UBUNTU-CVE-2018-1091

In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory TM...

CVE-2018-1091

The CVE-2018-1091 entry is supported by connected advisories describing Linux kernel vulnerability on POWERPC: In arch/powerpc/kernel/ptrace.c, the function flush_tmregs_to_thread before 4.13.5 can crash a guest kernel when a core dump occurs, due to a missing processor feature check and an erron...

CVE-2018-1091

In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory TM...

CVE-2018-1091

In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory TM...

rubygems: No size limit in summary length of gem spec

It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary...

CVE-2018-8936

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor PSP privilege escalation...

CVE-2018-8936

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor PSP privilege escalation...

Improper access control

The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3...

Improper access control

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1...

CVE-2018-8931

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1...

CVE-2018-8932

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4...

Privilege escalation

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor PSP privilege escalation...

CVE-2018-8931

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1...

Improper access control

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4...

CVE-2018-8932

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4...

CVE-2018-8932

The CVE-2018-8932 issue concerns AMD Ryzen/Ryzen Pro processors with insufficient access control in the Secure Processor (RYZENFALL-2/3/4). The available connected documents confirm a processor-embedded access-control weakness rather than a software-only flaw. Root cause: inadequate enforcement w...

CVE-2018-8933

CVE-2018-8933 affects AMD EPYC Server processors. The vulnerability stems from insufficient access control for protected memory regions (FALLOUT-1/2/3), enabling circumvention of platform security controls and potential unauthorized access to memory. Impact is described as high (confidentiality, ...

CVE-2018-8931

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1...

CVE-2018-8936

The CVE-2018-8936 entry concerns AMD processors (EPYC Server, Ryzen, Ryzen Pro, Ryzen Mobile) where the Platform Security Processor (PSP) enables privilege escalation. The connected documents corroborate that this is a PSP-based elevation issue affecting multiple Ryzen-family products. Specifics ...

CVE-2018-8932

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4...