Lucene search
K

87 matches found

CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

AMD EPYC 安全漏洞

AMD EPYC is an x86 architecture server microprocessor product line from AMD Semiconductor, known in Chinese as Xiaolong, which utilizes the Zen microarchitecture. A security vulnerability exists in AMD EPYC, which originated in a specific microarchitecture environment, allowing an attacker to...

5.5CVSS7.1AI score0.05794EPSS
Exploits1References58
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. 7763.384369 unchecked MSR access error: WRMSR to 0x689 tried to write 0x1fffffff8101349e at rIP: 0xffffffff810704a4...

5.5CVSS6.3AI score0.00209EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.41 views

Ubuntu 16.04 ESM : Linux kernel (GCP) vulnerabilities (USN-6007-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6007-1 advisory. It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain...

8.8CVSS7.6AI score0.04947EPSS
Exploits4References21
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.254 views

K57185580: RetBleed CPU vulnerability CVE-2022-29900

Security Advisory Description There are two RetBleed vulnerabilities. This article applies to CVE-2022-29900. For information about CVE-2022-29901, refer to the following article: K83713003: RetBleed CPU vulnerability CVE-2022-29901 Mis-trained branch predictions for return instructions may allow...

6.5CVSS7.4AI score0.04947EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/09 12:0 a.m.61 views

Ubuntu 18.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-5862-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5862-1 advisory. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 V4L2 implementation in the Linux kernel. A local attacker...

7CVSS7.6AI score0.04947EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/02/07 12:0 a.m.36 views

SUSE SLES15: kernel-livepatch-5_14_21-150400_22-default / etc (SUSE-SU-2023:0270-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0270-1 advisory. This update for the Linux Kernel 5.14.21-15040022 fixes several issues. The following security issues were fixed: - CVE-2022-4379: A...

7.8CVSS6.7AI score0.06346EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2023/01/20 12:0 a.m.37 views

openSUSE 15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2022:4613-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4613-1 advisory. The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...

8.8CVSS7.5AI score0.21314EPSS
Exploits4References89
CNNVD
CNNVD
added 2023/01/16 12:0 a.m.5 views

Linaro Trusted Firmware-A 缓冲区错误漏洞

Linaro Trusted Firmware-A is an open source trusted firmware from Linaro. A security vulnerability exists in Linaro Trusted Firmware-A version 2.8 and earlier, which stems from an out-of-bounds read in the X.509 parser that parses boot certificates, and which could be exploited by an attacker to...

7.4CVSS7.3AI score0.00629EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/12/07 4:3 a.m.43 views

New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network

NOTE: In this blog, Zerobot refers to a botnet that spreads primarily through IoT and web application vulnerabilities. It is not associated with the chatbot ZeroBot.ai. A novel Go-based botnet called Zerobot has been observed in the wild proliferating by taking advantage of nearly two dozen...

7.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.4 views

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.7AI score
Exploits0References5
Xen Project
Xen Project
added 2022/11/08 6:0 p.m.69 views

x86: Multiple speculative security issues

ISSUE DESCRIPTION 1 Researchers have discovered that on some AMD CPUs, the implementation of IBPB Indirect Branch Prediction Barrier does not behave according to the specification. Specifically, IBPB fails to properly flush the RAS Return Address Stack, also RSB - Return Stack Buffer - in Intel...

6.5CVSS6.9AI score0.00785EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/02 4:42 p.m.6 views

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.7AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/02 4:42 p.m.5 views

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.5CVSS7AI score0.03764EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/02 4:41 p.m.6 views

hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions...

6.7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.32 views

Oracle Linux 8 : kernel (ELSA-2022-7110)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7110 advisory. - debug: lockdown kgdb Orabug: 34270802 CVE-2022-21499 - intelidle: Fix false positive RCU splats due to incorrect hardirqs state Waiman Long 2103167...

7.8CVSS7.2AI score0.06214EPSS
Exploits7References7
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.40 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)

The version of kernel installed on the remote host is prior to 5.4.217-126.408. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-037 advisory. - Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution...

7CVSS7.8AI score0.04947EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.349 views

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1838 (ALAS-2022-1838)

The version of kernel installed on the remote host is prior to 4.14.291-218.527. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1838 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the...

7.8CVSS7.7AI score0.06214EPSS
Exploits11References65
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.45 views

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-125)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-125 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. CVE-2022-2990...

7.8CVSS7.4AI score0.04947EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/08/23 12:0 a.m.66 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-006)

The version of kernel installed on the remote host is prior to 5.15.57-29.131. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-006 advisory. A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary...

7.8CVSS7.4AI score0.04947EPSS
Exploits1References14
NVD
NVD
added 2022/08/10 8:15 p.m.44 views

CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading SMT. By measuring the contention level on scheduler queues an attacker may potentially leak sensitive...

5.6CVSS0.00217EPSS
Exploits0References1
Rows per page
Query Builder