Lucene search
+L

295 matches found

cve
cve
added 2024/03/15 6:3 p.m.3843 views

CVE-2024-2193

The connected advisories confirm CVE-2024-2193 is a Speculative Race Condition (SRC) vulnerability tied to Spectre V1, allowing an unauthenticated attacker to disclose data via race conditions in speculative execution paths. The affected surface is the Linux kernel, with mitigations/updates relea...

5.7CVSS6.4AI score0.01231EPSS
Exploits0References13
thn
thn
added 2024/03/15 5:46 p.m.85 views

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace CVE-2024-2193, it is a variation of the transient execution CPU vulnerability known as Spectre v1 CVE-2017-5753. The approach combines speculative...

5.7CVSS6.7AI score0.93838EPSS
Exploits9
cert
cert
added 2024/03/14 12:0 a.m.40 views

CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions

Overview A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v1 are likely affected. An unauthenticated attacker can exploit this...

5.7CVSS6.3AI score0.01231EPSS
Exploits0References4
debiancve
debiancve
added 2024/03/04 6:10 p.m.22 views

CVE-2021-47092

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Always clear vmx-fail on emulationrequired Revert a relatively recent change that set vmx-fail if the vCPU is in L2 and emulationrequired is true, as that behavior is completely bogus. Setting vmx-fail and synthesizing ...

5.5CVSS5.2AI score0.00288EPSS
Exploits1
ptsecurity
ptsecurity
added 2024/01/01 12:0 a.m.4 views

PT-2024-41086

Name of the Vulnerable Software and Affected Versions Debian Linux affected versions not specified amd64-microcode affected versions not specified linux affected versions not specified Description The issue concerns a microcode signature verification vulnerability in AMD CPU. It affects packages...

6.4CVSS7.5AI score0.00097EPSS
Exploits0
nessus
nessus
added 2023/12/07 12:0 a.m.50 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:4665-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4665-1 advisory. Update AMD ucode to 20231030 bsc1215831: - CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attack...

9.8CVSS7.3AI score0.01018EPSS
Exploits0References25
debian
debian
added 2023/11/23 3:46 p.m.129 views

[SECURITY] [DSA 5563-1] intel-microcode security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5563-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 23, 2023 https://www.debian.org/security/faq -...

8.8CVSS7AI score0.01728EPSS
Exploits0
nessus
nessus
added 2023/11/21 12:0 a.m.37 views

RHEL 9 : kernel (RHSA-2023:7382)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7382 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: clsfw component can...

7.8CVSS7.2AI score0.05794EPSS
Exploits3References16
thn
thn
added 2023/11/15 7:52 a.m.106 views

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 CVSS score: 8.8, the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local...

8.8CVSS8AI score0.01728EPSS
Exploits0
redhatcve
redhatcve
added 2023/11/15 12:28 a.m.64 views

CVE-2023-20592

A flaw was found in some of AMD CPU's due to improper or unexpected behavior of the INVD. This issue may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU, potentially leading to a loss of guest virtual machine VM memory integrity. Mitigation...

5.3CVSS6.2AI score0.01018EPSS
Exploits0References4
osv
osv
added 2023/09/29 1:14 p.m.15 views

SUSE-SU-2023:3903-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.1AI score0.12405EPSS
Exploits1References7
osv
osv
added 2023/09/29 1:10 p.m.17 views

SUSE-SU-2023:3902-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-20593: Fixed AMD Zenbleed...

7.8CVSS7.2AI score0.12405EPSS
Exploits2References9
nessus
nessus
added 2023/09/14 12:0 a.m.38 views

AlmaLinux 9 : kernel-rt (ALSA-2023:5091)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5091 advisory. - A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options...

7.8CVSS7.4AI score0.05794EPSS
Exploits5References11
nessus
nessus
added 2023/09/07 12:0 a.m.21 views

Oracle Linux 5 : ELSA-2018-1196-1: / kernel (ELSA-2018-11961)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-11961 advisory. - Backport CVE-2017-5715 to RHCK/OL5 orabug 27787723 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References2
amazon
amazon
added 2023/09/07 12:0 a.m.32 views

Medium: php71-pecl-imagick

Issue Overview: ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. CVE-2017-1000476 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability th...

9.8CVSS9.6AI score0.05916EPSS
Exploits52
osv
osv
added 2023/08/23 3:22 p.m.10 views

SUSE-SU-2023:3389-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. bsc1213287...

4.7CVSS6.4AI score0.0616EPSS
Exploits1References3
nessus
nessus
added 2023/08/19 12:0 a.m.32 views

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2023:3361-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3361-1 advisory. - CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. bsc1213287 Tenable has extracted the...

4.7CVSS6.7AI score0.0616EPSS
Exploits1References4
osv
osv
added 2023/08/18 12:53 p.m.8 views

SUSE-SU-2023:3362-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. bsc1213287...

4.7CVSS6.4AI score0.0616EPSS
Exploits1References3
osv
osv
added 2023/08/18 12:52 p.m.10 views

SUSE-SU-2023:3361-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. bsc1213287...

4.7CVSS6.4AI score0.0616EPSS
Exploits1References3
osv
osv
added 2023/08/18 12:49 p.m.5 views

SUSE-SU-2023:3360-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. bsc1213287...

4.7CVSS6.4AI score0.0616EPSS
Exploits1References3
Rows per page
Query Builder