CVE-2022-46487

Improper initialization of x87 and SSE floating-point configuration registers in the sconeentry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel...

CVE-2022-46487

SCONE vulnerability CVE-2022-46487: In SCONE before 5.8.0, the __scone_entry component improperly initializes x87 and SSE floating-point configuration registers, enabling a local attacker with SGX enclaves to compromise execution integrity of FP operations or exfiltrate information via side-chann...

F5 Networks BIG-IP : SSB Variant 4 vulnerability (K29146534)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K29146534 advisory. - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the...

F5 Networks BIG-IP : RSRE Variant 3a vulnerability (K51801290)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K51801290 advisory. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU update (USN-3651-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3651-1 advisory. Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow...

Oracle Linux 7 : edk2 (ELSA-2019-4668)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4668 advisory. 1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel...

Oracle Linux 5 : kernel (ELSA-2018-4235)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4235 advisory. - x86 mm/dumppagetables: Add a checkl1tf debugfs file Chris von Recklinghausen 1593378 CVE-2018-3620 - x86 l1tf: protect PAGEFILE PTEs against...

Oracle Linux 5 : ELSA-2018-1196-1: / kernel (ELSA-2018-11961)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-11961 advisory. - Backport CVE-2017-5715 to RHCK/OL5 orabug 27787723 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Oracle Linux 7 : qemu (ELSA-2018-4198)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4198 advisory. - i386: Define the Virt SSBD MSR and handling of it CVE-2018-3639 Konrad Rzeszutek Wilk Orabug: 28110449 CVE-2018-3639 - i386: define the AMD 'virt-ssbd' CPUID...

Oracle Linux 7 : edk2 (ELSA-2019-4785)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4785 advisory. 1:1.2-5.el7 - Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmfvarsgenerator so qemu will not require kvm kernel...

Oracle Linux 7 : qemu (ELSA-2018-4289)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4289 advisory. - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug:...

SUSE SLES12 Security Update : kernel (SUSE-SU-2023:3349-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3349-1 advisory. - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of al...

CVE-2022-40525

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis...

Information disclosure

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis...

CVE-2022-40525 Information Exposure in Linux Networking Firmware

Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis...

CVE-2022-40525

CVE-2022-40525 describes an information-disclosure issue in Linux Networking Firmware affecting Qualcomm embedded platforms, caused by unauthorized information leakage during side-channel analysis. The available connected documents indicate the vulnerability relates to insufficient protection of ...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that arises from unauthorized information disclosure during side channel analysis, information disclosure in the Linux network firmware...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:1802-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1802-1 advisory. - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosur...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2023:1803-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1803-1 advisory. - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized...

K29146534: SSB Variant 4 vulnerability CVE-2018-3639

Security Advisory Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel...