Lucene search
+L

452 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RISCV: Sanitizing syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check, to prevent speculativ...

7CVSS5.7AI score0.00126EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 6:48 p.m.8 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.4AI score0.00135EPSS
Exploits0References1
susecve
susecve
added 2026/06/05 3:39 a.m.14 views

SUSE CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References16
osv
osv
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/05/27 12:57 p.m.9 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.8AI score0.00094EPSS
Exploits0References6Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

The Linux kernel allows user-space processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL, which disables the speculation feature, as well as through the use of seccomp. We noticed that on virtual machines of at least one major cloud provider, the kernel still left the victim...

5.6CVSS6.7AI score0.01377EPSS
Exploits3References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Do not perform the PV iret hypercall through the hypercall page. Instead of jumping to the Xen hypercall page to execute the iret hypercall, the required sequence is directly coded in the xen-asm.S file. This action is...

5.5CVSS6.5AI score0.00304EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

Certain Arm Cortex and Neoverse processors, as of 2022-03-08, do not properly prevent cache speculation, also known as Spectre-BHB. Attackers can exploit the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. As a result, cache allocation may allow attacker...

5.6CVSS7AI score0.00495EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: prevents reg-wait speculation. By using ENTEREXTARGREG instead of passing a user pointer along with arguments for the waiting loop, the user can specify an offset within a pre-mapped region of memory. In this case, offse...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. Additionally, add a number of comments to attempt to document the current state of knowledge regarding RSB attacks and exactly what is...

5.5CVSS6.3AI score0.00276EPSS
Exploits0References2
nvd
nvd
added 2026/05/13 4:16 a.m.12 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS0.00135EPSS
Exploits0References2
euvd
euvd
added 2026/05/13 3:7 a.m.10 views

EUVD-2024-55576

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.8AI score0.00135EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/13 3:7 a.m.37 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS0.00135EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/13 3:7 a.m.9 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.8AI score0.00135EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/05/13 3:7 a.m.6 views

CVE-2024-36315

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.8AI score0.00135EPSS
Exploits0References2
cve
cve
added 2026/05/13 3:7 a.m.19 views

CVE-2024-36315

CVE-2024-36315 concerns AMD processors (AMD Athlon™, AMD Ryzen™, and AMD Ryzen Embedded) where improper LFENCE serialization may allow bypass of speculation barriers, potentially exposing confidential data. The CVE is listed in AMD’s May 2026 bulletin (AMD-SB-4017) along with related historical C...

5.7CVSS5.8AI score0.00135EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/13 12:0 a.m.11 views

AMD多款产品 安全漏洞

AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. Several AMD products have security vulnerabilities. These vulnerabilities stem from improper execution of the LFENCE serialization attribute, which may allow attackers to bypass the speculation barrie...

5.7CVSS5.9AI score0.00135EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/13 12:0 a.m.16 views

PT-2026-40555

Improper enforcement of the LFENCE serialization property may allow an attacker to bypass speculation barriers and potentially disclose sensitive information, potentially resulting in loss of confidentiality...

5.7CVSS5.8AI score0.00135EPSS
Exploits0References2
osv
osv
added 2026/03/27 3:39 p.m.8 views

CLSA-2026-1774625950 webkit2gtk3: Fix of CVE-2025-43438

CVE-2025-43438: introduce distinct SpecMapIteratorObject/SpecSetIteratorObject types replacing shared SpecObjectOther in JSC DFG/FTL JIT type speculation...

8.8CVSS5.8AI score0.01054EPSS
Exploits0References1
susecve
susecve
added 2026/02/16 12:27 a.m.9 views

SUSE CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

7CVSS5.2AI score0.00126EPSS
Exploits0References3
Rows per page
Query Builder