CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR in the function speculationctrlupdate, but the IBPB is only issued at the next schedul...

7.5CVSS6.8AI score0.00277EPSS

Exploits3References2

EUVD•added 2026/03/04 12:30 p.m.•2 views

EUVD-2026-9392

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

6.4CVSS5.9AI score0.00033EPSS

Exploits0References10

OSV•added 2026/01/28 4:16 p.m.•1 views

CVE-2026-23553

2.9CVSS5.8AI score

Exploits0References3

OSV•added 2026/01/28 4:16 p.m.•2 views

ALPINE-CVE-2026-23553

2.9CVSS5.9AI score0.00033EPSS

Exploits0References1

NVD•added 2026/01/28 4:16 p.m.•2 views

CVE-2026-23553

2.9CVSS0.00033EPSS

Exploits0References3

OSV•added 2026/01/28 4:16 p.m.•0 views

UBUNTU-CVE-2026-23553

2.9CVSS5.8AI score0.00033EPSS

Exploits0References3

CVE•added 2026/01/28 3:33 p.m.•10 views

CVE-2026-23553

CVE-2026-23553 is an issue in the Xen hypervisor: during context switches, Xen may skip IBPB when a vCPU returns to the same physical CPU, potentially allowing stale BTB/GPU state to persist across tasks and undermine guest kernel isolation. The advisory chain shows the vulnerability is tied to i...

2.9CVSS5.9AI score0.00033EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/01/28 3:33 p.m.•2 views

CVE-2026-23553

2.9CVSS5.9AI score0.00033EPSS

Exploits0References2

Vulnrichment•added 2026/01/28 3:33 p.m.•3 views

CVE-2026-23553 x86: incomplete IBPB for vCPU isolation

5.9AI score0.00033EPSS

Exploits0References1

EUVD•added 2026/01/28 3:33 p.m.•3 views

EUVD-2026-4882

2.9CVSS5.9AI score0.00033EPSS

Exploits0References1

CNNVD•added 2026/01/28 12:0 a.m.•3 views

Xen security vulnerabilities

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has security vulnerabilities; these...

2.9CVSS5.9AI score0.00033EPSS

Exploits0References5

RedHat Linux•added 2025/11/11 8:21 a.m.•5 views

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

5.7CVSS6AI score0.00249EPSS

Exploits0References6

RedHat Linux•added 2025/08/18 3:1 p.m.•4 views

microcode_ctl: From CVEorg collector

5.7CVSS6.9AI score0.00249EPSS

Exploits0References6

RedHat Linux•added 2025/07/01 7:48 p.m.•5 views

microcode_ctl: From CVEorg collector

5.7CVSS6.9AI score0.00249EPSS

Exploits0References6

RedHat Linux•added 2025/07/01 6:51 p.m.•3 views

microcode_ctl: From CVEorg collector