9 matches found
CVE-2026-0427
CVE-2026-0427 is tied to AMD GPU firmware: improper cleanup of shared register resources could allow an admin-privileged attacker in one Guest VM to access shared resources from another Guest VM. The vulnerability targets the GPU firmware’s handling of shared register space, enabling potential lo...
CVE-2026-0427
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...
EUVD-2025-24615
Malicious code in bioql PyPI...
SUSE CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
gnutls: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery
A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of "Just in Time" Prime+probe and Lucky-13 attacks to recover plain text in a cross-VM attack scenario...
DEBIAN-CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
UBUNTU-CVE-2018-10846
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...
The vulnerability of the Kernel Samepage Merging (KSM) component in the Linux operating system allows a hacker to influence the confidentiality of information.
The vulnerability of the Linux operating system’s Kernel Samepage Merging KSM component is related to the lack of protection for service data when the ASLR mechanism is used. Exploiting this vulnerability allows a local attacker to partially compromise the confidentiality of information through a...
DEBIAN-CVE-2015-2877
Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states "Basically ...