OESA-2026-1338 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call mdreapsyncthread directly Currently mdreapsyncthread is called from raidmessage directly without holding 'reconfigmutex', this is definite...

EUVD-2018-11635

Malware in sbrugna...

EUVD-2023-51002

Malicious code in bioql PyPI...

Exploit for Observable Discrepancy in Intel Atom_C

This is a tool for checking the state of software mitigations against Spectre and Meltdown vulnerabilities. It uses the NtQuerySystemInformation API call to report the data as seen by the Windows Kernel. The tool is currently optimized for Microsoft Windows 7-10 and uses the best-working exploit...

Linux Distros Unpatched Vulnerability : CVE-2018-19965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service host OS crash because GP0 can occur after a...

Design High-Confidence Computers Using Trusted Instructional Set Architecture and Emulators

High-confidence computing relies on trusted instructional set architecture, sealed kernels, and secure operating systems. Cloud computing depends on trusted systems for virtualization tasks. Branch predictions and pipelines are essential in improving performance of a CPU/GPU. But Spectre and...

Global Microprocessor Correctness in the Presence of Transient Execution

Correctness for microprocessors is generally understood to be conformance with the associated instruction set architecture ISA. This is the basis for one of the most important abstractions in computer science, allowing hardware designers to develop highly-optimized processors that are functionall...

AZL-52590 CVE-2024-50102 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

CVE-2024-50102 x86: fix user address masking non-canonical speculation issue

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

CVE-2024-50102

CVE-2024-50102 : The connected advisories indicate a Linux kernel x86 issue where using the high address bit to classify user vs. kernel space enabled a speculative-execution leak for non-canonical addresses. The root cause involves non-canonical address handling and an evolving AC/bit behavior a...

CVE-2024-50102 x86: fix user address masking non-canonical speculation issue

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

Security Bulletin: IBM i has released PTFs in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following IBM i PTFs in response to CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 and CVE-2018-3639. This security bulletin has been updated, on October 16, 2018, as additional IBM i PTFs are now available to mitigate the Spectre and Meltdown vulnerabilities...

CrowdStrike Update Causes Havoc, Grounding Flights and Disrupting Businesses

The Biggest IT Outage in Recent Memory? A faulty CrowdStrike update triggered a global tech meltdown, grounding flights,…...

OPENSUSE-SU-2024:13183-1 spectre-meltdown-checker-0.46-1.1 on GA media

These are all security issues fixed in the spectre-meltdown-checker-0.46-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11396-1 spectre-meltdown-checker-0.44-1.2 on GA media

These are all security issues fixed in the spectre-meltdown-checker-0.44-1.2 package on the GA media of openSUSE Tumbleweed...

SUSE: Security Advisory (SUSE-SU-2024:0885-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:0884-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : spectre-meltdown-checker (SUSE-SU-2024:0884-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0884-1 advisory. - An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to...

SUSE SLES12 Security Update : spectre-meltdown-checker (SUSE-SU-2024:0885-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0885-1 advisory. - An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information...