89 matches found
CVE-2024-23984
Observable discrepancy in RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...
CVE-2024-23984
Observable discrepancy in RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...
PT-2024-7297
Name of the Vulnerable Software and Affected Versions: IntelR Processors affected versions not specified Description: The issue is related to an observable discrepancy in the RAPL interface for some IntelR Processors, which may allow a privileged user to potentially enable information disclosure...
SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2023:4936-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4936-1 advisory. docker: - Update to Docker 24.0.7-ce. See upstream changelong online at...
SUSE SLES12 Security Update : containerd, docker, runc (SUSE-SU-2023:4625-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4625-1 advisory. containerd: -Update to containerd v1.7.8. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.8...
/sys/devices/virtual/powercap accessible by default to containers
Intel's RAPL Running Average Power Limit feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux kernel 3.13, which reads values via relevant MSRs model specific...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5917)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5917 advisory. 4.1.12-124.44.4.1 - powercap: restrict energy meter to root access Kanth Ghatraju Orabug: 32040806 CVE-2020-8694 CVE-2020-8695 Tenable has extracte...
AMD SEV VM Power Side Channel Security Bulletin
Bulletin ID: AMD-SB-3004 Potential Impact: Information disclosure Severity: Low Summary Researchers have reported a potential power side-channel attack using the Running Average Power Limit RAPL interface on AMD SEV VMs. The researchers focused only on the first generation of AMD SEV technology a...
K32512431: Linux kernel vulnerabilities CVE-2020-8694 and CVE-2020-8695
Security Advisory Description CVE-2020-8694 Insufficient access control in the Linux kernel driver for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8695 Observable discrepancy in the RAPL interface for some IntelR...
SUSE CVE-2020-8695
Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...
NewStart CGSL CORE 5.05 / MAIN 5.05 : microcode_ctl Multiple Vulnerabilities (NS-SA-2022-0046)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has microcodectl packages installed that are affected by multiple vulnerabilities: - Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially...
NewStart CGSL MAIN 6.02 : microcode_ctl Multiple Vulnerabilities (NS-SA-2022-0060)
The remote NewStart CGSL host, running version MAIN 6.02, has microcodectl packages installed that are affected by multiple vulnerabilities: - Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable...
NewStart CGSL CORE 5.04 / MAIN 5.04 : microcode_ctl Multiple Vulnerabilities (NS-SA-2022-0011)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has microcodectl packages installed that are affected by multiple vulnerabilities: - Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially...
AlmaLinux 8 : microcode_ctl (ALSA-2021:3027)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:3027 advisory. - Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable...
NewStart CGSL CORE 5.05 / MAIN 5.05 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0165)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has microcodectl packages installed that are affected by multiple vulnerabilities: - Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosu...
RHEL 7 : microcode_ctl (RHSA-2021:3323)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3323 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Vector Register Data Sampling CVE-2020-0548 hw: L1D Cache...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
RHEL 7 : microcode_ctl (RHSA-2021:3255)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3255 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...
Important: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update
An update for microcodectl is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
RHEL 7 : microcode_ctl (RHSA-2021:3029)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3029 advisory. The microcodectl packages provide microcode updates for Intel. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543...