EUVD-2024-48213

Malicious code in bioql PyPI...

EUVD-2023-32527

Malicious code in bioql PyPI...

CVE-2023-28907

There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3...

CVE-2023-28907 A lack of access restrictions on internal memory regions

There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3...

CVE-2023-28907 A lack of access restrictions on internal memory regions

There is no memory isolation between CPU cores of the MIB3 infotainment. This fact allows an attacker with access to the main operating system to compromise the CPU core responsible for CAN message processing. The vulnerability was originally discovered in Skoda Superb III car with MIB3...

gnome-keyring bug fix update

An update is available for gnome-keyring. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-keyring packages contain a daemon which manages passwords and...

ROS-20240904-09

A firmware vulnerability in AMD processors based on the Zen2 microarchitecture is related to the memory usage after memory has been freed. Exploitation of the vulnerability could allow an attacker to track register contents while other processes are executing on the same CPU core...

CVE-2024-43872

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...

CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup under heavy CEQE load CEQEs are handled in interrupt handler currently. This may cause the CPU core staying in interrupt context too long and lead to soft lockup under heavy load. Handle CEQEs in BH...

CVE-2023-52619 pstore/ram: Fix crash when setting number of cpus to an odd number

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will become: addr of zone0 =...

CVE-2023-36810

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of t...

K80159635: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130

Security Advisory Description Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12130 Impact MDS...

CVE-2021-26339

A bug in AMD CPU’s core logic may allow for an attacker, using specific code from an unprivileged VM, to trigger a CPU core hang resulting in a potential denial of service. AMD believes the specific code includes a specific x86 instruction sequence that would not be generated by compilers...

hw: Special Register Buffer Data Sampling (SRBDS)

A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2503)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. bsc1135966 -...

USN-4182-2: Intel Microcode update

USN-4182-2 provided updates for Intel Microcode. This update provides the corresponding update for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss...

USN-3977-2: Intel Microcode update (AKA ZombieLoad Attack) | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description USN-3977-1 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the...

USN-3985-2 libvirt update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

USN-3984-1: Linux kernel vulnerabilities

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...