SUSE: Security Advisory (SUSE-SU-2022:0939-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for xen (openSUSE-SU-2022:0940-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

Design/Logic Flaw

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

CVE-2022-23960

CVE-2022-23960 affects Arm Cortex and Neoverse processors. It is a Spectre-BHB side-channel issue where shared branch history in the Branch History Buffer can influence mispredicted branches, enabling potential information disclosure through cache allocation. Documents note mitigations include de...

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

CVE-2022-23960

A new cache speculation vulnerability, known as Branch History Injection BHI or Spectre-BHB, was found in hw. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history stored in the CPU Branch History Buffer, or BHB to influence mispredicted branches within t...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5317-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5317-1 advisory. Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5318-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5318-1 advisory. Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a...

Multiple speculative security issues

ISSUE DESCRIPTION Note: Multiple issues are contained in this XSA due to their interactions. 1 Researchers at VU Amsterdam have discovered Spectre-BHB, pertaining to the use of Branch History between privilege levels. ARM have assigned CVE-2022-23960. Intel have assigned CVE-2022-0001 Branch...

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

多款Arm产品安全漏洞

ARM Cortex-A and others are products of the British company ARM.ARM Cortex-A is a set of 32-bit and 64-bit RISC ARM processor cores.ARM Neoverse is a high-performance ARM microarchitecture.ARM Cortex-R is a set of 32-bit and 64-bit RISC ARM processor cores. A security vulnerability exists in Arm...

Unbreakable Enterprise kernel-container security update

4.14.35-2047.511.5.4.el7 - x86/speculation: Add knob for eibrsretpolineenabled Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline Patrick Colp Orabug: 33922122 CVE-2021-26341 - x86/speculation: Update link to AMD...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1070)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[updated]REvil ransomware disappears after Tor services hijacked

With some pests you hope they never recover from a blow. It’s almost too good to be true, but one can hope. This is one of them. The REvil ransomware group has shut down their operation for the second time this year after losing control over their Tor-based domains. Shutdown number 1 REvils first...

AMD Transient Execution of Non-Canonical Accesses - Lenovo Support US

No description provided...

Microsoft Warns of Critical "PrintNightmare" Flaw Being Exploited in the Wild

Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution RCE vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected...

GSD-2021-1001067 bpf: Fix leakage under speculation on mispredicted branches

bpf: Fix leakage under speculation on mispredicted branches This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...