222 matches found
SUSE CVE-2021-46778
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading SMT. By measuring the contention level on scheduler queues an attacker may potentially leak sensitive...
CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
PT-2026-39062
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the update cpu qos request function within the intel pstate component. The function attempts to initialize the freq variable by dereferencing cpudata...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fallback earlier on simultaneous connections Syzkaller reports a race condition in simultaneous connections that leads to inconsistent fallback behavior. Status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs. If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, the following warning is observed upon reboot: kexec: Waking offline CPU 228...
Astra Linux – Vulnerability in Linux, Linux 5.15
When SMT is enabled, certain AMD processors may speculateively execute instructions using a target from the sibling thread after a SMT mode switch, which may potentially lead to information disclosure...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013420)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013420 advisory. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010723)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010723 advisory. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially...
Race Condition
@auth0/nextjs-auth0 is vulnerable to a race condition. The vulnerability is due to improper lookup handling in the TokenRequestCache during simultaneous requests on the same client, which allows an attacker to exploit inconsistent token responses and potentially interfere with authentication flow...
CVE-2026-23332 cpufreq: intel_pstate: Fix crash during turbo disable
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1...
What a Mesh: Formal Security Analysis of WPA3 SAE Wireless Authentication
The latest Wi-Fi security standard, IEEE 802.11, includes a secure authentication protocol called SAE, whose use is mandatory for WPA3-Personal networks. The protocol is specified at two separate but linked levels: a traditional cryptographic description of the communication logic between network...
CVE-2025-47375
Memory corruption while handling different IOCTL calls from the user-space simultaneously...
PT-2026-22640
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A memory corruption issue exists when handling various IOCTL calls originating from user-space concurrently. This can lead to unpredictable system behavior. Recommendations At the moment, there is no...
AlertBERT: A Noise-Robust Alert Grouping Framework for Simultaneous Cyber Attacks
Automated detection of cyber attacks is a critical capability to counteract the growing volume and sophistication of cyber attacks. However, the high numbers of security alerts issued by intrusion detection systems lead to alert fatigue among analysts working in security operations centres SOC,...
CVE-2025-55705
This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. The lack of proper session management and expiration...
CVE-2021-47865
ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access...
Improper Resource Locking
Overview pterodactyl/panel is a game management panel. Affected versions of this package are vulnerable to Improper Resource Locking due to the validation occuring early in the request cycle and not locking the target resource while it is processing. An attacker can exhaust system resources and...
powerpc/kexec: Enable SMT before waking offline CPUs
...
SUSE CVE-2025-71119
In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228...