Lucene search
K

3115 matches found

Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.9 views

Janus: Compiler-Based Defense against Transient Execution Attacks Using ARM Hardware Primitives

We present Janus, a compiler-based security framework that mitigates transient execution attacks like Spectre and control-flow hijacking on ARM64 platforms. Janus integrates speculative execution and control flow dependencies with PA modifiers, using PA and BTI microarchitectural features to...

6AI score
Exploits0
Snyk
Snyk
added 2026/05/06 9:45 p.m.8 views

Incorrect Type Conversion or Cast

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast through the extracthiddenstates speculative decoding. An attacker can cause the server to crash and disrupt servic...

6.5CVSS5.8AI score0.00367EPSS
Exploits0References3
OSV
OSV
added 2026/05/06 9:45 p.m.7 views

GHSA-83VM-P52W-F9PW vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

Summary The extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash is triggered when any request in the batch uses sampling penalty parameters...

6.5CVSS5.8AI score0.00367EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/06 9:45 p.m.10 views

vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

Summary The extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The crash is triggered when any request in the batch uses sampling penalty parameters...

6.5CVSS5.8AI score0.00367EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.15 views

SUSE CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-38288

Name of the Vulnerable Software and Affected Versions vLLM versions 0.18.0 through 0.19.1 Description The extract hidden states speculative decoding proposer returns a tensor with an incorrect shape after the first decode step, leading to a RuntimeError that crashes the EngineCore process. This...

6.5CVSS5.8AI score0.00367EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/01 11:43 p.m.7 views

CVE-2026-31781

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically in the drm/ioc32 component. This vulnerability, related to speculative execution a technique used by modern processors to guess future instructions, allows a local attacker to potentially disclose sensitiv...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/01 2:15 p.m.9 views

EUVD-2026-26594

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.8AI score0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:15 p.m.8 views

CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.29 views

CVE-2026-31781 drm/ioc32: stop speculation on the drm_compat_ioctl path

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

0.00123EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013420 advisory. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially...

4.7CVSS5.9AI score0.00289EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006920)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006920 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010867)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010867 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre...

7.1CVSS6.2AI score0.00189EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012960 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stac...

7.8CVSS6.4AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010723 advisory. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially...

4.7CVSS6.3AI score0.00289EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2026/04/20 3:9 p.m.11 views

K000160906: Linux kernel vulnerability CVE-2021-35477

Security Advisory Description In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation tha...

5.5CVSS5.7AI score0.0046EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.15 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007374)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007374 advisory. A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructio...

6.5CVSS7.1AI score0.03133EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007466)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007466 advisory. In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is n...

5.5CVSS6.3AI score0.00281EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/12 9:30 p.m.11 views

EUVD-2026-21738

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

4CVSS6AI score0.00236EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/12 7:17 p.m.10 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

7.5CVSS5.6AI score0.00236EPSS
Exploits0
Rows per page
Query Builder