Lucene search
K

8 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/14 4:27 p.m.4 views

CVE-2025-71203

In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use arrayindexnospec to clamp this value after the bounds check to prevent speculative...

5.2AI score0.00126EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/11/05 6:15 p.m.1 views

DEBIAN-CVE-2024-50102

In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Litetm" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user...

5.5CVSS5.7AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/07/12 1:15 p.m.1 views

UBUNTU-CVE-2024-39499

In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventmsg is controlled by user-space, eventmsg-eventdata.event is passed to eventdeliver and used as an index without sanitization. This...

7.1CVSS6.1AI score0.00298EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2024/03/05 4:31 a.m.2 views

SUSE CVE-2023-52481

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround Implement the workaround for ARM Cortex-A520 erratum 2966298. On an affected Cortex-A520 core, a speculatively executed unprivileged load might leak data fro...

6CVSS5.8AI score0.00602EPSS
Exploits0References10
OSV
OSV
added 2023/09/19 10:20 p.m.9 views

USN-6388-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Yang Lan discovered that the GFS2 file system...

7.8CVSS7.1AI score0.03882EPSS
Exploits1References10
Amazon
Amazon
added 2023/09/07 12:0 a.m.9 views

Important: kernel

Issue Overview: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. CVE-2023-20588 The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the...

7.8CVSS6.2AI score0.12405EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2020/01/06 2:46 p.m.2 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/05/14 6:14 p.m.3 views

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

5.9CVSS7AI score0.01553EPSS
Exploits0References5
Rows per page
Query Builder