290 matches found
Astra Linux - уязвимость в linux-5.10
There is a vulnerability in the Linux Kernel within the KVM framework: nVMX, which allows for speculative execution attacks. L2 can execute Spectre v2 attacks on L1, as L1 believes it does not need retpolines or IBPB after executing L2, due to KVM L0 indicating support for eIBRS to L1. An attacke...
Astra Linux - уязвимость в linux-5.10, linux
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR in the function speculationctrlupdate, but the IBPB is only issued at the next schedul...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016524)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016524 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...
Astra Linux – Vulnerability in Intel Microcode
The exposure of sensitive information due to shared microarchitectural predictor states, which affect transient execution in the indirect branch predictors of certain Intel processors, may allow an authenticated user to potentially disclose information through local access...
EUVD-2026-9392
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
SUSE-SU-2026:0589-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-58150: buffer overrun with shadow paging + tracing XSA-477 bsc1256745. - CVE-2026-23553: incomplete IBPB for vCPU isolation XSA-479 bsc1256747...
SUSE-SU-2026:0394-1 Security update for xen
This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...
MGASA-2026-0026 Updated xen packages fix security vulnerabilities
x86: buffer overrun with shadow paging + tracing. CVE-2025-58150 x86: incomplete IBPB for vCPU isolation. CVE-2026-23553...
openSUSE 15 Security Update : xen (SUSE-SU-2026:0306-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0306-1 advisory. - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation...
ALPINE-CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
UBUNTU-CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
CVE-2026-23553 x86: incomplete IBPB for vCPU isolation
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
CVE-2026-23553
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...
Xen security vulnerabilities
Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has security vulnerabilities; these...
SUSE-SU-2026:0306-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...
SUSE-SU-2026:0304-1 Security update for xen
This update for xen fixes the following issues: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747...
SUSE-SU-2026:0303-1 Security update for xen
This update for xen fixes the following issues: Security fixes: - CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing XSA-477 bsc1256745 - CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation XSA-479 bsc1256747 - CVE-2025-58149: Fixed incorrect removal od permissions on PCI...