hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

SUSE-SU-2020:3271-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 pre-release - CVE-2020-8695: Fixed Intel RAPL sidechannel attack SGX bsc1170446 - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 bsc1173594 New Platforms: | Processor | Stepping |...

Intel BIOS Platform Sample Code Advisory

Summary: Potential security vulnerabilities in Intel BIOS platform sample code for some Intel® Processors may allow escalation of privilege. Intel is releasing BIOS platform sample code updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-8764 Description:...

Intel® Processor Identification Utility Advisory

Summary: A potential security vulnerability in the Intel® Processor Identification Utility may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-12335 Description: Improper permissions in the install...

2020.2 IPU – BIOS Advisory

Summary: Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-0590 Description: Improper input...

squid: Buffer overflow in URI processor

An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote...

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

Cisco IOS XE Software for ASR 1000 Series 20 Gbps Embedded Services Processor IP ARP DoS (cisco-sa-esp20-arp-dos-GvHVggqJ)

According to its self-reported version and configuration, the Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP running on the remote device is affected by a denial of service vulnerability. An unauthenticated, adjacent...

Security update for binutils (moderate)

openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2020:1804-1 Rating: moderate References: 1126826 1126829 1126831 1140126 1142649 1143609 1153768 1153770 1157755 1160254 1160590 1163333 1163744 Cross-References: CVE-2019-12972 CVE-2019-14250 CVE-2019-14444...

CVE-2020-10816

Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet...

CVE-2019-14558

Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation IntelR CoreTM, IntelR CeleronR Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access...

CVE-2020-0571

CVE-2020-0571 corresponds to an improper conditions check in BIOS firmware for 8th Generation Intel Core processors and Intel Pentium Silver series, potentially allowing an authenticated local user to disclose information. Connected documents provide concrete details: Intel’s BIOS advisory (Intel...

CVE-2020-0571

Improper conditions check in BIOS firmware for 8th Generation IntelR CoreTM Processors and IntelR PentiumR Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2020-8671

CVE-2020-8671 is documented in multiple connected sources as an Intel BIOS vulnerability: insufficient control flow management in BIOS firmware for 8th/9th Gen Intel Core and Intel Celeron 4000 Series may allow an authenticated user to potentially disclose information via local access. The Intel ...

CVE-2020-8671

Insufficient control flow management in BIOS firmware 8th, 9th Generation IntelR CoreTM Processors and IntelR CeleronR Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access...

DEBIAN-CVE-2020-14378

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the movedesc function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause movedesc to get stuck in a 4,294,967,295-count iteration loop. Depending on how vhostcrypto is...

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability...

CVE-2020-3513

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 RSP3 installed could allow an authenticated, local attacker with high privileges to execute...