Debian Bug report logs -
#1041863
amd64-microcode: CVE-2023-20593: use-after-free in AMD Zen2 processors
Package:
src:amd64-microcode;
Maintainer for src:amd64-microcode is Henrique de Moraes Holschuh <hmh@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 24 Jul 2023 16:03:01 UTC
Severity: ...
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks
CVE-2023-3390
A use-after-free flaw in the netfilter subsystem caused by incorrect
error path handling may result in denial of service or privilege
escalation
CVE-2023-3610
A use-after-f ...
Tavis Ormandy discovered that under specific microarchitectural
circumstances, a vector register in Zen 2 CPUs may not be written to 0
correctly This flaw allows an attacker to leak register contents across
concurrent processes, hyper threads and virtualized guests
For details please refer to
lockcmpxchg8bcom/zenbleedhtml
githu ...
Tavis Ormandy discovered that under specific microarchitectural
circumstances, a vector register in AMD Zen 2 CPUs may not be
written to 0 correctly This flaw allows an attacker to leak
sensitive information across concurrent processes, hyper threads
and virtualized guests
For details please refer to
and
This issue can also be mitigated by a m ...
Description<!---->A flaw was found in hw In &ldquo;Zen 2&rdquo; CPUs, an attacker can access sensitive information under specific microarchitectural circumstancesA flaw was found in hw In “Zen 2” CPUs, an attacker can access sensitive information under specific microarchitectural circumstances ...
An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information (CVE-2023-20593)
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation
The qfq_change_agg() function in net/sched/sch_ ...
An issue was discovered in the Linux kernel before 62 The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattrc (CVE-2022-48502)
An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive ...
An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information (CVE-2023-20593) ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Support, Red H ...
概述
Important: OpenShift Container Platform 41245 bug fix and security update
类型/严重性
Security Advisory: Important
标题
Red Hat OpenShift Container Platform release 41245 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShi ...
Synopsis
Moderate: linux-firmware security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise L ...
Synopsis
Important: OpenShift Container Platform 41154 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41154 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: kernel security update
Type / Sévérité
Security Advisory: Important
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte
Voir les systèmes concernés
Sujet
An update for kernel is now available for Red Hat Enterprise Linux 77 Advanced Update Support ...
Synopsis
Important: Logging Subsystem 577 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Important
Topic
Logging Subsystem 577 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sev ...
Synopsis
Important: Logging Subsystem 5612 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Important
Topic
Logging Subsystem 5612 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed s ...
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux 82 Telec ...
Synopsis
Moderate: linux-firmware security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 76 Advanced Update SupportRed Hat Product Secur ...
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 74 Advanced Update SupportRed Hat Product Security has rated ...
Synopsis
Moderate: linux-firmware security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update ...
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 76 Advanced Update SupportRed Hat Product Security has rated ...
Synopsis
Moderate: linux-firmware security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Pro ...
Synopsis
Important: kernel-rt security update
Type / Sévérité
Security Advisory: Important
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte
Voir les systèmes concernés
Sujet
An update for kernel-rt is now available for Red Hat Enterprise Linux 90 Extended Update Su ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Securit ...
Synopsis
Moderate: linux-firmware security and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for linux-firmware is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed H ...
Synopsis
Important: kernel-rt security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Support, Red Hat Ent ...
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis
Important: kernel security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat P ...
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...
Hello All,The Stable channel is being updated to 11605845120 (Platform version: 15509630) for most ChromeOS devices and will be rolled out over the next few daysIf you find new issues, please let us know one of the following ways:File a bug Visit our Chrome OS communitiesGeneral: Chromebook Help CommunityBe ...
LTS-114 is being updated in the LTS channel to 11405735337 (Platform Version: 15437740) for most ChromeOS devices Want to know more about Long Term Support? Click hereThis update contains multiple Security fixes, including:1475798 High CVE-2023-5187 Use after free in Extensions1450784 Medium CVE-2023-4 ...
A new LTC-114 version, 11405735329 (Platform Version: 15437660), is being rolled out for most ChromeOS devices If you have devices in the LTC channel, they will be updated to this version The LTS channel remains on LTS-108 until September 19th, 2023 Release notes for LTC-114 can be found here Want to know more about Lon ...