Siemens SCALANCE and RUGGEDCOM Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-53241)

x86/xen: vulnerability due to issues with the PV iret hypercall through the hypercall page, which is fixed by directly coding the sequence in xen-asm.S to avoid problems with speculation mitigations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

EUVD-2024-51913

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-50112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/xen: Do not perform the PV iret hypercall through the hypercall page. Instead of jumping to the Xen hypercall page to execute the iret hypercall, the required sequence is directly coded in the xen-asm.S file. This action is...

CVE-2024-53241

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

DEBIAN-CVE-2024-53241

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

CVE-2024-53241 x86/xen: don't do PV iret hypercall through hypercall page

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

CVE-2024-53241

CVE-2024-53241 affects the Linux kernel when running with Xen PV guests. The root cause is an unsafe PV iret hypercall path via the Xen hypercall page. The fix replaces the hypercall-page jump with an inlined sequence in xen-asm.S to stop using the hypercall page, preparing for its removal due to...

CVE-2024-53241 x86/xen: don't do PV iret hypercall through hypercall page

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

SUSE CVE-2024-53241

In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall page for doing the iret hypercall, directly code the required sequence in xen-asm.S. This is done in preparation of no longer usin...

DEBIAN-CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

UBUNTU-CVE-2024-50112

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

CVE-2024-50112

In CVE-2024-50112, the Linux kernel fixes a weakness in Linear Address Masking (LAM) on x86 by disabling LAM in most cases. The vulnerability stems from transient execution risk related to LAM unless Linear Address Space Separation (LASS) is active. Until LASS support lands, LAM should only be al...

CVE-2024-50112 x86/lam: Disable ADDRESS_MASKING in most cases

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

CVE-2024-50112 x86/lam: Disable ADDRESS_MASKING in most cases

In the Linux kernel, the following vulnerability has been resolved: x86/lam: Disable ADDRESSMASKING in most cases Linear Address Masking LAM has a weakness related to transient execution as described in the SLAM paper1. Unless Linear Address Space Separation LASS is enabled this weakness may be...

CLSA-2023-1695900880 Fix of 5 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide archcpufinalizeinit - x86/cpu: Switch to archcpufinalizeinit - init: Remo...

CLSA-2023-1695046791 Fix of 7 CVEs

Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 // CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections Bionic update: upstream stable patchset 2022-12-01 LP: 1998542 - Revert "x86/cpu: Add a steppings field to struct x86cpuid" - x86/cpufeature: Add facility to check for m...

AZL-26234 CVE-2023-1998 affecting package hyperv-daemons for versions less than 5.15.118.1-1

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the kernel still left the victim process exposed to...

SUSE-SU-2022:1408-1 Security update for xen

This update for xen fixes the following issues: - CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host bsc1197423. - CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts using VT-d IOMMU hardware, which...