PT-2026-43944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the atmel-tdes crypto component where the DMA output dma addr out is synced using dma sync single for...

IOLeak - CPU Side Channel Attacks

AMD ID: AMD-SB-7042 Potential Impact: N/A Severity: N/A Summary Researchers have provided AMD with a summary of relevant remarks and findings detailed in a paper titled “IOLeak Side-Channel Attack Exploiting CPU Frequency Scaling and I/O Latency.” AMD reviewed the summary and believes this attack...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

Collateral Damage Collateral Damage is a kernel exploit for Xb...

Medium: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfssetea in fs/ntfs3/xattr.c. CVE-2022-48502 A side channel vulnerability on some of the AMD CPUs may allow a...

Security Bulletin: IBM DataPower Gateway potentially affected by CPU side-channel (CVE-2022-21166)

Summary IBM has addressed the CVE Vulnerability Details CVEID:CVE-2022-21166 DESCRIPTION: Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by incomplete cleanup in specific special register write operations in the Memory Mapped I/O MMIO component...

CVE-2022-29901 Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

CVE-2020-11201

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P,...

CVE-2020-11201

CVE-2020-11201 targets Qualcomm Snapdragon systems with DSP/Hexagon components. The issue arises from an improper check in a loaded library used for data flowing from the CPU to the DSP, affecting Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, and Mobile families (e.g., QCM6125, QCS410/6...

CVE-2020-11201

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P,...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-3) (Meltdown) (Spectre)

The openSUSE Leap 42.2 kernel was updated to 4.4.104 to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory bnc1068032. - CVE-2017-5753 / 'SpectreAttack': Local attacker...