Lucene search
K

22 matches found

SUSE CVE
SUSE CVE
added 2026/05/15 2:10 a.m.6 views

SUSE CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading SMT. By measuring the contention level on scheduler queues an attacker may potentially leak sensitive...

5.6CVSS6.3AI score0.00217EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Ubuntu 24.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8260-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8260-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the...

9.8CVSS6.5AI score0.00812EPSS
Exploits1References177
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.13 views

Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8245-1)

"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8245-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify...

9.8CVSS6AI score0.00812EPSS
Exploits1References140
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.5 views

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8258-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8258-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the...

9.8CVSS6AI score0.00812EPSS
Exploits1References176
Ubuntu
Ubuntu
added 2026/05/07 3:27 p.m.18 views

USN-8258-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.9AI score0.00812EPSS
Exploits1
Ubuntu
Ubuntu
added 2026/05/07 9:47 a.m.20 views

USN-8245-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.1AI score0.00812EPSS
Exploits1
OSV
OSV
added 2026/05/07 9:47 a.m.15 views

USN-8245-1 linux-azure, linux-azure-6.17, linux-oem-6.17 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.6AI score0.00812EPSS
Exploits1References141
Ubuntu
Ubuntu
added 2026/04/28 4:30 p.m.9 views

USN-8185-2: Linux kernel (Low Latency NVIDIA) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.8AI score0.00378EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.6 views

Ubuntu Pro Realtime 24.04 LTS : Linux kernel (Raspberry Pi Real-time) vulnerabilities (USN-8204-1)

"The remote Ubuntu Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8204-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...

9.8CVSS5.9AI score0.00378EPSS
Exploits0References176
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.11 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8203-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8203-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...

9.8CVSS5.9AI score0.00378EPSS
Exploits7References178
Ubuntu
Ubuntu
added 2026/04/23 10:0 a.m.12 views

USN-8204-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.2AI score0.00378EPSS
Exploits0
OSV
OSV
added 2026/04/23 10:0 a.m.11 views

USN-8204-1 linux-raspi-realtime vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.7AI score0.00378EPSS
Exploits0References176
OSV
OSV
added 2026/04/23 9:41 a.m.9 views

USN-8179-3 linux-hwe-6.8, linux-ibm-6.8, linux-raspi vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.7AI score0.00378EPSS
Exploits0References175
OSV
OSV
added 2026/04/17 9:36 a.m.9 views

USN-8179-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.3AI score0.00378EPSS
Exploits0References175
OSV
OSV
added 2026/04/17 9:26 a.m.8 views

USN-8184-1 linux-realtime, linux-realtime-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.7AI score0.00378EPSS
Exploits0References176
OSV
OSV
added 2026/04/17 8:33 a.m.9 views

USN-8177-1 linux, linux-realtime vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References140
Ubuntu
Ubuntu
added 2026/04/16 2:13 p.m.8 views

USN-8179-1: Linux kernel vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS5.9AI score0.00378EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/01/19 11:31 a.m.10 views

New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs

A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp , can allow bad actors with privileged control over a host server to run malicious cod...

6.5CVSS6.6AI score0.01018EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.15 views

StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU's Stack Engine

In this paper, the authors present StackWarp, a software-based architectural attack exploiting the stack engine on AMD Zen CPUs to modify the stack pointer within an SEV-SNP guest, fully breaking integrity...

5.4AI score
Exploits0
Amd
Amd
added 2025/02/11 12:0 a.m.9 views

Last-Level Cache Attack

AMD ID: AMD-SB-7032 Potential Impact: N/A Severity: N/A Summary Researchers from Wuhan University have provided AMD with a paper titled “ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors” in which they discuss prime and probe attacks targeting the Last-Level Cache LLC...

7.2AI score
Exploits0
Rows per page
Query Builder