452 matches found
OESA-2026-1339 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call mdreapsyncthread directly Currently mdreapsyncthread is called from raidmessage directly without holding 'reconfigmutex', this is definite...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: io_uring: prevent opcode speculation
In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation sqe-opcode is used for different tables, make sure we santitise it against speculations...
RHEL 9 : kernel (RHSA-2026:1703)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1703 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: iouring: prevent opcode...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21863)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21863 advisory. - In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation...
MiracleLinux 4 : libvirt-0.10.2-62.2.0.1.AXS4 (AXSA:2018-3118:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3118:02 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Tenable has extracted the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001549)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001549 advisory. An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer arithmetic, leading to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001686)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001686 advisory. Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993189)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993189 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992242)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992242 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...
Siemens SCALANCE and RUGGEDCOM Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-53241)
x86/xen: vulnerability due to issues with the PV iret hypercall through the hypercall page, which is fixed by directly coding the sequence in xen-asm.S to avoid problems with speculation mitigations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990752 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...
kernel: io_uring: prevent opcode speculation
In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation sqe-opcode is used for different tables, make sure we santitise it against speculations...
microcode_ctl: From CVEorg collector
New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...
kernel: io_uring: prevent opcode speculation
In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation sqe-opcode is used for different tables, make sure we santitise it against speculations...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989727)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989727 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989923)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989923 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989023)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989023 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Conditional IBPB mitigation has been added. VMSCAPE is a vulnerability that exploits the insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already...
$Ρ$Hammer: Reviving RowHammer Attacks on New Architectures Via Prefetching
Rowhammer is a critical vulnerability in dynamic random access memory DRAM that continues to pose a significant threat to various systems. However, we find that conventional load-based attacks are becoming highly ineffective on the most recent architectures such as Intel Alder and Raptor Lake. In...