SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2195-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2195-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

Astra Linux - уязвимость в xen

Potential speculative code storage bypasses exist in all supported CPU products. Combined with software vulnerabilities related to speculative execution of overwritten instructions, this could lead to incorrect speculation and potentially cause data leakage...

EUVD-2021-13119

Malware in sbrugna...

EUVD-2016-3284

Malware in sbrugna...

EUVD-2021-13120

Malware in sbrugna...

EUVD-2023-38409

Malicious code in bioql PyPI...

SUSE-SU-2025:02290-1 Security update for xen

This update for xen fixes the following issues: - CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection ITS XSA-469 bsc1243117 - CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device pass-through XSA-467 bsc1238043...

Oracle Linux 9 : microcode_ctl (ELSA-2025-7043)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-7043 advisory. - Update Intel CPU microcode to microcode-20250211 release, addresses CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047, CVE-2024-28127,...

SUSE-SU-2025:1567-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: Intel CPU Microcode was updated to the 20250512 release bsc1243123 - CVE-2024-28956: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel Processors may allow an authenticated...

Alibaba Cloud Linux 3 : 0092: linux-firmware (ALINUX3-SA-2024:0092)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0092 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-46329: Protection mechanism failu...

Intel® Core™ Ultra Processor Firmware Advisory

Summary: Potential security vulnerabilities for some Intel® Core™ Ultra processors may allow information disclosure. Intel is releasing microcode updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-24495 Description: Incorrect initialization of resource in...

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

SUSE-SU-2024:1814-1 Security Beta update for SUSE Manager Client Tools and Salt

This update fixes the following issues: golang-github-prometheus-nodeexporter: - Add deviceerror label for filesystem metrics. - Update rtnetlink library to fix errors during ARP metrics collection. - update to 1.7.0 jscPED-7893, jscPED-7928: FEATURE Add ZFS freebsd per dataset stats 2753 FEATURE...

SUSE-SU-2023:4475-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...

Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6445-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6445-2 advisory. It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker...

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power CVE-2023-20583, Downfall CVE-2022-40982, and Inception CVE-2023-20569, the novel methods follow the disclosure of another newly...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3171-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3171-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. Th...

K000134782: Intel Virtual RAID on CPU vulnerabilities CVE-2022-29919, CVE-2022-30338, CVE-2022-29508, CVE-2022-25976

Security Advisory Description CVE-2022-29919 Use after free in the IntelR VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2022-30338 Incorrect default permissions in the IntelR VROC software before version...

A week in security (March 6 - 12)

Last week on Malwarebytes Labs: 8 cybersecurity tips to keep you safe when travelling National Cybersecurity Strategy Document: What you need to know Intel CPU vulnerabilities fixed. But should you update? Warning issued over Royal ransomware Play ransomware gang leaks City of Oakland data...

K52370164: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126

Security Advisory Description Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.CVE-2018-12126 Impact MDS...