Missing Linux Kernel mitigations for 'TSA' hardware vulnerabilities (AMD-SB-7029)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20530)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20530 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38137447 CVE-2025-38089 - Add Zen34 clients Borislav...

Unbreakable Enterprise kernel security update

6.12.0-101.33.4.3 - Revert 'Add normal counters' Boris Ostrovsky Orabug: 38171405 6.12.0-101.33.4.2 - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38178286 CVE-2025-38089 - mm: memcontrol: remove memcg from LRU on release instead of offline Harry Yoo...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20470)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20470 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton CVE-2025-38089 - netsched: schsfq: move the limit validation...

AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks TSA, manifest in the form of a speculative side channel in its CPUs that leverage executio...

CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

CVE-2024-36357

A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20404)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20404 advisory. - Add Zen34 clients Borislav Petkov AMD Orabug: 38129825 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim...

AMD Transient Scheduler Attacks

AMD ID: AMD-SB-7029 Potential Impact: Loss of Confidentiality Severity: Medium Summary AMD discovered several transient scheduler attacks related to the execution timing of instructions under specific microarchitectural conditions while investigating a Microsoft® report titled “Enter, Exit, Page...

Unbreakable Enterprise kernel security update

5.4.17-2136.344.4.3 - Add Zen34 clients Borislav Petkov AMD Orabug: 38129026 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim Phillips Orabug: 38129026 CVE-2024-36350 CVE-2024-36357 - KVM: SVM: Advertize TSA CPUID bits to guests Borislav Petkov AMD Orabug:...

Unbreakable Enterprise kernel security update

6.12.0-100.28.2.2.el10uek - Add Zen34 clients Borislav Petkov AMD Orabug: 38129827 CVE-2024-36350 CVE-2024-36357 - x86/process: Move the buffer clearing before MONITOR Kim Phillips Orabug: 38129827 CVE-2024-36350 CVE-2024-36357 - Add normal counters Borislav Petkov AMD Orabug: 38129827...