39 matches found
USN-8028-8: Linux kernel (IBM) vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper access controls and may lead to loss of confidentiality and integrity of guest memory. The following products are affected: AMD...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper lockpick protection measures. These vulnerabilities may lead to firmware downgrades and loss of integrity. The following produc...
MiracleLinux 4 : microcode_ctl-1.17-33.32.0.3.AXS4 (AXSA:2021-1922:07)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1922:07 advisory. hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observab...
MiracleLinux 8 : kernel-4.18.0-477.27.2.el8_8 (AXSA:2023-6482:27)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6482:27 advisory. x86/microcode/AMD: Rename a couple of functions CVE-2023-20593 x86/microcode: Add a parameter to microcodecheck to store CPU capabilities...
MiracleLinux 7 : kernel-3.10.0-957.12.2.el7 (AXSA:2019-3891:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3891:04 advisory. A flaw was found in the implementation of the fill buffer, a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker...
TencentOS Server 4: microcode_ctl (TSSA-2024:0565)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0565 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
USN-7834-1 linux-azure, linux-azure-6.14, linux-azure-nvidia-6.14 vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
EUVD-2014-9794
Malware in sbrugna...
Amazon Linux 2 : microcode_ctl, --advisory ALAS2-2025-2994 (ALAS-2025-2994)
The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2994 advisory. A potential security vulnerability in some Intelr Processors may allow information disclosure. Intel is releasing...
SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2025:03116-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03116-1 advisory. - Intel CPU Microcode was updated to the 20250812 release bsc1248438 - CVE-2025-20109: Improper Isolation or Compartmentalization in the strea...
Moderate: Red Hat Security Advisory: microcode_ctl security update
An update for microcodectl is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Advisory ROSA-SA-2025-2872
Software: microcodectl 2.1 OS: rosa-server79 packageevrstring: microcodectl-2.1-73.20.res7 CVE-ID: CVE-2022-40982 BDU-ID: 2023-04663 CVE-Crit: MEDIUM CVE-DESC.: A firmware vulnerability in Intel processors involves information leakage from vector registers. Exploitation of the vulnerability could...
ROS-20250526-01
A vulnerability in the FSM component of Intel processor firmware is related to the checking of the incorrect conditions. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the RAPL Interface of Intel processor firmware is related to the...
2025.2 IPU, Intel® Processor Advisory
Summary: Potential security vulnerabilities in some Intel® Processors may allow denial of service. Intel is releasing microcode updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2025-20103 Description: Insufficient resource pool in the core management mechanis...
USN-7225-1: HTMLDOC vulnerabilities
It was discovered that HTMLDOC incorrectly handled memory in the imagesetmask, gitreadlzw, writeheader and writenode functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected...
USN-7189-1: HTMLDOC vulnerabilities
It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. CVE-2021-20308 It was discovered that HTMLDOC incorrectly handled memory in pspdfexport,...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on July 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-207-01 Siemens SICAM Products ICSA-24-207-02 Positron Broadcast Signal Processor CISA...
Multi-vendor BIOS Security Vulnerabilities (February, 2024) - Lenovo Support US
No description provided...
K41043270: Intel processor vulnerabilities CVE-2021-0086 and CVE-2021-0089
Security Advisory Description CVE-2021-0086 Observable response discrepancy in floating-point operations for some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 Observable response discrepancy in some IntelR Processors m...