The vulnerability of the Software Guard eXtensions (SGX) processor implementation allows a hacker to disclose protected information.

The vulnerability of the Software Guard eXtensions SGX processor implementation is related to the checking of incorrect conditions. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerabilities of the functions sbi_cpu_start() and cpu_update_secondary_bootdata() in the Linux operating system’s kernel on RISC-V processors allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the functions sbicpustart in the module arch/riscv/kernel/cpuopssbi.c and cpuupdatesecondarybootdata in the module arch/riscv/kernel/cpuopsspinwait.c in the Linux operating system’s kernel on RISC-V processors is related to memory writing beyond the allocated buffer...

CVE-2024-27380

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsisetdelayedwakeuptype, there is no input validation check on a length of ioctlargs-argsi coming from userspace, which can lead to a heap over-read...

Samsung Mobile Processor Security Vulnerability

SAMSUNG Mobile Processor is a family of mobile processors from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Mobile Processor that stems from a failure to perform validation checks on input from userspace, which could result in a heap overwrite. The followin...

kernel: ACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup()

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Check for null return of devmkzalloc in fchmiscsetup devmkzalloc may fail, clkdata-name might be NULL and will cause a NULL pointer dereference later. rjw: Subject and changelog edits...

amd: Return Address Predictor vulnerability leading to information disclosure

A side channel vulnerability was found in hw amd. Some AMD CPUs may allow an attacker to influence the return address prediction. This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure...

Vulnerability of microprogramming software for Intel, AMD, ARM, and IBM processors: This vulnerability arises due to the creation of racing states in a speculative mode, which can lead to access to already freed memory areas. If the processor mispredicts the branching in the code, it allows a hacker to gain access to protected memory.

The vulnerability of microprogramming software for processors from Intel, AMD, ARM, and IBM arises from the existence of speculative execution states that can lead to access to already freed memory areas, if the processor mispredicts branch instructions in the code. Exploiting this vulnerability...

2024.1 IPU - Intel® Processor Return Predictions Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing a firmware update to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-38575 Description: Non-transparent sharing of return predictor targets...

AMD Processor Security Vulnerability

AMD Processors is a processor from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Processor. An attacker exploiting this vulnerability could execute arbitrary code...

CVE-2023-4554 XML External Entity (XXE) Processing

Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on Windows, Linux allows Server Side Request Forgery, Probe System Files. AppBuilder's XML processor is vulnerable to XML External Entity Processing XXE, allowing an authenticated user to upload specially...

CVE-2023-50268

jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue...

The vulnerability of Intel microprogramming software allows a hacker to elevate their privileges from the third level to the zero-level protection ring (CPL0), thereby gaining access to confidential information or causing service failures.

The vulnerability of Intel microprogramming software is related to errors in interpreting redundant prefixes. Exploiting this vulnerability can allow attackers to enhance their privileges from the third level to the zero-level protection ring, CPL0, gain access to confidential information, or cau...

hw: amd: Cross-Process Information Leak

A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances...

The vulnerability of the CMD_W_REG command processor in the CE_A protocol implementation of the CE805M data collection and transmission device allows a perpetrator to modify parameters so that commands of the operating system are executed during automatic updates of the application software.

The vulnerability of the CMDWREG command processor in the CEA protocol implementation of the CE805M device for data collection and transmission is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to modify parameters so that system commands are executed...

PT-2023-4289 · Arm +2 · Amd Processors +1

Name of the Vulnerable Software and Affected Versions: AMD processors affected versions not specified ARM processors affected versions not specified Intel processors affected versions not specified Description: A potential power side-channel vulnerability may allow an authenticated attacker to...

USN-6244-1 amd64-microcode vulnerability

Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information...

Medium: microcode_ctl

Issue Overview: Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 add CVE-2022-0005 A flaw was found in hw. Improper access control for...

The vulnerability of the Bootloader component of AMD processors allows a hacker to trigger a system failure.

The vulnerability of the Bootloader component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

K29421535: Intel processor vulnerability CVE-2021-33117

Security Advisory Description Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 Impact This vulnerability may potentially allow a local...

The vulnerability in the implementation of the SNP_INIT command during the loading of microprogramming software for AMD processors allows a attacker to influence the integrity of the protected information.

The vulnerability of the SNPINIT implementation in the loading of microprogramming software for AMD processors is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to influence the integrity of the protected information...