE-2023-53634 bpf, arm64: Fixed a BTI error on returning to patched function

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...

EUVD-2025-32805

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...