A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a (CVE-2022-2196) It has been discovered that on some AMD CPUs, the RAS (Return Address Stack, also called RAP - Return Address Predictor - in some AMD documentation, and RSB - Return Stack Buffer - in Intel terminology) is dynamically partitioned between non-idle threads. This allows an malicious user to control speculative execution on the adjacent thread. (CVE-2022-27672) kernel: Type confusion in pick_next_rt_entity(), which can result in memory corruption. (CVE-2023-1077) The upstream bug report describes this issue as follows: A flaw found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an OOB access, and a lock corruption. (CVE-2023-1078) In the Linux kernel prior to 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device. (CVE-2023-26545)
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
amd athlon_x4_750_firmware - |
||
amd athlon_x4_760k_firmware - |
||
amd athlon_x4_830_firmware - |
||
amd athlon_x4_840_firmware - |
||
amd athlon_x4_860k_firmware - |
||
amd athlon_x4_870k_firmware - |
||
amd athlon_x4_880k_firmware - |
||
amd athlon_x4_835_firmware - |
||
amd athlon_x4_845_firmware - |
||
amd athlon_x4_940_firmware - |
||
amd athlon_x4_950_firmware - |
||
amd athlon_x4_970_firmware - |
||
amd ryzen_threadripper_pro_5995wx_firmware - |
||
amd ryzen_threadripper_pro_5975w_firmware - |
||
amd ryzen_threadripper_pro_5965wx_firmware - |
||
amd ryzen_threadripper_pro_5955wx_firmware - |
||
amd ryzen_threadripper_pro_5945wx_firmware - |
||
amd ryzen_threadripper_2990wx_firmware - |
||
amd ryzen_threadripper_2970wx_firmware - |
||
amd ryzen_threadripper_2950x_firmware - |
||
amd ryzen_threadripper_2920x_firmware - |
||
amd ryzen_threadripper_3960x_firmware - |
||
amd ryzen_threadripper_3970x_firmware - |
||
amd ryzen_threadripper_3990x_firmware - |
||
amd a12-9730p_firmware - |
||
amd a12-9700p_firmware - |
||
amd a10-9630p_firmware - |
||
amd a10-9600p_firmware - |
||
amd a9-9420_firmware - |
||
amd a9-9410_firmware - |
||
amd a6-9220_firmware - |
||
amd a6-9220c_firmware - |
||
amd a6-9210_firmware - |
||
amd a4-9120_firmware - |
||
amd a4-9120c_firmware - |
||
amd ryzen_7_2700x_firmware - |
||
amd ryzen_7_2700_firmware - |
||
amd ryzen_5_2600x_firmware - |
||
amd ryzen_5_2600_firmware - |
||
amd ryzen_3_1200_firmware - |
||
amd ryzen_3_2300x_firmware - |
||
amd ryzen_5_1600_af_firmware - |
||
amd ryzen_5_2500x_firmware - |
||
amd ryzen_7_2700e_firmware - |
||
amd ryzen_3_3100_firmware - |
||
amd ryzen_3_3300x_firmware - |
||
amd ryzen_5_3500_firmware - |
||
amd ryzen_5_3500x_firmware - |
||
amd ryzen_5_3600_firmware - |
||
amd ryzen_5_3600x_firmware - |
||
amd ryzen_5_3600xt_firmware - |
||
amd ryzen_7_3700x_firmware - |
||
amd ryzen_7_3800x_firmware - |
||
amd ryzen_7_3800xt_firmware - |
||
amd ryzen_9_3900_firmware - |
||
amd ryzen_9_3900x_firmware - |
||
amd ryzen_9_3900xt_firmware - |
||
amd ryzen_9_3950x_firmware - |
||
amd ryzen_9_pro_3900_firmware - |
||
amd ryzen_7_4700g_firmware - |
||
amd ryzen_5_4600g_firmware - |
||
amd ryzen_3_4300g_firmware - |
||
amd ryzen_7_4700ge_firmware - |
||
amd ryzen_5_4600ge_firmware - |
||
amd ryzen_3_4300ge_firmware - |
||
amd ryzen_7_2800h_firmware - |
||
amd ryzen_7_2700u_firmware - |
||
amd ryzen_5_2600h_firmware - |
||
amd ryzen_5_2500u_firmware - |
||
amd ryzen_3_2300u_firmware - |
||
amd ryzen_3_2200u_firmware - |
||
amd athlon_silver_3050e_firmware - |
||
amd athlon_pro_3045b_firmware - |
||
amd athlon_silver_3050u_firmware - |
||
amd athlon_silver_3050c_firmware - |
||
amd athlon_pro_3145b_firmware - |
||
amd athlon_gold_3150u_firmware - |
||
amd athlon_gold_3150c_firmware - |
||
amd ryzen_7_3780u_firmware - |
||
amd ryzen_7_3750h_firmware - |
||
amd ryzen_7_pro_3700u_firmware - |
||
amd ryzen_7_3700u_firmware - |
||
amd ryzen_5_3580u_firmware - |
||
amd ryzen_5_3550h_firmware - |
||
amd ryzen_5_pro_3500u_firmware - |
||
amd ryzen_5_3500u_firmware - |
||
amd ryzen_3_pro_3300u_firmware - |
||
amd ryzen_3_3300u_firmware - |
||
amd ryzen_3_3250u_firmware - |
||
amd ryzen_3_3200u_firmware - |
||
amd athlon_pro_300u_firmware - |
||
amd ryzen_7_4800u_firmware - |
||
amd ryzen_7_4700u_firmware - |
||
amd ryzen_5_4600u_firmware - |
||
amd ryzen_5_4500u_firmware - |
||
amd ryzen_3_4300u_firmware - |
||
amd ryzen_9_4900h_firmware - |
||
amd ryzen_7_4800h_firmware - |
||
amd ryzen_5_4600h_firmware - |
||
amd ryzen_9_5980hx_firmware - |
||
amd ryzen_9_5980hs_firmware - |
||
amd ryzen_9_5900hx_firmware - |
||
amd ryzen_9_5900hs_firmware - |
||
amd ryzen_7_5800h_firmware - |
||
amd ryzen_7_5800hs_firmware - |
||
amd ryzen_7_pro_5850u_firmware - |
||
amd ryzen_7_5825u_firmware - |
||
amd ryzen_7_5800u_firmware - |
||
amd ryzen_7_5700u_firmware - |
||
amd ryzen_5_5600h_firmware - |
||
amd ryzen_5_5600hs_firmware - |
||
amd ryzen_5_5625u_firmware - |
||
amd ryzen_5_5600u_firmware - |
||
amd ryzen_5_5500u_firmware - |
||
amd ryzen_3_5425u_firmware - |
||
amd ryzen_3_5400u_firmware - |
||
amd ryzen_3_5300u_firmware - |
||
amd athlon_gold_7220u_firmware - |
||
amd athlon_silver_7120u_firmware - |
||
amd epyc_7232p_firmware - |
||
amd epyc_7302p_firmware - |
||
amd epyc_7402p_firmware - |
||
amd epyc_7502p_firmware - |
||
amd epyc_7702p_firmware - |
||
amd epyc_7252_firmware - |
||
amd epyc_7262_firmware - |
||
amd epyc_7272_firmware - |
||
amd epyc_7282_firmware - |
||
amd epyc_7302_firmware - |
||
amd epyc_7352_firmware - |
||
amd epyc_7402_firmware - |
||
amd epyc_7452_firmware - |
||
amd epyc_7502_firmware - |
||
amd epyc_7532_firmware - |
||
amd epyc_7542_firmware - |
||
amd epyc_7552_firmware - |
||
amd epyc_7642_firmware - |
||
amd epyc_7662_firmware - |
||
amd epyc_7702_firmware - |
||
amd epyc_7742_firmware - |
||
amd epyc_7h12_firmware - |
||
amd epyc_7f32_firmware - |
||
amd epyc_7f52_firmware - |
||
amd epyc_7f72_firmware - |
||
amd epyc_embedded_3451_firmware - |
||
amd epyc_embedded_3551_firmware - |
||
amd epyc_embedded_3255_firmware - |
||
amd epyc_embedded_3251_firmware - |
||
amd epyc_embedded_3201_firmware - |
||
amd epyc_embedded_3151_firmware - |
||
amd epyc_embedded_3101_firmware - |
||
amd epyc_embedded_7601_firmware - |
||
amd epyc_embedded_7551_firmware - |
||
amd epyc_embedded_7501_firmware - |
||
amd epyc_embedded_7451_firmware - |
||
amd epyc_embedded_7401_firmware - |
||
amd epyc_embedded_7371_firmware - |
||
amd epyc_embedded_7351_firmware - |
||
amd epyc_embedded_7301_firmware - |
||
amd epyc_embedded_7281_firmware - |
||
amd epyc_embedded_7261_firmware - |
||
amd epyc_embedded_7251_firmware - |
||
amd epyc_embedded_755p_firmware - |
||
amd epyc_embedded_740p_firmware - |
||
amd epyc_embedded_735p_firmware - |
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Adobe, SAP, Intel, AMD, Android also show up with bouquet of fixes
Patch Tuesday Happy Patch Tuesday for February, 2023, which falls on Valentine's Day. Microsoft is showering love, maybe, on IT teams with some 75 security patches, nine of which are rated "critical" and 66 "important," and three of which Redmond says are under active exploitation. Interestingly enough, the trio being taken advantage of aren't the most critical vulnerabilities Microsoft has addressed this month. Of the three being exploited, two have a base CVSS severity score of 7.8 out of 10, ...
Vulmon