MiracleLinux 7 : kernel-3.10.0-1160.76.1.el7 (AXSA:2022-3725:11)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3725:11 advisory. Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 Incomplete cleanup of microarchitectural fill buffers aka SBDS CVE-2022-2112...

hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)

A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to enable information disclosure via local access...

RHEL 8 : kernel (RHSA-2022:6872)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6872 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: a use-after-free in clsroute filter...

hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)

A flaw was found in hw. Incomplete cleanup of microarchitectural fill buffers on some Intel® Processors may allow an authenticated user to enable information disclosure via local access...

CentOS: Security Advisory for bpftool (CESA-2022:5937)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-5485-1 linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4, linux-azure-fde, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.13, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-intel-5.13, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-oracle-5.13, linux-oracle-5.4 vulnerabilities

It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...

UBUNTU-CVE-2022-21125

Incomplete cleanup of microarchitectural fill buffers on some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

Ubuntu: Security Advisory (USN-4985-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4985-1: Intel Microcode vulnerabilities

It was discovered that some Intel processors may not properly invalidate cache entries used by Intel Virtualization Technology for Directed I/O VT-d. This may allow a local user to perform a privilege escalation attack. CVE-2020-24489 Joseph Nuzman discovered that some Intel processors may not...

SUSE: Security Advisory (SUSE-SU-2019:2984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4182-3: Intel Microcode regression | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

openSUSE Security Update : xen (openSUSE-2019-2506)

This update for xen fixes the following issues : - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. bsc1155945 -...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2503)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. bsc1135966 -...

Ubuntu 18.04 LTS : Linux kernel vulnerability and regression (USN-4184-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4184-2 advisory. USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was...

USN-4186-3: Linux kernel vulnerability

USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 i915 missing Blitter Command Streamer check was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details:...

USN-4188-1: Linux kernel vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

USN-4187-1 linux vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4185-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4185-1 advisory. Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Mori...

USN-4182-1 intel-microcode update

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...