Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vtioctl: fixed arrayindexnospec in vtsetactivate. arrayindexnospec ensures that an out-of-bounds value is set to zero on the transient path. Reducing this value by one afterward causes a transient integer underflow. vsa.consol...

Astra Linux – Vulnerability in Intel Microcode

A domain-bypass transient execution vulnerability in some Intel AtomR processors may allow an authenticated user to potentially enable information disclosure through local access...

Astra Linux – Vulnerability in Intel Microcode

The exposure of sensitive information due to shared microarchitectural predictor states, which affect transient execution for some IntelR Core™ processors 10th generation, may allow an authenticated user to potentially disclose information through local access...

InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment

Fault Injection Attacks FIAs are a significant threat to hardware security, capable of compromising systems by inducing malicious faults in computation or storage. Evaluating resilience against such attacks is challenging due to the high cost, complexity, and limited availability of physical faul...

The Chronicles of Radio Frequency Fingerprinting

Radio Frequency Fingerprinting RFF has evolved from an early idea for radar emitter identification into a broad research field for wireless device identification and spectrum monitoring for security. Rather than presenting a conventional literature survey, this work provides a critical historical...

CVE-2025-47403

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...

CVE-2025-35979

A flaw was found in the kernel. This vulnerability, affecting some IntelR Processors, involves shared microarchitectural predictor state that influences transient execution within VMX non-root guest operation. An unprivileged software adversary with an authenticated user can exploit this locally ...

Astra Linux - уязвимость в systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

CVE-2025-35979

CVE-2025-35979 describes a vulnerability in certain Intel processors where shared microarchitectural predictor state can influence transient execution, enabling information disclosure in VMX non-root (guest) operation. An unprivileged, authenticated user with high-complexity capabilities and loca...

CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

Janus: Compiler-Based Defense against Transient Execution Attacks Using ARM Hardware Primitives

We present Janus, a compiler-based security framework that mitigates transient execution attacks like Spectre and control-flow hijacking on ARM64 platforms. Janus integrates speculative execution and control flow dependencies with PA modifiers, using PA and BTI microarchitectural features to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016523 advisory. Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016522 advisory. Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel AtomR processors may allow a...

CVE-2025-47401

Transient DOS when processing target power rate tables during channel configuration...

CVE-2025-47403

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...

CVE-2025-47403 Buffer Over-read in WLAN Firmware

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...

EUVD-2025-209628

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...

EUVD-2025-209626

Transient DOS when processing target power rate tables during channel configuration...

PT-2026-36838

Transient DOS when processing target power rate tables during channel configuration...

Astra Linux – Vulnerability found in Linux 5.10 and Linux 6.1, Intel Microcode

The exposure of information through microarchitectural states after transient execution from certain register files on some IntelR AtomR processors may allow an authenticated user to potentially enable information disclosure through local access...