14 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning As of commit 4608fdfc07e1, this issue has been addressed. “netfilter: conntrack: collect all entries in one cycle” The behavior related to conntrack’s garbage collection has been change...
Yet Another Mirage of Breaking MIRAGE: Debunking Occupancy-Based Side-Channel Attacks on Fully Associative Randomized Caches
Recent work presented at USENIX Security 2025 claims that occupancy-based attacks can recover AES keys from the MIRAGE randomized cache. In this paper, we examine these claims and find that they arise from fundamental modeling flaws. Most critically, the authors' simulation of MIRAGE uses a...
CVE-2022-49110
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 "netfilter: conntrack: collect all entries in one cycle" conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large...
UBUNTU-CVE-2022-49110
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 "netfilter: conntrack: collect all entries in one cycle" conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large...
CVE-2022-49110 netfilter: conntrack: revisit gc autotuning
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning as of commit 4608fdfc07e1 "netfilter: conntrack: collect all entries in one cycle" conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large...
CVE-2025-27097 Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. When a user transforms on the root level or single source with...
CVE-2025-27097 Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. When a user transforms on the root level or single source with...
Azure Linux 3.0 Security Update: kernel (CVE-2024-45003)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45003 advisory. - In the Linux kernel, the following vulnerability has been resolved: vfs: Don't evict inode under the inode l...
SUSE CVE-2020-0549
Cleanup errors in some data cache evictions for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
Oracle Linux 7 : microcode_ctl (ELSA-2021-3028)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-3028 advisory. 2:2.1-73.11.0.1 - for Intel, do not trigger load if on-disk microcode is not an update Orabug: 30634727 - set earlymicrocode='no' in virtualized guests...
HPSBHF03670 rev. 2 - Intel® Processors Data Leakage Advisory
Potential Security Impact Information Disclosure Source: HP, HP Product Security Response Team PSRT Reported By: Intel VULNERABILITY SUMMARY Intel has informed HP of a potential security vulnerability involving cleanup errors in some data cache evictions in some Intel® Processors that may allow a...
CVE-2020-0549
Cleanup errors in some data cache evictions for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
Information disclosure
Cleanup errors in some data cache evictions for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2020-0549
Cleanup errors in some data cache evictions for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...