1533 matches found
CVE-2025-39815 RISC-V: KVM: fix stack overrun when loading vlenb
In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unsafe reading of strings, which could lead to a crash during userspace address access...
SUSE CVE-2025-40300
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
CVE-2025-40300
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
AZL-67238 CVE-2025-40300 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
DEBIAN-CVE-2025-40300
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
UBUNTU-CVE-2025-40300
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
CVE-2025-40300
The CVE-2025-40300 issue affects the Linux kernel’s x86/vmscape mitigation. The vulnerability arises from insufficient branch predictor isolation between a guest and a userspace hypervisor, which is mitigated by conditionally issuing an IBPB after VMexit and before returning to userspace. The fix...
CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
CVE-2025-40300 x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
CVE-2021-26383
Insufficient bounds checking in AMD TEE Trusted Execution Environment could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability...
PT-2025-36374
Name of the Vulnerable Software and Affected Versions: Trusted OS affected versions not specified Description: Insufficient parameter validation during process space allocation in the Trusted OS TOS can allow a malicious userspace process to trigger an integer overflow, potentially leading to a...
CVE-2021-26383
Insufficient bounds checking in AMD TEE Trusted Execution Environment could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability...
CVE-2021-26383
The CVE-2021-26383 entry concerns AMD TEE (Trusted Execution Environment) with insufficient bounds checking that could allow a compromised userspace process to pass malformed arguments, triggering out-of-bounds memory access and potentially harming integrity or availability. The connected documen...
CVE-2021-26383
Insufficient bounds checking in AMD TEE Trusted Execution Environment could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability...
CVE-2025-39690
In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the channels array is zeroed before use...
UBUNTU-CVE-2025-39690
In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the channels array is zeroed before use...
CVE-2025-38688
In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN can wrap resulting in a corrupted iova. Open code the ALIGN using...
Linux Distros Unpatched Vulnerability : CVE-2025-38613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: gpib: fix unset padding field copy back to userspace The introduction of a padding field in the gpibboardinfoioctl is showing up as initialized data on...