Lucene search
K

30 matches found

Amazon
Amazon
added 2024/05/20 12:0 a.m.11 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no check on whether the length is aligned with the logical block size. If the...

7.8CVSS6.4AI score0.00257EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/01 12:0 a.m.42 views

Ubuntu: Security Advisory (USN-6466-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.54577EPSS
Exploits8References2
Amd
Amd
added 2023/08/08 12:0 a.m.116 views

Return Address Security Bulletin

Bulletin ID: AMD-SB-7005 Potential Impact: Data Confidentiality Severity: Medium Summary AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading ...

4.7CVSS6.9AI score0.0616EPSS
Exploits1
Amazon
Amazon
added 2023/08/07 12:0 a.m.11 views

Important: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfssetea in fs/ntfs3/xattr.c. CVE-2022-48502 A side channel vulnerability on some of the AMD CPUs may allow a...

8.8CVSS7.6AI score0.54577EPSS
Exploits4
GoogleProjectZero
GoogleProjectZero
added 2023/08/02 12:0 a.m.30 views

MTE As Implemented, Part 2: Mitigation Case Studies

By Mark Brand, Project Zero Background In 2018, in the v8.5a version of the ARM architecture, ARM proposed a hardware implementation of tagged memory, referred to as MTE Memory Tagging Extensions. In Part 1 we discussed testing the technical and implementation limitations of MTE on the hardware...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2018:0861-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.7AI score0.74041EPSS
Exploits9References8
Tenable Nessus
Tenable Nessus
added 2020/06/29 12:0 a.m.11 views

Fedora 31 : xen (2020-e49a911382)

Special Register Buffer speculative side channel XSA-320 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.14 views

Fedora 32 : xen (2020-2a4faa84d1)

Special Register Buffer speculative side channel XSA-320 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/06/18 7:25 a.m.27 views

CVE-2020-13844

A new speculative side-channel vulnerability was found that affects the ARM processor's code, 'Straight-line speculation.' This flaw allows a local attacker to infer cache contents through measuring timing access. The highest threat from this vulnerability is to confidentiality. Mitigation...

2.1CVSS1.5AI score0.00504EPSS
Exploits0References5
Xen Project
Xen Project
added 2020/06/09 5:0 p.m.65 views

Special Register Buffer speculative side channel

ISSUE DESCRIPTION This issue is related to the MDS and TAA vulnerabilities. Please see https://xenbits.xen.org/xsa/advisory-297.html MDS and https://xenbits.xen.org/xsa/advisory-305.html TAA for details. Certain processor operations microarchitecturally need to read data from outside the physical...

5.5CVSS1AI score0.0054EPSS
Exploits0
Mageia
Mageia
added 2020/03/06 4:13 p.m.70 views

Updated xen packages fix security vulnerability

- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods XSA-306 - x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 - TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 - VCPUOPinitialise DoS XSA-296, CVE-2019-18420...

9.8CVSS0.2AI score0.03133EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2020/02/19 7:0 p.m.7 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/01/15 12:0 a.m.56 views

Debian DSA-4602-1 : xen - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks. In addition this update provides mitigations for the 'TSX Asynchronous Abort'speculative side channel attack. For additional...

9.8CVSS7.1AI score0.03133EPSS
Exploits0References35
RedHat Linux
RedHat Linux
added 2019/11/12 9:11 p.m.2 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 9:2 p.m.5 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/11/12 8:51 p.m.3 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2019/10/17 5:48 p.m.47 views

Chrome for Android Enables Site Isolation Security Feature for All Sites with Login

After enabling 'Site Isolation' security feature in Chrome for desktops last year, Google has now finally introduced 'the extra line of defence' for Android smartphone users surfing the Internet over the Chrome web browser. In brief, Site Isolation is a security feature that adds an additional...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.34 views

Citrix XenServer Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (CTX2251995)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory...

5.9CVSS6.7AI score0.01553EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/05/24 12:0 a.m.43 views

Xen Project Microarchitectural Data Sampling Speculative Side-Channel Vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (XSA-297)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by microarchitectural data sampling speculative side-channel vulnerabilities. These vulnerabilities may allow a local attacker on a guest machine to sample the contents of memory reads and...

5.9CVSS6.7AI score0.01553EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/05/20 12:0 a.m.44 views

Fedora 30 : xen (2019-6458474bf2) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Microarchitectural Data Sampling speculative side channel XSA-297, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 additional patches so above applies cleanly work around grub2 issues in dom0 Note that Tenable Network Security has extracted the preceding description block directly...

5.9CVSS6.5AI score0.01553EPSS
Exploits0References5
Rows per page
Query Builder