30113 matches found
16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A use-after-free bug in Linux's KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed 'Januscape' and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The publ...
Intel Neural Compressor <2.5.0 - SQL Injection
Improper input validation in some IntelR Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access. id: CVE-2024-22476 info: name: Intel Neural Compressor 2.5.0 - SQL Injection author: ritikchaddha severity:...
CVE-2026-53356
The CVE-2026-53356 entry concerns the Linux kernel DRM/I915 GEM code. The root cause is in sg_page() returning a struct page pointer instead of (void *) which mis-scales pread/pwrite for phys BO and can cause access to incorrect parts of a buffer when a non-zero offset is used. A fix was cherry-p...
Intel Active Management - Authentication Bypass
Intel Active Management platforms are susceptible to authentication bypass. A non-privileged network attacker can gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology AMT and Intel Standard Manageability. A non-privileged local attacker can provision...
CVE-2026-53205
A flaw was found in the Linux kernel's Intel Versatile Processing Unit IVPU accelerator driver. This vulnerability occurs due to insufficient validation of read and write indices in the firmware log buffer. If the firmware provides invalid log indices, it could lead to out-of-bounds buffer access...
UBUNTU-CVE-2026-53142
In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...
CVE-2026-53142 drm/xe/display: fix oops in suspend/shutdown without display
In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...
CVE-2026-53142
CVE-2026-53142 affects the Linux kernel’s drm/xe/display path. The xe driver tracks whether to probe display via xe->info.probe_display, which can be set to false after intel_display_device_probe() if no display is present or later disabled by fuses. In that state, xe_display_flush_cleanup_wor...
Astra Linux – Vulnerability in Linux-Firmware
Improper input validation in some IntelR PROSet/Wireless WiFi and KillerTM WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access...
Astra Linux – Vulnerability in Intel Microcode
Missing reference to active allocated resources for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...
Astra Linux – Vulnerability in Intel Microcode
The sequence of processor instructions may lead to unexpected behavior on some Intel processors. This could potentially allow an authenticated user to enable privilege escalation, information disclosure, or denial of service through local access...
Astra Linux – Vulnerability in Intel Microcode
The removal or modification of security-critical code in certain Intel processors may allow an authenticated user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Intel Microcode
Incorrect calculations in the microcode keying mechanism of some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Intel Microcode
The sequence of processor instructions in IntelR CoreTM Ultra Processors may lead to unexpected behaviors. This could potentially allow an authenticated user to enable denial of service through local access...
Astra Linux – Vulnerability in Intel Microcode
Improper isolation of shared resources in some IntelR processors may allow an authenticated user to potentially enable information disclosure via local access...
Astra Linux – Vulnerability in Xen
A issue was discovered in Xen through version 4.11.x, allowing users of x86 Intel HVM guest operating systems to obtain unintended read/write DMA access. This could potentially lead to a denial of service causing the host operating system to crash or result in privilege escalation. This issue...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
The Cross-Privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recently introduced FineIBT, and to leak arbitrary Linux kernel memory on Intel systems...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Disabling and re-enabling the ACPI GPE bit The EHL Elkhart Lake-based platforms provide an out-of-band service that allows devices to wake up when the system is in the S5 Soft-Off state. This out-of-band...
Astra Linux – Vulnerability in Intel Microcode
Incorrect calculations in the microcode keying mechanism of certain IntelR XeonR D processors with IntelR SGX may allow a privileged user to potentially enable information disclosure through local access...
Astra Linux – Vulnerability in Intel Microcode
Improper input validation in some IntelR TDX module software prior to version 1.5.05.46.698 may allow a privileged user to potentially enable privilege escalation through local access...