113 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Conditional IBPB mitigation has been added. VMSCAPE is a vulnerability that exploits the insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already...
MiracleLinux 9 : kernel-5.14.0-570.62.1.el9_6 (AXSA:2025-11101:89)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11101:89 advisory. kernel: information leak via transient execution vulnerability in some AMD processors CVE-2024-36350 kernel: transient execution vulnerability in...
USN-7940-2: Linux kernel (Azure, N-Series) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7940-2 linux-azure-nvidia vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7940-1)
The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7940-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...
USN-7940-1 linux-azure-fips vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7940-1: Linux kernel (Azure FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7939-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7939-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...
USN-7939-2 linux-azure-fips vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7939-1 linux-azure, linux-azure-5.4 vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7939-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7938-1 linux-azure-5.15 vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7938-1: Linux kernel (Azure) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
USN-7937-1 linux-azure-fips vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
Ubuntu 22.04 LTS : Linux kernel (KVM) vulnerabilities (USN-7933-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7933-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7935-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7935-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...
Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7938-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7938-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation betwee...
Ubuntu Pro FIPS-updates 18.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7937-1)
"The remote Ubuntu Pro FIPS-updates 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7937-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predicto...
USN-7934-1: Linux kernel (Azure) vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux...