USN-8184-1 linux-realtime, linux-realtime-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

The vulnerability of the XHCI interface of USB controllers in VMware ESXi, VMware Workstation, VMware Fusion, and the VMware Cloud Foundation virtualization platform allows a perpetrator to execute arbitrary code.

The vulnerability of the XHCI Extensible Host Controller Interface interface of USB controllers in VMware ESXi, VMware Workstation, VMware Fusion, and VMware Cloud Foundation virtualization platforms is related to the use of memory after release. Exploiting this vulnerability can allow an attacke...