{"vulnerability": "cve-2025-40300", "sightings": [{"uuid": "0ad6debe-7c7a-44db-9f88-d73aa38c4973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10", "content": "", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "a29f8955-1634-496a-a88b-e8e617ced70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m5tesy47ma2o", "content": "", "creation_timestamp": "2025-11-17T13:55:07.755894Z"}, {"uuid": "83434602-b41d-4d2f-bb9b-3702bbcd4947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m5tf3xcq2622", "content": "", "creation_timestamp": "2025-11-17T14:00:08.874164Z"}, {"uuid": "14178380-3ea8-4a3a-8abe-768bc29ad35c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/187", "content": "", "creation_timestamp": "2025-11-17T12:24:04.000000Z"}, {"uuid": "f37166b1-da32-4bf8-9519-5e973429c740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/186", "content": "", "creation_timestamp": "2025-11-17T12:20:58.000000Z"}, {"uuid": "98a97106-0b39-4af1-84ad-68c2bfb888a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/178", "content": "", "creation_timestamp": "2025-11-14T06:55:05.000000Z"}, {"uuid": "a605d8d8-5a66-427d-a5a3-b9d811c64294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m62mov2rqk25", "content": "", "creation_timestamp": "2025-11-20T11:04:42.166351Z"}, {"uuid": "5c27c0d8-fa6a-4657-8707-484d2c482588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3lyl5xqrtwm2x", "content": "", "creation_timestamp": "2025-09-11T16:25:15.641698Z"}, {"uuid": "81b752fe-f68d-476e-b856-f6493e7c9bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lyw67xutws2n", "content": "", "creation_timestamp": "2025-09-16T01:29:13.044429Z"}, {"uuid": "bb21bc7f-8568-43b8-a158-a8d3f8b525d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m5mawifyyr2d", "content": "", "creation_timestamp": "2025-11-14T17:56:52.488575Z"}, {"uuid": "d55c65a4-fd81-423f-9033-3c0b40c52ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/179", "content": "", "creation_timestamp": "2025-11-14T16:03:34.000000Z"}, {"uuid": "4c969092-21e7-44e0-b00b-a474eba264ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/181", "content": "", "creation_timestamp": "2025-11-14T16:43:20.000000Z"}, {"uuid": "3c364225-703c-4b87-92e6-245e5fac299a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xg63frpe2e", "content": "", "creation_timestamp": "2025-11-06T11:04:41.534887Z"}, {"uuid": "a00c1096-c83f-4c8a-8827-41a4586a83fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xg64fnaj2r", "content": "", "creation_timestamp": "2025-11-06T11:04:42.675431Z"}, {"uuid": "404f808d-9227-4d55-9776-9c7d4bae4872", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5jneh77ig2k", "content": "", "creation_timestamp": "2025-11-13T17:01:26.601475Z"}, {"uuid": "c87e2aba-c06b-454f-8e9e-76527f637845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5jnehi2fj2e", "content": "", "creation_timestamp": "2025-11-13T17:01:27.298234Z"}, {"uuid": "60298d39-8528-48e2-829d-96b8a0ea28f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lymri6bpdah2", "content": "", "creation_timestamp": "2025-09-12T07:48:41.512752Z"}, {"uuid": "b2469cb7-0d95-4524-885d-88c136730cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/matricedigitale.bsky.social/post/3lynhjri33s2h", "content": "", "creation_timestamp": "2025-09-12T14:21:44.394641Z"}, {"uuid": "36a1818f-37af-4bf8-bb01-f672ad740425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://threatintel.cc/2025/09/12/new-vmscape-attack-breaks-guesthost.html", "content": "", "creation_timestamp": "2025-09-12T11:47:08.000000Z"}, {"uuid": "77840723-1ba5-46d3-8b65-601d1888e6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3mc6s6jzsvc2h", "content": "", "creation_timestamp": "2026-01-12T00:34:18.574961Z"}, {"uuid": "7efae3ad-9080-4d46-8b22-ac71c2d46d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mc6s6q2rjtp2", "content": "", "creation_timestamp": "2026-01-12T00:34:34.318536Z"}, {"uuid": "6df56769-9a60-4467-999d-c9bc408b1604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m5la2cgbex2y", "content": "", "creation_timestamp": "2025-11-14T08:08:27.013730Z"}, {"uuid": "9585cbc6-dd40-4a1b-882e-2e92ec1edeb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m52b7qorrp2g", "content": "", "creation_timestamp": "2025-11-07T14:14:08.029542Z"}, {"uuid": "f6bb2e27-d9b0-49ce-9095-5aaa569f4788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m52b7ubsgx2g", "content": "", "creation_timestamp": "2025-11-07T14:14:11.633074Z"}, {"uuid": "777d7533-dd74-4a4e-8e39-5bf936e6add3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m52b7wto362u", "content": "", "creation_timestamp": "2025-11-07T14:14:14.673439Z"}, {"uuid": "51872935-b658-4af9-a1ac-2ff1ed86610c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m52ba2d2qe42", "content": "", "creation_timestamp": "2025-11-07T14:14:30.870521Z"}, {"uuid": "7e93cdd5-e487-403e-9150-13121560d8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3lyvcfbdg6v2l", "content": "", "creation_timestamp": "2025-09-15T17:11:01.584615Z"}, {"uuid": "da9d1292-6355-4d2f-8588-5d3f868d9109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4ihu2lbf52c", "content": "", "creation_timestamp": "2025-10-31T12:24:56.496923Z"}, {"uuid": "0bc3be29-b1da-4a3d-ad3d-f5cc6008a6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4ihu3q3272r", "content": "", "creation_timestamp": "2025-10-31T12:24:57.606872Z"}, {"uuid": "60e99681-c2ed-48bf-b30b-94cf7cb45d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m5jnehc7n642", "content": "", "creation_timestamp": "2025-11-13T17:02:35.306616Z"}, {"uuid": "7f4296ba-9c57-45ae-9e74-1b67fe8f5f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5jnedmfkt2r", "content": "", "creation_timestamp": "2025-11-13T17:01:23.503691Z"}, {"uuid": "ec8ad7fc-dd46-4940-b5e1-0ac005bf2ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5bpajeqq62z", "content": "", "creation_timestamp": "2025-11-10T13:13:44.981221Z"}, {"uuid": "933a4ccc-4c0c-4149-926c-a80c8f099f56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3m5bpahdgllr2", "content": "", "creation_timestamp": "2025-11-10T13:13:47.698895Z"}, {"uuid": "27cd4175-2742-4f39-a41a-2f047eb347ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3ma7xmw3bmw2p", "content": "", "creation_timestamp": "2025-12-18T00:54:06.027191Z"}, {"uuid": "4de2f165-b1f9-451d-b6fe-dd6ffdc042e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3ma7xmz3qne22", "content": "", "creation_timestamp": "2025-12-18T00:54:20.043152Z"}, {"uuid": "8a6f08fd-c06e-4bfd-b060-2caa9bfb44ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/7421", "content": "\u0413\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0428\u0432\u0435\u0439\u0446\u0430\u0440\u0441\u043a\u043e\u0439 \u0432\u044b\u0441\u0448\u0435\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0448\u043a\u043e\u043b\u044b \u0426\u044e\u0440\u0438\u0445\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u043e\u0434\u043e\u0431\u043d\u0443\u044e Spectre \u0430\u0442\u0430\u043a\u0443, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0443\u044e \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 VMScape.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 (\u0412\u041c) \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438\u0437 \u043d\u0435\u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 QEMU, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0433\u043e \u043d\u0430 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 AMD \u0438\u043b\u0438 Intel.\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0440\u0443\u0448\u0430\u0435\u0442 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u043c\u0435\u0436\u0434\u0443 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u043c\u0430\u0448\u0438\u043d\u0430\u043c\u0438 \u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u043e\u043c, \u043e\u0431\u0445\u043e\u0434\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 Spectre \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0443 \u0443\u0442\u0435\u0447\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044e\u0442, \u0447\u0442\u043e VMScape \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0437\u043b\u043e\u043c\u0430 \u0445\u043e\u0441\u0442\u0430 \u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430 \u043d\u0435\u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043c\u0435\u0440\u0430\u043c\u0438 \u0437\u0430\u0449\u0438\u0442\u044b \u043d\u0430 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430, \u0434\u043b\u044f \u0447\u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e \u0430\u0440\u0435\u043d\u0434\u043e\u0432\u0430\u0442\u044c \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u0443\u044e \u043c\u0430\u0448\u0438\u043d\u0443 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0438\u0437 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b AMD \u043e\u0442 Zen 1 \u0434\u043e Zen 5, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel Coffee Lake. \u0411\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b, Raptor Cove \u0438 Gracemont, \u0432\u043b\u0438\u044f\u043d\u0438\u044e \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b.\n\n\u0421\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b \u0437\u0430\u0449\u0438\u0449\u0430\u044e\u0442 \u043e\u0442 \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u0434\u043e \u0431\u043b\u043e\u043a\u043e\u0432 \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0430\u043d\u0438\u044f \u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0439 (BPU) \u043c\u0435\u0436\u0434\u0443 \u0433\u043e\u0441\u0442\u0435\u043c \u0438 \u0445\u043e\u0441\u0442\u043e\u043c, \u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435 \u0432 \u043f\u043e\u043b\u043d\u043e\u043c \u043e\u0431\u044a\u0435\u043c\u0435.\n\n\u0413\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f-\u0445\u043e\u0441\u0442\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043e\u0431\u0449\u0438\u043c \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c BPU, \u0442\u0430\u043a\u0438\u043c \u043a\u0430\u043a BTB (Branch Target Buffer), IBP/ITA \u0438 BHB (Branch History Buffer).\n\n\u0410\u0442\u0430\u043a\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 QEMU - \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0433\u0438\u043f\u0435\u0440\u0432\u0438\u0437\u043e\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442 \u0433\u043e\u0441\u0442\u0435\u0432\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0432 \u0441\u0432\u043e\u0435 \u0430\u0434\u0440\u0435\u0441\u043d\u043e\u0435 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u043e, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u0430\u043d\u0430\u043b \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f FLUSH+RELOAD.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 Spectre-BTI (Branch Target Injection), \u0432\u0432\u0435\u0434\u044f \u0432 \u0437\u0430\u0431\u043b\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043a\u043e\u0441\u0432\u0435\u043d\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u0432 QEMU, \u0447\u0442\u043e\u0431\u044b \u043e\u043d \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043b \u0433\u0430\u0434\u0436\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043e\u0431\u0449\u0438\u0439 \u0431\u0443\u0444\u0435\u0440 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u0414\u043b\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u043e\u043a\u043d\u0430 \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u043a\u044d\u0448\u0430 \u0438\u0437 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u043d\u0430\u0431\u043e\u0440\u044b \u0432\u044b\u0442\u0435\u0441\u043d\u0435\u043d\u0438\u044f, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043a\u044d\u0448 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f (LLC) \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 AMD Zen 4.\n\n\u0424\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 ASLR \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043a\u043e\u043b\u043b\u0438\u0437\u0438\u0439 \u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u043c\u0435\u0441\u0442\u043e\u043d\u0430\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0433\u0430\u0434\u0436\u0435\u0442\u0430-\u0436\u0435\u0440\u0442\u0432\u044b \u0438 \u043f\u043e\u0434\u0431\u043e\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u0440\u0435\u0441\u0430 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u0447\u0442\u043e VMScape \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u0442\u0435\u0447\u043a\u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438\u0437 QEMU \u0441\u043e \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u044c\u044e 32 \u0431\u0430\u0439\u0442\u0430 \u0432 \u0441\u0435\u043a\u0443\u043d\u0434\u0443 \u0441 \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c\u044e \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0431\u0430\u0439\u0442\u043e\u0432 98,7% \u0438 \u043e\u0431\u0449\u0435\u0439 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0441\u0442\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 43%.\n\n\u041f\u0440\u0438 \u0442\u0430\u043a\u043e\u0439 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0443\u0442\u0435\u0447\u043a\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 4 \u041a\u0411, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u043b\u044e\u0447\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0438\u0441\u043a\u0430, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u0430 128 \u0441\u0435\u043a\u0443\u043d\u0434. \u041e\u0431\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0445\u043e\u0434 ASLR, \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u0442 772 \u0441\u0435\u043a\u0443\u043d\u0434\u044b, \u0438\u043b\u0438 \u0447\u0443\u0442\u044c \u043c\u0435\u043d\u044c\u0448\u0435 13 \u043c\u0438\u043d\u0443\u0442.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0432\u0430\u0436\u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e VMScape \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0433\u043b\u0443\u0431\u043e\u043a\u0438\u0445 \u0437\u043d\u0430\u043d\u0438\u0439, \u0433\u043b\u0443\u0431\u043e\u043a\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0438\u0437\u044b \u0438 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b, \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0443\u0433\u0440\u043e\u0437\u044b \u0434\u043b\u044f \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0441\u0440\u0435\u0434\u044b.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 ETH Zurich \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0430\u0445 AMD \u0438 Intel 7 \u0438\u044e\u043d\u044f, \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-40300. \u041f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e AMD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u044f\u0434\u0440\u0430 Linux \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043c\u044f\u0433\u0447\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VMScape, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 Spectre-BTI (Branch Target Injec\u0447\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u0447\u0438\u0449\u0430\u0435\u0442 BPU \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u0441 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 \u0445\u043e\u0441\u0442.", "creation_timestamp": "2025-09-12T16:30:05.000000Z"}, {"uuid": "8833ea4c-ef82-43bd-ab1b-7401b8277ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "published-proof-of-concept", "source": "https://t.me/poxek/5528", "content": "CVE-2025-40300: VMScape \u2014 \u043a\u043e\u0433\u0434\u0430 Spectre \u043f\u0440\u0438\u0448\u0435\u043b \u0432 \u043e\u0431\u043b\u0430\u043a\u0430 \u2601\ufe0f\n#cloud #vmscape #AMD #Intel #KVM #Qemu #Xen\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 ETH Zurich \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 VMScape \u2014 \u043f\u0435\u0440\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e branch predictor \u043c\u0435\u0436\u0434\u0443 host \u0438 guest \u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445. Spectre-BTI \u0442\u0435\u043f\u0435\u0440\u044c \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 \u043e\u0431\u043b\u0430\u043a\u0430\u0445.\n\n\u27a1\ufe0f\u0427\u0442\u043e \u0437\u0430\u0446\u0435\u043f\u0438\u043b\u043e\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0434\u043e\u043c\u0435\u043d\u043e\u0432:\n\u25aa\ufe0f\u0412\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442 4 \u0434\u043e\u043c\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u043c\u0435\u0441\u0442\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0438\u0445 2\n\u25aa\ufe0fHost User (HU), Host Supervisor (HS), Guest User (GU), Guest Supervisor (GS)\n\u25aa\ufe0fAMD Zen (\u0432\u043a\u043b\u044e\u0447\u0430\u044f Zen 5): branch predictor \u043d\u0435 \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442 host \u0438 guest\n\u25aa\ufe0fIntel eIBRS \u0438\u0437\u043e\u043b\u0438\u0440\u0443\u0435\u0442 BTB, \u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c \u043a vBHI (virtualization Branch History Injection)\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 usermode hypervisor:\n\u25aa\ufe0f\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f KVM guest VM \u043a\u0440\u0430\u0434\u0435\u0442 \u0441\u0435\u043a\u0440\u0435\u0442\u044b \u0438\u0437 QEMU\n\u25aa\ufe0f\u0423\u0442\u0435\u0447\u043a\u0430 encryption/decryption \u043a\u043b\u044e\u0447\u0435\u0439\n\u25aa\ufe0f\u0420\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430 AMD Zen 4 \u0438 Zen 5\n\u25aa\ufe0f\u041a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430, \u0430 \u043d\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0439 VM\n\n\u27a1\ufe0f\u041f\u043e \u0442\u0435\u0445\u043d\u0438\u043a\u0435\n\n\u041d\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432\u044b \u0430\u0442\u0430\u043a:\n\nvBTI (virtualization Branch Target Injection):\n\u25aa\ufe0fBTB \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u043c\u0435\u0448\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043c\u0435\u0436\u0434\u0443 host \u0438 guest\n\u25aa\ufe0f\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u0442 branch predictions\n\nvBHI (virtualization Branch History Injection):\n\u25aa\ufe0f\u0414\u043b\u044f Intel CPU \u0441 eIBRS\n\u25aa\ufe0f\u0427\u0430\u0441\u0442\u0438\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c branch history \u0438\u0437 guest\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 Zen 5:\n\u25aa\ufe0f\u041d\u043e\u0432\u044b\u0439 single-bit privilege tag \u0432 BTB\n\u25aa\ufe0f\u0417\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u0438\u0445 cross-privilege BTI (user \u2192 supervisor)\n\u25aa\ufe0f\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043b\u044f \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 4 \u0434\u043e\u043c\u0435\u043d\u043e\u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438\n\u25aa\ufe0f\u0424\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430: 1 \u0431\u0438\u0442 \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u0438\u0442\u044c 4 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f\n\n\u27a1\ufe0f\u041c\u0430\u0441\u0448\u0442\u0430\u0431 \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\n\n\u041a\u0442\u043e \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439:\n- \u0412\u0441\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u044b (AWS, Azure, GCP)\n- KVM/QEMU \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\n- AMD Zen CPU \u0432\u0441\u0435\u0445 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u0439\n- \u0421\u0442\u0430\u0440\u044b\u0435 Intel CPU \u0431\u0435\u0437 eIBRS\n\n\u0420\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f:\n\u25aa\ufe0f\u0423\u0442\u0435\u0447\u043a\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u0435\u0436\u0434\u0443 VM \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432\n\u25aa\ufe0f\u041a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f hypervisor'\u0430 \u0438\u0437 guest VM\n\u25aa\ufe0f\u041a\u0440\u0430\u0436\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043a\u043b\u044e\u0447\u0435\u0439\n\u25aa\ufe0f\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0432 multi-tenant \u0441\u0440\u0435\u0434\u0430\u0445\n\n\u27a1\ufe0f\u0417\u0430\u0449\u0438\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u044f\n\nLinux kernel \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f:\n# \u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u044f\u0434\u0440\u0430\nuname -r\n\n# IBPB flush \u043f\u0440\u0438 VMExit \u0432 userspace\n# \u0414\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Linux kernel\n\n\u0421\u0442\u0430\u0442\u0443\u0441 \u043f\u043e \u0432\u0435\u043d\u0434\u043e\u0440\u0430\u043c:\n\u25aa\ufe0fLinux KVM: \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445\n\u25aa\ufe0fXen: \u041d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\n\u25aa\ufe0fVMware/Hyper-V: \u041f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442 AMD/Intel\n\u25aa\ufe0f\u041e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u044b: \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443\n\n\u0412\u0438\u0434\u0435\u043e \u0432\u0437\u044f\u043b \u0417\u0414\u0415\u0421\u042c\n\n\ud83c\udf1a @poxek | \ud83c\udf1a \u0411\u043b\u043e\u0433 | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK", "creation_timestamp": "2025-09-18T08:44:50.000000Z"}, {"uuid": "81000dfe-a60a-48d0-b940-de9623c88bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m65gba4vac2u", "content": "", "creation_timestamp": "2025-11-21T13:47:39.380577Z"}, {"uuid": "3ae09b11-1d79-4ff3-be57-d65c1fc9cdac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xy5j5unc2g", "content": "", "creation_timestamp": "2025-11-06T16:26:29.849234Z"}, {"uuid": "b0f6d8f5-acee-4636-b256-d18815c15ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xy5jdoum2r", "content": "", "creation_timestamp": "2025-11-06T16:26:30.420150Z"}, {"uuid": "84da7bf1-5972-437f-b2fa-92a4f4060f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5jned7wwk2u", "content": "", "creation_timestamp": "2025-11-13T17:01:22.841807Z"}, {"uuid": "122d7cc9-5774-4cb0-811f-4ad1e40de6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3m4xy5zydjrh2", "content": "", "creation_timestamp": "2025-11-06T16:27:39.994232Z"}, {"uuid": "8ae498e7-164e-444c-a2f2-92905b743b6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lymxsdc2bi2q", "content": "", "creation_timestamp": "2025-09-12T09:40:10.912942Z"}, {"uuid": "a3cf5b8a-d34d-439c-a001-05e271d17bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5bpae6hbg2s", "content": "", "creation_timestamp": "2025-11-10T13:13:40.247546Z"}, {"uuid": "a865e88e-7a75-45fe-981e-e8d4e4776384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5bpae6ohb2g", "content": "", "creation_timestamp": "2025-11-10T13:13:40.809732Z"}, {"uuid": "abf95160-9d34-48b1-8fe7-f43fa0fb3229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m5bpaj6mmj2g", "content": "", "creation_timestamp": "2025-11-10T13:13:44.422490Z"}, {"uuid": "208b0df4-f128-4244-a1a1-7049b49c18d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "f0150914-7488-4979-b8eb-c2efeef83798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-40300", "type": "seen", "source": "Telegram/tekSf9DesmcKO4l7eOnKzE6eB5F-0xU9pnOpI7ixeynUA5uJ", "content": "", "creation_timestamp": "2025-09-19T03:28:55.000000Z"}]}