2616 matches found
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The publ...
HPESBHF05017 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01396, 2026.1 IPU, Intel Processor Firmware Advisory, Local Escalation of Privilege Vulnerability
Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen11 - Prior to SimpliVity Gen11 Support Pack 20260605 HPE SimpliVity 380 Gen10 Plus - Prior to SimpliVity Gen10 Support Pack 20260605 CVSS Scores: | CVE |...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, due to the periodic HV timer. When advancing the expiration of the guest’s APIC timer in periodic mode, set the expiration ...
Astra Linux – Vulnerability in Linux 5.15
A NULL pointer dereference flaw was discovered in the Linux kernel’s KVM module. This flaw can lead to a denial of service in the x86emulateinsn function in arch/x86/kvm/emulate.c. The flaw occurs when an illegal instruction is executed on the guest CPU of the Intel model...
Astra Linux – Vulnerability in Intel Microcode
Improper isolation of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...
Astra Linux – Vulnerability in Intel Microcode
A observable discrepancy in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...
CVE-2025-35979
A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...
MGASA-2026-0161 Updated microcode package fixes security vulnerability
The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...
Updated microcode package fixes security vulnerability
The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for lz4 inplace decompression Currently, EROFS can map another compressed buffer for inplace decompression, which was used to handle cases where some pages of compressed data are not actually in-place I/O. However, lik...
Astra Linux – Vulnerability in Linux, Linux 5.10
The non-transparent sharing of branch predictor selectors between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Xen
Observable discrepancies in response times of some Intel processors may allow authorized users to potentially disclose information through local access...
Astra Linux – Vulnerability in Linux 5.10, Linux
The non-transparent sharing of return predictor targets between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...
Amazon Linux 2023 : microcode_ctl (ALAS2023-2026-1675)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1675 advisory. Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high...
HPESBHF05054 rev.1 - Certain HPE StoreEasy Servers Using Certain Intel Processors, INTEL-SA-01413, UEFI Reference Firmware Advisory, Local Disclosure of Information Vulnerability
Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreEasy 1470 Performance - Prior to 2.8001-29-2026 HPE StoreEasy 1470 Storage - Prior to 2.8001-29-2026 HPE StoreEasy 1570 Performance - Prior to 2.8001-29-2026 HPE...
SUSE CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...
EUVD-2025-209791
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...
CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...
DEBIAN-CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...
ALPINE-CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...