Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection BHI, can be used to leak arbitrary kernel...

Updated xen packages fix security vulnerabilities

x86: shadow stack vs exceptions from emulation stubs. CVE-2023-46841 x86: Register File Data Sampling. CVE-2023-28746 GhostRace: Speculative Race Conditions. CVE-2024-2193...

openSUSE: Security Advisory for xen (SUSE-SU-2024:1152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:1105-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-28746: Register file data sampling. bsc1221332 - CVE-2024-2193: Fixed GhostRace, a speculative race conditions. bsc1221334...

SUSE-SU-2024:1102-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-28746: Register File Data Sampling bsc1221332 - CVE-2024-2193: Fixed GhostRace, a speculative race conditions. bsc1221334 - CVE-2023-46841: Hhadow stack vs exceptions from emulation stubs bsc1219885...

CVE-2024-2193 Speculative Race Condition impacts modern CPU architectures that support speculative execution, also known as GhostRace.

A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace CVE-2024-2193, it is a variation of the transient execution CPU vulnerability known as Spectre v1 CVE-2017-5753. The approach combines speculative...

CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions

Overview A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v1 are likely affected. An unauthenticated attacker can exploit this...

GhostRace: Speculative Race Conditions

ISSUE DESCRIPTION Researchers at VU Amsterdam and IBM Research have discovered GhostRace; an analysis of the behaviour of synchronisation primitives under speculative execution. Synchronisation primitives are typically formed as an unbounded loop which waits until a resource is available to be...

PT-2024-2060 · Amd +7 · Amd Cpus +7

Name of the Vulnerable Software and Affected Versions: Modern CPU architectures supporting speculative execution affected versions not specified Description: A Speculative Race Condition SRC vulnerability, known as GhostRace, has been disclosed. This vulnerability impacts modern CPU architectures...

Speculative Race Conditions (SRCs)

Bulletin ID: AMD-SB-7016 Potential Impact: Speculative Race Condition Severity: Varies by CVE, see descriptions below Summary Researchers from IBM Research Europe and Vrije Universiteit Amsterdam have published a paper titled “GhostRace: Exploiting and Mitigating Speculative Race Conditions.” AMD...