Astra Linux - уязвимость в linux-5.15, linux-6.1

Hardware logic with insecure de-synchronization in IntelR DSA and IntelR IAA for some IntelR 4th or 5th generation XeonR processors may allow an authorized user to potentially enable escalation of privilege local access...

CVE-2025-26404

CVE-2025-26404 concerns Intel® DSA (Driver & Support Assistant) software prior to version 25.2.15.9. The issue is an uncontrolled search path that may allow an authenticated user to escalate privileges via local access. Impact is described as privilege escalation with high secrecy/impact on confi...

Security update for ucode-intel

This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20250211 release bsc1237096 Security updates for INTEL-SA-01166 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01166.html CVE-2024-31068: Improper Finite State Machines FSMs i...

SUSE-SU-2025:0569-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20250211 release bsc1237096 - CVE-2024-31068: Improper Finite State Machines FSMs in Hardware Logic for some Intel Processors may allow privileged user to potentially enable denial of service via loca...

FreeBSD : Intel CPUs -- multiple vulnerabilities (d598266d-7772-4a31-9594-83b76b1fb837)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d598266d-7772-4a31-9594-83b76b1fb837 advisory. Intel reports: A potential security vulnerability in some Intel Processors may allow denial of...

Intel Data Streaming Accelerator 安全漏洞

Intel Data Streaming Accelerator Intel DSA is a high-performance data replication tool and analytics gas pedal from Intel Corporation that optimizes the movement of streaming data. A security vulnerability exists in Intel Data Streaming Accelerator version V1.0 that originates from a vulnerabilit...

Intel CPUs -- multiple vulnerabilities

Intel reports: A potential security vulnerability in some Intel Processors may allow denial of service. Intel released microcode updates to mitigate this potential vulnerability. A potential security vulnerability in some Intel Software Guard Extensions Intel SGX Platforms may allow denial of...

Intel® Data Streaming Accelerator Advisory

Summary: A potential security vulnerability in the Intel® Data Streaming Accelerator Intel® DSA for some Intel® Xeon® Processors may allow denial of service. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-37020 Description:...

kernel: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms

This is a vulnerability in the Linux kernel's Data Movement Accelerator DMA engine, specifically affecting the Intel Data Streaming Accelerator IDXD driver. The issue arises during the removal rmmod of the idxd driver on systems with only one active CPU. In such scenarios, the driver's cleanup...

USN-6919-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 It was discovered that the ATA over...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6919-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6919-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application

Hardware logic with insecure de-synchronization in IntelR DSA and IntelR IAA for some IntelR 4th or 5th generation XeonR processors may allow an authorized user to potentially enable escalation of privilege local access...

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6864-3)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6864-3 advisory. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for...

USN-6864-3: Linux kernel (GKE) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

Ubuntu 20.04 LTS : Linux kernel (IBM) vulnerabilities (USN-6892-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6892-1 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An...

USN-6892-1 linux-ibm-5.15 vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

USN-6892-1: Linux kernel (IBM) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

USN-6873-2: Linux kernel (StarFive) vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 Several security issues were...

USN-6864-2: Linux kernel vulnerabilities

It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. CVE-2024-21823 A security issue was discovere...

USN-6878-1 linux-oracle vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...