(Dis)Proving Spectre Security with Speculation-Passing Style

Constant-time CT verification tools are commonly used for detecting potential side-channel vulnerabilities in cryptographic libraries. Recently, a new class of tools, called speculative constant-time SCT tools, has also been used for detecting potential Spectre vulnerabilities. In many cases, the...

EUVD-2019-16852

Malware in sbrugna...

EUVD-2021-15346

Malware in sbrugna...

EUVD-2025-13150

Malicious code in bioql PyPI...

EUVD-2023-59723

Malicious code in bioql PyPI...

EUVD-2023-59724

Malicious code in bioql PyPI...

EUVD-2025-7600

Malicious code in bioql PyPI...

EUVD-2023-43699

Malicious code in bioql PyPI...

EUVD-2022-28876

Malicious code in bioql PyPI...

EUVD-2024-51913

Malicious code in bioql PyPI...

SUSE-SU-2025:03384-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49492: nvme-pci: fix a NULL pointer dereference in nvmeallocadmintags bsc1238954. - CVE-2022-50116: kernel: tty: ngsm: fix deadlock and link starvation i...

SUSE CVE-2025-39823

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks clamps these values to mitigate speculative execution side-channels...

kernel: x86: fix user address masking non-canonical speculation issue

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

gpio: prevent potential speculation leaks in gpio_device_get_desc()

...

Linux Distros Unpatched Vulnerability : CVE-2020-10768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl function, where it can be used to enable indirect branch speculation after it has been disabled...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...