3 matches found
USN-7874-1: Linux kernel vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
AZL-12951 CVE-2022-2196 affecting package kernel for versions less than 5.15.102.1-1
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM L0 advertising eIBRS support to L1. An attacker at L2 with code...
The vulnerability of TP-Link’s microprogrammed software in routers, which stems from insufficient validation of input data, allows attackers to bypass the separation between the host network and the guest network.
The vulnerability of TP-Link’s microprogrammed routing software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to bypass the separation between the host network and the guest network using the DHCP protocol...