ROS-20241008-08

Intel processor firmware vulnerability is related to information leakage from vector registers. registers. Exploitation of the vulnerability may allow an intruder to gain access to protected information...

ABB Cylon Aspect 3.07.00 (networkDiagAjax.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated OS command...

CVE-2023-25546

Out-of-bounds read in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable denial of service via local access...

CVE-2024-21871

CVE-2024-21871 covers an improper input validation flaw in UEFI firmware on some Intel® processors that could allow a privileged local attacker to escalate privileges. The issue arises from input validation in the UEFI stack used by Intel’s firmware. Impact is described as privilege escalation wi...

Mageia: Security Advisory (MGASA-2024-0296)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated microcode package fix security vulnerabilities

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-42667 Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to...

SUSE: Security Advisory (SUSE-SU-2024:3095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20240902-03

Intel processor firmware vulnerability is related to errors in interpretation of redundant prefixes. of redundant prefixes. Exploitation of the vulnerability could allow an attacker to escalate privileges from third to zero ring of protection CPL0, gain access to sensitive information, or cause a...

SUSE: Security Advisory (SUSE-SU-2024:2941-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

The connected advisories corroborate CVE-2024-24853: it concerns an incorrect behavior order during the transition between the executive monitor and the SMI transfer monitor (STM) in certain Intel processors, enabling privilege escalation via local access. Affected area is Intel CPU microcode/fir...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

2024.2 IPU - Intel® Processor Stream Cache Advisory

Summary: A potential security vulnerability in some Intel® Processor stream cache mechanisms may allow escalation of privilege. Intel is releasing microcode updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-49141 Description: Improper isolation in some Intel...

UBUNTU-CVE-2022-48713

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf-single before calling ptbufferregionsize in a place where a missing check can cause a kernel crash. Fixes a bug introduced by commit...