18 matches found
EUVD-2023-59724
Malicious code in bioql PyPI...
EUVD-2023-59723
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CVE-2023-52997
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
CVE-2023-52996 ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CVE-2023-52996 ipv4: prevent potential spectre v1 gadget in fib_metrics_match()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CLSA-2023-1695901043 Fix of 5 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide archcpufinalizeinit - x86/cpu: Switch to archcpufinalizeinit - init: Remo...
PT-2025-13343 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential spectre v1 gadget in the ip metrics convert function has been resolved. The issue arises from the use of the type variable as an array index, which could lead to cpu...
Multiple speculative security issues
ISSUE DESCRIPTION Note: Multiple issues are contained in this XSA due to their interactions. 1 Researchers at VU Amsterdam have discovered Spectre-BHB, pertaining to the use of Branch History between privilege levels. ARM have assigned CVE-2022-23960. Intel have assigned CVE-2022-0001 Branch...
openSUSE Security Update : xen (openSUSE-2020-599)
This update for xen fixes the following issues : Security issues fixed : - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...
SUSE-SU-2020:1124-1 Security update for xen
This update for xen fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...
arm: a CPU may speculate past the ERET instruction
ISSUE DESCRIPTION Some CPUs can speculate past an ERET instruction and potentially perform speculative accesses to memory before processing the exception return. Since the register state is often controlled by lower privilege level i.e guest kernel/userspace at the point of the ERET, this could...
kernel security and bug fix update
3.10.0-1062.7.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.7.1 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056)
The remote OracleVM system is missing necessary patches to address critical security updates : - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond...
Unbreakable Enterprise kernel security update
4.1.12-124.33.4 - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond Myklebust Orabug: 30165838 - SUNRPC: Handle ENETDOWN errors Trond Myklebust Orabug:...