8 matches found
EUVD-2021-15346
Malware in sbrugna...
EUVD-2020-3182
Malware in sbrugna...
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability,...
NewStart CGSL MAIN 6.06 : kernel Multiple Vulnerabilities (NS-SA-2023-0142)
The remote NewStart CGSL host, running version MAIN 6.06, has kernel packages installed that are affected by multiple vulnerabilities: - Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the...
ASB-A-169505929
In ibprctlset of bugs.c, there is a possible way to re-enable indirect branch speculation due to a permissions bypass. This could lead to local information disclosure via a Spectre v2 attack with no additional execution privileges needed. User interaction is not needed for exploitation...
x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests
ISSUE DESCRIPTION 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement paravirtualisation, Xen's novel approach to virtualization. In AMD64, Xen had to use a different...
CVE-2020-10767
A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB Indirect Branch Prediction Barrier. The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation IBRS is available. This flaw allows a loc...
Security update for various KMPs (important)
The Spectre Variant 2 in the Linux Kernel is mitigated using "retpolines". This update rebuilds all openSUSE Leap 42.3 KMPs to use "retpolines" and so be able to mitigate the Spectre v2 attack. bsc1068032 CVE-2017-5715...