CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ACPI CPPC not checking for null pointers in nosmp mode, which could lead to null pointer dereferencing...

PT-2025-27699

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the ACPI CPPC component. This issue occurs when the nosmp parameter is used in the command lin...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

microcode_ctl: From CVEorg collector

Incorrect behavior order for some IntelR Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access...

Moderate: Red Hat Security Advisory: microcode_ctl security update

An update for microcodectl is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: microcode_ctl security update

An update for microcodectl is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: microcode_ctl security update

An update for microcodectl is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RISC-V Processor 安全漏洞

RISC-V Processor is an instruction set architecture from the Swiss company RISC-V. A security vulnerability exists in RISC-V Processor that stems from an improperly reserved mstatus.SUM bit leading to a physical memory access attack...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

PT-2025-27577 · Unknown · Open-Source Risc-V Processor

Name of the Vulnerable Software and Affected Versions: Open-Source RISC-V Processor affected versions not specified Description: The issue concerns improper retention of the mstatus.SUM bit in a non-zero state, violating privileged specification constraints. This could potentially enable attacks...

CVE-2025-45006

The CVE-2025-45006 entry concerns an issue in the Open-Source RISC-V Processor where the mstatus.SUM bit can remain non-zero, violating privileged-spec constraints. Root cause identified as improper retention in commit f517abb, enabling potential physical memory access attacks. Affected component...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

CVE-2023-28907

CVE-2023-28907 describes a lack of memory isolation between CPU cores in the VW MIB3 infotainment, enabling an attacker with access to the main OS to compromise the core handling CAN message processing. The issue was first reported in Skoda Superb III with OEM part 3V0035820; a list of affected M...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from a Guest VM that may overwrite the firmware state, potentially leading to unauthorized access to the GPU...

rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser

A flaw was found in Rack::QueryParser. This vulnerability allows denial of service via oversized HTTP requests containing many parameters, resulting in memory exhaustion that consumes all available memory or CPU resource pinning, which keeps the CPU constantly busy...

CVE-2025-52999 jackson-core Has Potential for StackoverflowError if user parses an input file that contains very deeply nested data

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

USN-7598-1 linux-azure-5.15 vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...

Moderate: Red Hat Bug Fix Advisory: microcode_ctl bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 9. The microcodectl packages provide microcode updates for Intel and AMD processors. Bug Fixes and Enhancements: Update microcodectl to latest upstream rhel-9.6.z JIRA:RHEL-96929 microcodectl: From CVEorg collector rhel-9.6....