67 matches found
hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)
A flaw was found in hw. Incomplete cleanup of multi-core shared buffers for some Intel® Processors may allow an authenticated user to enable information disclosure via local access...
hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)
A flaw was found in hw. Incomplete cleanup of multi-core shared buffers for some Intel® Processors may allow an authenticated user to enable information disclosure via local access...
Use After Free
qemu:sid is vulnerable to use after free. It allowed a remote attacker to potentially execute HW commands when shared buffers...
hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)
A flaw was found in hw. Incomplete cleanup of multi-core shared buffers for some Intel® Processors may allow an authenticated user to enable information disclosure via local access...
RHEL 8 : kernel-rt (RHSA-2022:6437)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6437 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 8 : kernel (RHSA-2022:6460)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6460 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core share...
OracleVM 3.4 : xen (OVMSA-2022-0023)
The remote OracleVM system is missing necessary patches to address security updates: - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21123 - Incomplete cleanup of...
RHEL 7 : kernel-rt (RHSA-2022:5939)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5939 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
RHEL 7 : kernel (RHSA-2022:5937)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5937 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core share...
SUSE SLES12 Security Update : xen (SUSE-SU-2022:2574-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2574-1 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information...
USN-5535-1 Intel Microcode vulnerabilities
Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. CVE-2021-0145 Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug...
USN-5513-1: Linux kernel (AWS) vulnerabilities
Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...
USN-5485-1 linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4, linux-azure-fde, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.13, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-intel-5.13, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-oracle-5.13, linux-oracle-5.4 vulnerabilities
It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. CVE-2022-21123 It was discovered that some Intel processors did not completely perform cleanup actions on...
ALPINE-CVE-2022-21123
Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
Input validation
Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...
Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR)
...
Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS)
...
CVE-2022-1050
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...
Race condition
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...
CVE-2022-1050
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...