Linux kernel 安全漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from the possibility of a memory leak in the mapping of X86 CPU data to memory in cpuentryarea, which allows a user to guess the location ...

K29002929: INTEL-SA-00223 - Intel Unified Extensible Firmware Interface CVE-2019-0120

Security Advisory Description Insufficient key protection vulnerability in silicon reference firmware for IntelR PentiumR Processor J Series, IntelR PentiumR Processor N Series, IntelR CeleronR J Series, IntelR CeleronR N Series, IntelR AtomR Processor A Series, IntelR AtomR Processor E3900 Serie...

K21344224: Lazy FP state restore vulnerability CVE-2018-3665

Security Advisory Description System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. CVE-2018-3665 A Floating-Point FP state...

K29421535: Intel processor vulnerability CVE-2021-33117

Security Advisory Description Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 Impact This vulnerability may potentially allow a local...

K23435400: Intel CPU vulnerability CVE-2022-0004

Security Advisory Description Hardware debug modes and processor INIT setting that allow override of locks for some IntelR Processors in IntelR Boot Guard and IntelR TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2022-0004 Impact There...

K41556648: CPU vulnerability CVE-2019-0184

Security Advisory Description Insufficient access control in protected memory subsystem for IntelR TXT for 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5 and v6 Families; IntelR XeonR E-2100 and E-2200 Processor Families with IntelR Processor...

K63290144: Intel processor vulnerabilities CVE-2020-8696 and CVE-2020-8698

Security Advisory Description CVE-2020-8696 Improper removal of sensitive information before storage or transfer in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8698 Improper isolation of shared resources in some...

K52259753: Intel Processor vulnerability CVE-2022-26373

Security Advisory Description Non-transparent sharing of return predictor targets between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2022-26373 Impact There is no impact; F5 products are not affected by this...

K41043270: Intel processor vulnerabilities CVE-2021-0086 and CVE-2021-0089

Security Advisory Description CVE-2021-0086 Observable response discrepancy in floating-point operations for some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 Observable response discrepancy in some IntelR Processors m...

K41283800: INTEL-SA-00233 Microarchitectural Data Sampling Advisory

Security Advisory Description Multiple vulnerabilities in Intel processors have been mentioned in several sources and are referred to collectively as INTEL-SA-00233 Microarchitectural Data Sampling Advisory. F5 is aware of these vulnerabilities and is investigating as information becomes availabl...

K34425791: Intel processor vulnerabilities CVE-2019-0151, CVE-2019-0152

Security Advisory Description CVE-2019-0151 Insufficient memory protection in IntelR TXT for certain IntelR Core Processors and IntelR XeonR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0152 Insufficient memory protection in Syste...

K59395527: Intel processor vulnerability CVE-2021-33150

Security Advisory Description Hardware allows activation of test or debug logic at runtime for some IntelR Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-33150 Impact There is no impact; F5 products are not...

K11601010: Intel Processor vulnerability CVE-2021-33149

Security Advisory Description Observable behavioral discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-33149 Impact This vulnerability may allow an authorized user to potentially enable information disclosure...

K90305959: Intel processor diagnostic tool vulnerability CVE-2019-11133

Security Advisory Description Improper access control in the IntelR Processor Diagnostic Tool before version 4.1.2.24 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access. CVE-2019-11133 Impact There is no...

K02326457: Multiple AMD processor vulnerabilities

Security Advisory Description CVE-2018-8930 The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. CVE-2018-8931 The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips hav...

K49711130: OpenSSL and Intel processor SMT side-channel vulnerability (PortSmash) CVE-2018-5407

Security Advisory Description Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention.' CVE-2018-5407 also known as PortSmash Impact The vulnerability allows an attacker who can...

SUSE CVE-2022-33972

Incorrect calculation in microcode keying mechanism for some 3rd Generation IntelR XeonR Scalable Processors may allow a privileged user to potentially enable information disclosure via local access...

SUSE: Security Advisory (SUSE-SU-2023:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the implementation of the AMD Secure Processor (ASP) microprogramming software for AMD processors allows a perpetrator to influence the integrity of the protected information.

The vulnerability of the AMD Secure Processor ASP microprogramming software for AMD processors lies in insufficient data validation during the translation of input/output addresses. Exploiting this vulnerability could allow a malicious actor to influence the integrity of the protected information...

The vulnerability relates to the implementation of the AMD Secure Processor (ASP) technology in AMD microprogrammed software processor BIOS systems. It allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the implementation of the AMD Secure Processor ASP technology in AMD microprogrammed computer system BIOS is related to insufficient protection of operational data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protect...