Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A division-by-zero error on some AMD processors may potentially return speculative data, resulting in a loss of confidentiality...

Important: kernel

Issue Overview: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if deviceadd fails CVE-2023-53174 I...

Detecting Speculative Data Flow Vulnerabilities Using Weakest Precondition Reasoning

Speculative execution is a hardware optimisation technique where a processor, while waiting on the completion of a computation required for an instruction, continues to execute later instructions based on a predicted value of the pending computation. It came to the forefront of security research ...

Linux Distros Unpatched Vulnerability : CVE-2024-50102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86: fix user address masking non-canonical speculation issue It turns out that AMD has a Meltdown Litetm issue with non-canonical accesses in kernel space. And...

SUSE CVE-2023-20588

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality...

openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3683-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2023-3473)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a...

Ubuntu 16.04 ESM : Linux kernel (AWS) vulnerabilities (USN-6577-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6577-1 advisory. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from divisio...

Microsoft patches 34 vulnerabilities, including one zero-day

December’s Patch Tuesday is a relatively quiet one on the Microsoft front. Redmond has patched 34 vulnerabilities with only four rated as critical. One vulnerability, a previously disclosed unpatched vulnerability in AMD central processing units CPUs, was shifted by AMD to software developers. Th...

KB5033427: Windows Server 2008 Security Update (December 2023)

The remote Windows host is missing security update 5033427. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36006 - A division-by-zero error on some AMD processors can potentially return speculativ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2023:4476-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4476-1 advisory. - A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 - arm3...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2023:4475-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4475-1 advisory. - A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 - arm3...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2023-12874)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12874 advisory. - x86: KVM: SVM: always update the x2avic msr interception Maxim Levitsky Orabug: 35857366 CVE-2023-5090 - netfilter: ipset: add the missing...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12858)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12858 advisory. - netfilter: ipset: add the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c Kyle Zeng Orabug: 35824286 CVE-2023-42753 - rds: Fix lack of...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3988-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3988-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6386-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6386-3 advisory. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data...

Information Disclosure

xen is vulnerable to Information Disclosure. The vulnerability exists due to a division-by-zero error on some AMD processors which allows an attacker to gain access to speculative data...

SUSE SLES15 Security Update : xen (SUSE-SU-2023:3902-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3902-1 advisory. - Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR...

SUSE SLES15 Security Update : xen (SUSE-SU-2023:3903-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3903-1 advisory. - A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6386-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6386-2 advisory. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from divisio...