Lucene search
K

2616 matches found

The Hacker News
The Hacker News
added 2026/07/06 5:37 p.m.9 views

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The publ...

5.9AI score0.00176EPSS
Exploits3
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/26 12:0 a.m.5 views

HPESBHF05017 rev.1 - Certain HPE SimpliVity Servers Using Certain Intel Processors, INTEL-SA-01396, 2026.1 IPU, Intel Processor Firmware Advisory, Local Escalation of Privilege Vulnerability

Potential Security Impact: Local: Escalation of Privilege SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE SimpliVity 380 Gen11 - Prior to SimpliVity Gen11 Support Pack 20260605 HPE SimpliVity 380 Gen10 Plus - Prior to SimpliVity Gen10 Support Pack 20260605 CVSS Scores: | CVE |...

3.9CVSS6.1AI score0.00133EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, due to the periodic HV timer. When advancing the expiration of the guest’s APIC timer in periodic mode, set the expiration ...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s KVM module. This flaw can lead to a denial of service in the x86emulateinsn function in arch/x86/kvm/emulate.c. The flaw occurs when an illegal instruction is executed on the guest CPU of the Intel model...

5.5CVSS6.8AI score0.00302EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

Improper isolation of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...

6.5CVSS6.7AI score0.00402EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Intel Microcode

A observable discrepancy in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/29 2:4 p.m.16 views

CVE-2025-35979

A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...

6.8CVSS5.7AI score0.00096EPSS
Exploits0References4
OSV
OSV
added 2026/05/29 5:12 a.m.14 views

MGASA-2026-0161 Updated microcode package fixes security vulnerability

The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References4
Mageia
Mageia
added 2026/05/29 5:12 a.m.17 views

Updated microcode package fixes security vulnerability

The updated package fixes a security vulnerability: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. CVE-2025-35979...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix for lz4 inplace decompression Currently, EROFS can map another compressed buffer for inplace decompression, which was used to handle cases where some pages of compressed data are not actually in-place I/O. However, lik...

6.1CVSS6.2AI score0.00278EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

The non-transparent sharing of branch predictor selectors between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...

6.5CVSS6.6AI score0.00508EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Xen

Observable discrepancies in response times of some Intel processors may allow authorized users to potentially disclose information through local access...

6.5CVSS6.5AI score0.00372EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

The non-transparent sharing of return predictor targets between contexts in some Intel processors may allow an authorized user to potentially enable information disclosure through local access...

5.5CVSS6.6AI score0.0035EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.12 views

Amazon Linux 2023 : microcode_ctl (ALAS2023-2026-1675)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1675 advisory. Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high...

3.9CVSS5.8AI score0.00133EPSS
Exploits0References4
HPE Security Bulletins
HPE Security Bulletins
added 2026/05/14 12:0 a.m.4 views

HPESBHF05054 rev.1 - Certain HPE StoreEasy Servers Using Certain Intel Processors, INTEL-SA-01413, UEFI Reference Firmware Advisory, Local Disclosure of Information Vulnerability

Potential Security Impact: Local: Disclosure of Information SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE StoreEasy 1470 Performance - Prior to 2.8001-29-2026 HPE StoreEasy 1470 Storage - Prior to 2.8001-29-2026 HPE StoreEasy 1570 Performance - Prior to 2.8001-29-2026 HPE...

5.6CVSS6.1AI score0.00095EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/13 2:29 p.m.16 views

SUSE CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

4.7CVSS5.8AI score0.00096EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/12 6:30 p.m.14 views

EUVD-2025-209791

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 5:16 p.m.29 views

CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

6.8CVSS0.00096EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 5:16 p.m.8 views

DEBIAN-CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 5:16 p.m.18 views

ALPINE-CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

6.8CVSS5.8AI score0.00096EPSS
Exploits0References1
Rows per page
Query Builder