8 matches found
Security Bulletin: IBM Concert is vulnerable to multiple issues due to Cloud Pak Openshift
Summary IBM Concert Software uses multiple open source libraries from Cloud Pak Openshift which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2020-12912 DESCRIPTION: AMD Energy Driver for Linux could allow a local attacker to obtain sensitive information,...
SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2023:4936-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4936-1 advisory. docker: - Update to Docker 24.0.7-ce. See upstream changelong online at...
containerd allows RAPL to be accessible to a container
/sys/devices/virtual/powercap accessible by default to containers Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux...
GHSA-JQ35-85CJ-FJ4P /sys/devices/virtual/powercap accessible by default to containers
Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux kernel 3.13, which reads values via relevant MSRs model specific...
Ubuntu: Security Advisory (USN-4678-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4678-1: Linux kernel vulnerabilities
It was discovered that the AMD Running Average Power Limit RAPL driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. CVE-2020-12912 Jann Horn discovered that the iouring subsystem in the Linux kernel d...
CVE-2020-12912
CVE-2020-12912 describes an AMD Linux hwmon/RAPL issue where improper access control could let a local attacker observe power-usage data leading to side-channel information disclosure. AMD updated the RAPL interface to require privileged access, mitigating the vulnerability. Connected advisories ...
AMD Energy Driver for Linux Vulnerability (RAPL) - Lenovo Support US
No description provided...