2279 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000205)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000205 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...
PT-2026-27719
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's x86/fred component related to speculative safety within the fred extint function. The array index nospec function was not effectively utilized to...
ROS-20251219-7302
Vulnerability in chromium is related to speculative race conditions that can lead to access to already freed memory areas in case of incorrect prediction of code branches by the processor. Exploitation of the vulnerability could allow an attacker to access protected memory from a program without...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991276)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991276 advisory. A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
EUVD-2025-202587
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
XiangShan安全漏洞
XiangShan is an open source high performance RISC-V processor project open sourced by XiangShan in China. A security vulnerability exists in XiangShan that stems from speculative execution and indirect branch prediction that could lead to a side-channel analysis attack...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...
PT-2025-50363
Name of the Vulnerable Software and Affected Versions XiangShan Nanhu V2 XiangShan Kunmighu V3 Description The software uses speculative execution and indirect branch prediction, potentially allowing attackers to access sensitive information through side-channel analysis of the data cache...
CVE-2025-63094
XiangShan Nanhu V2 and XiangShan Kunmighu V3 are affected by a speculative execution/indirect branch prediction vulnerability that enables side-channel access to data in the cache, allowing potential disclosure of sensitive information. Exploitation details are not provided in the connected docum...
UBUNTU-CVE-2025-40143
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...
CVE-2025-40143
CVE-2025-40143 concerns the Linux kernel BPF verifier. Syzbot-generated input could trigger a verifier_bug() in maybe_exit_scc() when processing a state inside an SCC, under speculative execution paths. The root cause was an assumption that an existing bpf_scc_visit instance always accompanies a ...
microcode_ctl: From CVEorg collector
New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990585)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990585 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...
Astra Linux – Vulnerability in pam
A vulnerability was discovered in PAM. Secret information is stored in memory, and the attacker can trigger the victim’s program to execute by sending characters to its standard input stdin. During this process, the attacker can instruct the branch predictor to execute a ROP chain speculatively...
Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)
"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...
EUVD-2018-15519
Malware in sbrugna...