USN-7848-1: AMD Microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...

The vulnerability of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors’ microprogramming software relates to the disclosure of system data by unauthorized individuals, allowing attackers to gain unauthorized access to protected information.

The vulnerability of NVIDIA GeForce, Quadro, NVS, and Tesla graphics processors’ microprogramming software relates to the disclosure of system data by unauthorized individuals. Exploiting this vulnerability can allow a hacker to gain unauthorized access to protected information...

CVE-2024-36347

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged...

Ubuntu 25.04 : AMD Microcode vulnerability (USN-7560-1)

The remote Ubuntu 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7560-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Nava, Tavis Ormandy and Matteo Rizzo discovered that AMD Microcode incorrectly verified signatures. An attacker with local...

USN-7561-1 amd64-microcode vulnerabilities

It was discovered that AMD Microcode incorrectly handled memory addresses. An attacker with local administrator privilege could possibly use this issue to cause loss of integrity of a confidential guest running under AMD SEV-SNP. CVE-2023-20584, CVE-2023-31356 Josh Eads, Kristoffer Janke, Eduardo...

The vulnerability of microprogramming software in devices for integration and control of automation and data collection systems, related to the use of cryptographic algorithms containing defects, allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of microprogramming software in devices for integration and control of automation systems and data collection servers is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a malicious actor to compromise the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a applymicrocodeamd return value error, which could result in the propagation of an incorrect value in the...

The vulnerability of AMD64 Microcode in processor microcodes, related to incorrect code generation, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of AMD64 Microcode in processors relates to incorrect code generation management. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and cause service failures...

Updated microcode packages fix security vulnerability

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP. CVE-2024-56161...

The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the System Management Mode SMM mode of AMD microprogramming processors is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

AMD CPU Microcode Signature Verification Vulnerability

AMD ID: AMD-SB-7033 Potential Impact: Loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment Severity: Medium Summary Researchers from Google®have provided AMD with a report titled “AM...

Fedora 40 : microcode_ctl (2024-d20a106350)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d20a106350 advisory. - Update to upstream 2.1-47. 20241112 - Update of 06-8f-04/0x87 SPR-SP E0/S1 microcode in intel-ucode/06-8f-05 from revision 0x2b0005c0 up to...

kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)

A vulnerability was found in the Intel Xeon Processor's microcode. This issue may allow a malicious actor to achieve local privilege escalation when using Intel SGX or Intel TDX features...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

USN-7077-1: AMD Microcode vulnerability

Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode SMM configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : AMD Microcode vulnerability (USN-7077-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7077-1 advisory. Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access ...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

kernel: Local information disclosure on Intel(R) Atom(R) processors

A vulnerability was found in some Intel Atom Processor's microcode. This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system...

The vulnerability of AMD64 Microcode, related to the use of cryptographic algorithms containing defects, allows attackers to gain access to confidential data.

The vulnerability of AMD64 Microcode processors relates to the use of cryptographic algorithms that contain defects. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...