RHEL 8 : kpatch-patch (RHSA-2020:3297)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3297 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

CVE-2022-0002

A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 BTI where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently...

CVE-2022-0001

A flaw was found in hw. The Branch History Injection BHI describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to...

USN-4985-1 intel-microcode vulnerabilities

It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O VT-d. This may allow a local user to perform a privilege escalation attack. CVE-2020-24489 Joseph Nuzman discovered that some Intel processors may not...

CVE-2020-10767

CVE-2020-10767 affects the Linux kernel before 5.8-rc1, where Enhanced IBPB mitigation is disabled when STIBP is unavailable or when IBRS is available, enabling a Spectre V2–style attack on local confidentiality. Connected advisories confirm Linux kernel mitigations (IBPB/SSBD) and note a patched...

openSUSE: Security Advisory for spectre-meltdown-checker (openSUSE-SU-2019:2710-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : spectre-meltdown-checker (SUSE-SU-2019:3348-1)

This update for spectre-meltdown-checker fixes the following issues : - feat: implement TAA detection CVE-2019-11135 bsc1139073 - feat: implement MCEPSC / iTLB Multihit detection CVE-2018-12207 bsc1117665 - feat: taa: add TSXCTRL MSR detection in hardware info - feat: fwdb: use both Intel GitHub...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0023) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/speculation/mds: Check for the right microcode before setting mitigation Kanth Ghatraju Orabug: 29797118 - vxlan: test dev-flags & IFFUP before accessing vxlan-dev-devaddr Venkat Venkatsubra Orabu...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0224-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features : Support for Enhanced-IBRS on new Intel CPUs fate326564 The following security bugs were fixed: CVE-2018-9568: In skclonelock of sock.c, there is a possible memory...

SUSE-SU-2019:0224-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features: - Support for Enhanced-IBRS on new Intel CPUs fate326564 The following security bugs were fixed: - CVE-2018-9568: In skclonelock of sock.c, there is a possible memory...

Unbreakable Enterprise kernel security update

4.14.35-1818.5.4 - RDS: null pointer dereference in rdsatomicfreeop Mohamed Ghannam Orabug: 28020694 CVE-2018-5333 - x86/speculation: Make enhanced IBRS the default spectre v2 mitigation Alejandro Jimenez Orabug: 28474853 - x86/speculation: Enable enhanced IBRS usage Alejandro Jimenez Orabug:...