USN-6967-1: Intel Microcode vulnerabilities

It was discovered that some Intel® Core™ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. CVE-2023-42667 It was discovered that some Intel® Processors did not properly isolate the stream cache. A local...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-2176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. Python has a security vulnerability that stems from the parser's use of algorithms with quadratic complexity,...

SUSE: Security Advisory (SUSE-SU-2024:2941-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2024-43851

In the Linux kernel, the following vulnerability has been resolved: soc: xilinx: rename cpunumber1 to dummycpunumber The per cpu variable cpunumber1 is passed to xlnxeventhandler as argument "devid", but it is not used in this function. So drop the initialization of this variable and rename it to...

Cleaning an ECS-enabled cache may cause excessive CPU load

...

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2024:2941-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2941-1 advisory. - Intel CPU Microcode was updated to the 20240813 release bsc1229129 - CVE-2024-24853: Security updates for INTEL- SA-01083 -...

riscv: prevent pt_regs corruption for secondary idle threads

...

SUSE CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

SUSE CVE-2024-24980

Protection mechanism failure in some 3rd, 4th, and 5th Generation IntelR XeonR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2023-42667

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-42667

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-42667

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-24853

The connected advisories corroborate CVE-2024-24853: it concerns an incorrect behavior order during the transition between the executive monitor and the SMI transfer monitor (STM) in certain Intel processors, enabling privilege escalation via local access. Affected area is Intel CPU microcode/fir...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...