USN-6797-1: Intel Microcode vulnerabilities

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Intel Microcode vulnerabilities (USN-6797-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6797-1 advisory. It was discovered that some 3rd and 4th Generation Intel Xeon Processors did not properly restric...

SUSE-SU-2023:3447-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. bsc1214082, XSA-434 - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling'. bsc1214083, XSA-435 - CVE-2023-20593: Fixed a ZenBleed issue in 'Zen 2' CPU...

SUSE-SU-2023:3421-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2156: Fixed IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability bsc1211131. - CVE-2022-40982: Fixed transient execution attack call...

SUSE-SU-2023:3376-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’ bsc1213287. - CVE-2023-3268: Fixed an out of bounds memory access flaw in...

SUSE-SU-2023:3329-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...

SUSE: Security Advisory (SUSE-SU-2023:3324-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:3311-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-40982: Fixed transient execution attack called 'Gather Data Sampling' bsc1206418. - CVE-2023-0459: Fixed information leak in uaccessbeginnospec...

SUSE-SU-2022:0939-1 Security update for xen

This update for xen fixes the following issues: Transient execution side-channel attacks attacking the Branch History Buffer BHB, named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. - CVE-2022-0001, CVE-2022-0002, CVE-2021-26401: BHB speculation issues...

SUSE-SU-2022:0759-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer BHB, named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs...

hw: Special Register Buffer Data Sampling (SRBDS)

A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...