58 matches found
CVE-2022-26873
CVE-2022-26873 affects AMI Aptio 5.x PlatformInitAdvancedPreMem. The issue is described as a stack buffer overflow in PlatformInitAdvancedPreMem that can allow arbitrary code execution during the PEI phase, potentially enabling mitigation bypass, memory contents disclosure, VM secrets access, and...
CVE-2022-26873 The stack buffer overflow vulnerability in PlatformInitAdvancedPreMem leads to arbitrary code execution during PEI phase.
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines VMs and bypassing memory isolation and...
PT-2022-25303 · Sbpei · Sbpei
Name of the Vulnerable Software and Affected Versions: SbPei affected versions not specified Description: A potential attacker can write one byte by arbitrary address at the time of the PEI phase, only during S3 resume boot mode, and influence the subsequent boot stages. This can lead to...
PT-2022-25307 · Unknown · S3Resume2Pei
Name of the Vulnerable Software and Affected Versions: S3Resume2Pei affected versions not specified Description: A potential attacker can execute arbitrary code during the PEI phase, influencing subsequent boot stages. This can lead to bypassing mitigations, disclosure of physical memory contents...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Intel processors’ vulnerability, related to the possibility of speculative execution commands, allows attackers to circumvent the memory isolation mechanism of virtual machines.
Intel processors’ vulnerabilities are related to the possibility of speculative execution of instructions. Exploiting these vulnerabilities can allow attackers to gain access to the memory of the supervisor or other virtual machines by overcoming the mechanism that isolates virtual machine memory...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
Kernel: hw: cpu: L1 terminal fault (L1TF)
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of...
hw: cpu: speculative store bypass
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...
Intel Releases New Spectre Patch Update for Skylake Processors
After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities Variant 2. For those unaware, Spectre Variant 1, Variant 2 and Meltdown...
Spectre Vulnerability in CPU Processor Kernel
CPU hardware is a set of firmware that runs in the CPU Central Processing Unit to manage and control the CPU. The Spectre vulnerability exists in the CPU processor kernel, where an attacker can use a malicious application to gain access to private data that should be quarantined due to Intel's...
Row Hammer Privilege Escalation - Lenovo Support US
No description provided...
Security: some HVM domain can access another domain memory.
Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for movtorr, which allows a VTi domain to read memory of other domains...