452 matches found
CVE-2020-13844
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...
openSUSE Security Update : xen (openSUSE-2020-599)
This update for xen fixes the following issues : Security issues fixed : - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...
SUSE-SU-2020:1124-1 Security update for xen
This update for xen fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...
Big Research Insider Edition has a dll hijacking vulnerability
Big Research Insider Edition is a stock speculation software. Big Research Insider Edition suffers from a dll hijacking vulnerability, which can be exploited by attackers to load a malicious dll and execute arbitrary code...
CVE-2019-7308
A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize,...
Unbreakable Enterprise kernel security update
2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...
arm: a CPU may speculate past the ERET instruction
ISSUE DESCRIPTION Some CPUs can speculate past an ERET instruction and potentially perform speculative accesses to memory before processing the exception return. Since the register state is often controlled by lower privilege level i.e guest kernel/userspace at the point of the ERET, this could...
kernel security and bug fix update
3.10.0-1062.7.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.7.1 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056)
The remote OracleVM system is missing necessary patches to address critical security updates : - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond...
Unbreakable Enterprise kernel security update
4.1.12-124.33.4 - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond Myklebust Orabug: 30165838 - SUNRPC: Handle ENETDOWN errors Trond Myklebust Orabug:...
Medium: microcode_ctl, kernel
Issue Overview: This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcodectl package, the microcode will be automatically activated on next boot. Improper...
kernel security update
3.10.0-1062.4.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.3 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...
kernel security update
3.10.0-1062.4.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.2 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dave Airli...
Unbreakable Enterprise kernel security update
2.6.39-400.315.1.1 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419231 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419231 CVE-2019-11135 - x86/tsx: Add 'auto' option to TSX cmdline parameter Pawan Gupta Orabug:...
kernel security and bug fix update
4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...
Unbreakable Enterprise kernel security update
2.6.39-400.314.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165287 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165287 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...
Unbreakable Enterprise kernel security update
4.14.35-1902.4.8 - x86/boot: Clear RSDP address in bootparams for broken loaders Juergen Gross Orabug: 30111373 4.14.35-1902.4.7 - rds: ib: Qualify CM REQ duplicate detection with connection being up Hakon Bugge Orabug: 30062149 - rds: Further prioritize local loop-back connections Hakon Bugge...
kernel security and bug fix update
2.6.32-754.18.2.OL6 - Update genkey bug 25599697 2.6.32-754.18.2 - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 2.6.32-754.18.1 - virt xenbu...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)
The remote OracleVM system is missing necessary patches to address critical security updates : - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571...