ID VU:584653 Type cert Reporter CERT Modified 2018-02-23T00:00:00
Description
Overview
CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre.
Description
Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.
CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by Google Project Zero, the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants:
Variant 2 (CVE-2017-5715, also Spectre): Branch target injection
Variant 3 (CVE-2017-5754, Meltdown): Rogue data cache load, memory access permission check performed after kernel memory read
Spectre
Spectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions.
With Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target.
With both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted.
While the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the Project Zero blog post describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre.
Meltdown
Meltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle.
Meltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised.
The impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary.
The Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them.
The following table compares Spectre and Meltdown.
| | Spectre| Meltdown
---|---|--- CPU mechanism for triggering| Speculative execution from branch prediction| Out-of-order execution Affected platforms| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions Difficulty of successful attack| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal Impact| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace Software mitigations| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript
Variant 2: Indirect Branch Restricted Speculation (IBRS). Note: The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation (KPTI)
Impact
An attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks.
To execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk.
Solution
Apply updates
Operating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems will no longer receive security updates via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary.
Consider CPU Options
Initial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities.
Vendor Information
Vendor| Status| Date Notified| Date Updated
---|---|---|---
Amazon| | -| 05 Jan 2018
AMD| | -| 03 Jan 2018
Android Open Source Project| | -| 05 Jan 2018
Apple| | -| 02 Feb 2018
Arm| | -| 03 Jan 2018
CentOS| | -| 05 Jan 2018
Cisco| | -| 05 Jan 2018
Citrix| | -| 05 Jan 2018
Debian GNU/Linux| | -| 05 Jan 2018
Dell| | -| 08 Jan 2018
DragonFly BSD Project| | -| 08 Jan 2018
Fedora Project| | -| 05 Jan 2018
Fortinet, Inc.| | -| 05 Jan 2018
FreeBSD Project| | -| 05 Jan 2018
Fujitsu| | -| 11 Jan 2018
If you are a vendor and your product is affected, let us know.
These issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.
This document was written by Art Manion and Will Dormann.
{"id": "VU:584653", "bulletinFamily": "info", "title": "CPU hardware vulnerable to side-channel attacks", "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n**Consider CPU Options** \n \nInitial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 02 Feb 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nFujitsu| | -| 11 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n * <https://github.com/iadgov/Spectre-and-Meltdown-Guidance>\n * <https://arxiv.org/abs/1802.03802>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 23 Feb 2018\n * Document Revision: 219\n\n", "published": "2018-01-03T00:00:00", "modified": "2018-02-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.kb.cert.org/vuls/id/584653", "reporter": "CERT", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://arxiv.org/abs/1802.03802", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://github.com/iadgov/Spectre-and-Meltdown-Guidance", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "type": "cert", "lastseen": "2018-02-23T23:36:19", "history": [{"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| Intel x86 CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Unknown| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 05 Jan 2018 \nLinux Kernel| | -| 04 Jan 2018 \nMicrosoft| | -| 04 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 84\n\n", "edition": 8, "enchantments": {"score": {"modified": "2018-01-05T08:54:24", "value": 6.6}}, "hash": "691e674c92a3d1f3e6cbbe58f2a1ef77bc6b25cc0c33db28154d085c792b0116", "hashmap": [{"hash": "264c8beda99fc1d303427273e4f9d7ba", "key": "description"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "397d2b02b266ac00d3b8f73886c8fef9", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T08:54:24", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 93}, "differentElements": ["description"], "edition": 8, "lastseen": "2018-01-05T08:54:24"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIntel| | -| 05 Jan 2018 \nLinux Kernel| | -| 04 Jan 2018 \nMicrosoft| | -| 05 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 118\n\n", "edition": 11, "enchantments": {"score": {"modified": "2018-01-05T20:54:26", "value": 6.6}}, "hash": "76c5069e11d7386f9d95f2f2d083e649131d803c685085941c8405fa5df38fce", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "b9857e5e8f7ac13a5555c507b3a29252", "key": "description"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9d98765d73fa6a690204e00e06298ea0", "key": "references"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T20:54:26", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 106}, "differentElements": ["description"], "edition": 11, "lastseen": "2018-01-05T20:54:26"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 08 Jan 2018\n * Document Revision: 167\n\n", "edition": 16, "enchantments": {"score": {"modified": "2018-01-08T20:54:11", "value": 6.6}}, "hash": "5c0d8c43d125e8a722148c808f29c8e4e7899d5492cf95676c0e927b33c67208", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "f5cc4adf0936f798be198d12ec6abd5d", "key": "modified"}, {"hash": "0f284d9296d2272a6ce2f454df8473d3", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "a90006ae2cb1ce5af6030c3856b387d4", "key": "description"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-08T20:54:11", "modified": "2018-01-08T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 158}, "differentElements": ["description"], "edition": 16, "lastseen": "2018-01-08T20:54:11"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 09 Jan 2018\n * Document Revision: 195\n\n", "edition": 22, "enchantments": {"score": {"modified": "2018-01-09T22:54:16", "value": 6.6}}, "hash": "7c67fe1050f124893cafc90eee7718602a87e845d0020979b6f3abc907ad94d2", "hashmap": [{"hash": "d5345bfb5c55e248d49e1245c6a3902b", "key": "references"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "e51c244040f5fb6045353e4450e61da1", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "a2bb072c20526be28cecf80143e7a383", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-09T22:54:16", "modified": "2018-01-09T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 172}, "differentElements": ["references", "description"], "edition": 22, "lastseen": "2018-01-09T22:54:16"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) - Only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 05 Jan 2018 \nLinux Kernel| | -| 04 Jan 2018 \nMicrosoft| | -| 05 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nNVIDIA| | -| 05 Jan 2018 \nopenSUSE project| | -| 05 Jan 2018 \nRed Hat, Inc.| | -| 05 Jan 2018 \nSUSE Linux| | -| 05 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 100\n\n", "edition": 10, "enchantments": {"score": {"modified": "2018-01-05T18:53:13", "value": 6.6}}, "hash": "ea9f048e40bc363221662114843f9d5b7a0c3478249d43af58a82ea82ae575fc", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9d98765d73fa6a690204e00e06298ea0", "key": "references"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "a493a2493a9aaf36363c0293482828b0", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T18:53:13", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 101}, "differentElements": ["description"], "edition": 10, "lastseen": "2018-01-05T18:53:13"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n**Consider CPU Options** \n \nInitial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nFujitsu| | -| 11 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 11 Jan 2018\n * Document Revision: 208\n\n", "edition": 25, "enchantments": {"score": {"modified": "2018-01-11T22:54:21", "value": 6.6}}, "hash": "6b47c19e7f2c38e66716fb3459ea914a07abc02b6a46cbee09458ef807e96ff8", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "ca14c68a2831614398d75c8d2dd5f292", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "0971a11965780c6aa1ea57d2009563d7", "key": "modified"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "ff5a29fa0645dce5a928c19ce353ae8b", "key": "description"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-11T22:54:21", "modified": "2018-01-11T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 238}, "differentElements": ["description", "modified"], "edition": 25, "lastseen": "2018-01-11T22:54:21"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n**Consider CPU Options** \n \nInitial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 10 Jan 2018\n * Document Revision: 205\n\n", "edition": 24, "enchantments": {"score": {"modified": "2018-01-10T22:55:05", "value": 6.6}}, "hash": "d1372e455e8b9e69f0c2648c0ec95ea21ef0b7833debc7f93ddf243b5ff73ffb", "hashmap": [{"hash": "ca6088b3d56b6ed1b9e9ece31df761fe", "key": "description"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "ca14c68a2831614398d75c8d2dd5f292", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "53db0bf5ea970073adf8b9e72e6cfa10", "key": "modified"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-10T22:55:05", "modified": "2018-01-10T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 205}, "differentElements": ["description", "modified"], "edition": 24, "lastseen": "2018-01-10T22:55:05"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). The Linux mitigations for this vulnerability are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. \n \n--- \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts, such as reading otherwise protected kernel memory and bypassing KASLR. \n \n--- \n \n### Solution\n\n**Replace CPU hardware**\n\nThe underlying vulnerability is primarily caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware. \n \n--- \n \n**Apply updates** \n \nOperating system updates mitigate the underlying hardware vulnerability. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 1.5 | AV:L/AC:M/Au:S/C:P/I:N/A:N \nTemporal | 1.2 | E:POC/RL:OF/RC:C \nEnvironmental | 2.0 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://spectreattack.com/>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz).\n\nThis document was written by Art Manion.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 04 Jan 2018\n * Document Revision: 25\n\n", "edition": 3, "enchantments": {"score": {"modified": "2018-01-04T17:11:21", "value": 5.2}}, "hash": "c9f0ed9b98234f0d23996bff723f102ebd74ad06f3d86359bbdde8c513d56731", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1b941090f50d6d1c2e114abbd1b88aa2", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "966610370a5d0561045d02a9a96b5a17", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "655b1eaa847eca346c717b2dfb1b877a", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "fa042361d1f895e22cba8e550a6b3c05", "key": "references"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-04T17:11:21", "modified": "2018-01-04T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 43}, "differentElements": ["description"], "edition": 3, "lastseen": "2018-01-04T17:11:21"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 08 Jan 2018\n * Document Revision: 170\n\n", "edition": 17, "enchantments": {"score": {"modified": "2018-01-08T22:55:20", "value": 6.6}}, "hash": "145cd47a2b526a591ffcda036d2665b7ac6aee2e376da7db2f0690530bd4fb73", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "f5cc4adf0936f798be198d12ec6abd5d", "key": "modified"}, {"hash": "0f284d9296d2272a6ce2f454df8473d3", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "17e9268d8f0128a031286e93b1c898ac", "key": "description"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-08T22:55:20", "modified": "2018-01-08T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 159}, "differentElements": ["description"], "edition": 17, "lastseen": "2018-01-08T22:55:20"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 09 Jan 2018\n * Document Revision: 182\n\n", "edition": 20, "enchantments": {"score": {"modified": "2018-01-09T18:55:45", "value": 6.6}}, "hash": "40411194b558dd4749fd751594d926fc297fba8cdad9f62536995f132d93067e", "hashmap": [{"hash": "6c26c7862e51f930ee9e6d10dbec6057", "key": "description"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "e51c244040f5fb6045353e4450e61da1", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "e9f471ca9a4e6b1ec666b348f6947681", "key": "references"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-09T18:55:45", "modified": "2018-01-09T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 168}, "differentElements": ["references", "description"], "edition": 20, "lastseen": "2018-01-09T18:55:45"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>) (also KAISER and KPTI). These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). \n \n--- \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts, such as reading otherwise protected kernel memory and bypassing KASLR. \n \n--- \n \n### Solution\n\n**Replace CPU hardware**\n\nThe underlying vulnerability is primarily caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware. \n \n--- \n \n**Apply updates** \n \nOperating system updates mitigate the underlying hardware vulnerability. \n \n--- \n \n### Vendor Information \n\nMany CPU architectures are affected. The list below consists of CPU vendors and operating system vendors. \n \n--- \nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 1.5 | AV:L/AC:M/Au:S/C:P/I:N/A:N \nTemporal | 1.2 | E:POC/RL:OF/RC:C \nEnvironmental | 2.0 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://spectreattack.com/>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz).\n\nThis document was written by Art Manion.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 03 Jan 2018\n * Document Revision: 15\n\n", "edition": 1, "enchantments": {"score": {"modified": "2018-01-04T06:55:30", "value": 1.5}}, "hash": "a6f3a70a76219bbf674c162a629a9859a04a1c6fbe21c1853b36594496fcad41", "hashmap": [{"hash": "0e67896450ab825b0a81e59a1465804c", "key": "modified"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "966610370a5d0561045d02a9a96b5a17", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "ef2194db3aee2afa8a0c3bf8ea0ba432", "key": "description"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "81ddf555213eefd359c4218c18a6a046", "key": "references"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-04T06:55:30", "modified": "2018-01-03T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 0}, "differentElements": ["references", "description"], "edition": 1, "lastseen": "2018-01-04T06:55:30"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 08 Jan 2018\n * Document Revision: 179\n\n", "edition": 19, "enchantments": {"score": {"modified": "2018-01-09T03:02:32", "value": 6.6}}, "hash": "b747748b0ff1d2ae8f7206f1e03d1858500bef11fa93f25277c64db7b067aa8b", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "f5cc4adf0936f798be198d12ec6abd5d", "key": "modified"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "d1374cc93913cbf4f930ab15888d9f5f", "key": "description"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "e9f471ca9a4e6b1ec666b348f6947681", "key": "references"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-09T03:02:32", "modified": "2018-01-08T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 168}, "differentElements": ["description", "modified"], "edition": 19, "lastseen": "2018-01-09T03:02:32"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n**Consider CPU Options** \n \nInitial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nFujitsu| | -| 11 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 22 Jan 2018\n * Document Revision: 211\n\n", "edition": 27, "enchantments": {"score": {"modified": "2018-01-23T02:55:13", "value": 6.6}}, "hash": "46f56717faf8899ea8992ca6771fafd44727a970a76121249296663f13e751dc", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "ca14c68a2831614398d75c8d2dd5f292", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "cfb975eb37809d6999581d6563833c89", "key": "modified"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "2fcfbc0a7e980270157f77941dbe459c", "key": "description"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-23T02:55:13", "modified": "2018-01-22T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 261}, "differentElements": ["references", "description", "modified"], "edition": 27, "lastseen": "2018-01-23T02:55:13"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). The issues are organized into three variants: \n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \nThese attacks are possible due to the interaction between operating system memory management and CPU implementation optimization choices. Different CPUs are impacted differently, for example, the speculative execution and cache implementation of many Intel CPUs allows an attacker to read kernel memory using variant 3 on un-protected operating systems. \n \nAttacks require the ability to execute code locally on a target system. Typically this requires a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. \n \n--- \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts, such as reading otherwise protected kernel memory and bypassing KASLR. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 1.5 | AV:L/AC:M/Au:S/C:P/I:N/A:N \nTemporal | 1.2 | E:POC/RL:OF/RC:C \nEnvironmental | 2.0 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) (Gruss et. al.). Anders Fogh is credited with [research](<https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>) on variant 3.\n\nThis document was written by Art Manion.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 04 Jan 2018\n * Document Revision: 47\n\n", "edition": 5, "enchantments": {"score": {"modified": "2018-01-04T22:54:15", "value": 5.2}}, "hash": "33769fd3ccbde7b823d38c23fef814184eb2d89a909bd55f4bcb1072cb34591d", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1b941090f50d6d1c2e114abbd1b88aa2", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "1bd5b9af6ab3b4ea0ca701315d076298", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "5d506dde1bef81fcb5b481574184f003", "key": "references"}, {"hash": "b61f3313f3f3254c2655a83d5edaac30", "key": "cvelist"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-04T22:54:15", "modified": "2018-01-04T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 68}, "differentElements": ["references", "description", "cvelist"], "edition": 5, "lastseen": "2018-01-04T22:54:15"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 09 Jan 2018\n * Document Revision: 185\n\n", "edition": 21, "enchantments": {"score": {"modified": "2018-01-09T20:53:56", "value": 6.6}}, "hash": "cc94773315a483f0dd389c93951529b1d77e2f4fb45751ab89af7a85003d8d66", "hashmap": [{"hash": "d5345bfb5c55e248d49e1245c6a3902b", "key": "references"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "e51c244040f5fb6045353e4450e61da1", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "52240ba050dca69f3b814aa862b8af30", "key": "description"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-09T20:53:56", "modified": "2018-01-09T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 169}, "differentElements": ["description"], "edition": 21, "lastseen": "2018-01-09T20:53:56"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n**Consider CPU Options** \n \nInitial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nFujitsu| | -| 11 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 22 Jan 2018\n * Document Revision: 209\n\n", "edition": 26, "enchantments": {"score": {"modified": "2018-01-22T22:09:17", "value": null}}, "hash": "32d7873203cab2ff031146664f7be0a7e38c7e62dfdfa1ac6010166afed412ca", "hashmap": [{"hash": "ee80cf400c8360abec73eb806a57e2ea", "key": "description"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "ca14c68a2831614398d75c8d2dd5f292", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "cfb975eb37809d6999581d6563833c89", "key": "modified"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-22T22:09:17", "modified": "2018-01-22T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 238}, "differentElements": ["description"], "edition": 26, "lastseen": "2018-01-22T22:09:17"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends waiting. \n \nMeltdown leverages a flaw that has been demonstrated in Intel CPUs. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| Intel x86 CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Unknown| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 04 Jan 2018\n * Document Revision: 82\n\n", "edition": 7, "enchantments": {"score": {"modified": "2018-01-05T06:56:03", "value": 6.6}}, "hash": "c0f21a092dd2320d1a1c2635222521bc4b2fc95d137073696ced50f2741b3b5e", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "397d2b02b266ac00d3b8f73886c8fef9", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1b941090f50d6d1c2e114abbd1b88aa2", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "ac2d5869b7b06538b0e4082d93c0d648", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T06:56:03", "modified": "2018-01-04T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 71}, "differentElements": ["description", "modified"], "edition": 7, "lastseen": "2018-01-05T06:56:03"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIntel| | -| 05 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 145\n\n", "edition": 13, "enchantments": {"score": {"modified": "2018-01-06T00:53:37", "value": 6.6}}, "hash": "fa4dab0097f407ca784d6956ae2fd75c3114f9b2272069e67c3e509a437b6d44", "hashmap": [{"hash": "77e76d6e3062b562f92166c88fc7d5f2", "key": "references"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "3d77a66b5cf11b1e22dffefde2fe3d9d", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-06T00:53:37", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 112}, "differentElements": ["cvss"], "edition": 13, "lastseen": "2018-01-06T00:53:37"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Variant 1: Compiler changes. Web browser updates to help prevent exploitation from JavaScript \nVariant 2: Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)). \n**Note: **The software mitigation for Spectre variant 2 requires CPU microcode updates| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems [will no longer receive security updates](<https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>) via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n * <https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec>\n * [https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle;=true](<https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true>)\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), Paul Kocher, and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 09 Jan 2018\n * Document Revision: 203\n\n", "edition": 23, "enchantments": {"score": {"modified": "2018-01-10T02:54:38", "value": 6.6}}, "hash": "c5274678fb7f7ecd4e89cf77723a0e00d8efe8117cb665571080eb5af9b20580", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "23f9e44cda3c73fa6ee897fb25a67f38", "key": "description"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "e51c244040f5fb6045353e4450e61da1", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "ca14c68a2831614398d75c8d2dd5f292", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-10T02:54:38", "modified": "2018-01-09T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?usp=sharing&sle=true", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "https://doublepulsar.com/important-information-about-microsoft-meltdown-cpu-security-fixes-antivirus-vendors-and-you-a852ba0292ec", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 179}, "differentElements": ["description", "modified"], "edition": 23, "lastseen": "2018-01-10T02:54:38"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). The Linux kernel mitigations for this vulnerability are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. \n \n--- \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts, such as reading otherwise protected kernel memory and bypassing KASLR. \n \n--- \n \n### Solution\n\n**Replace CPU hardware**\n\nThe underlying vulnerability is primarily caused by CPU implementation optimization choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware. \n \n--- \n \n**Apply updates** \n \nOperating system updates mitigate the underlying hardware vulnerability. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 1.5 | AV:L/AC:M/Au:S/C:P/I:N/A:N \nTemporal | 1.2 | E:POC/RL:OF/RC:C \nEnvironmental | 2.0 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://spectreattack.com/>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz).\n\nThis document was written by Art Manion.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 04 Jan 2018\n * Document Revision: 28\n\n", "edition": 4, "enchantments": {"score": {"modified": "2018-01-04T18:54:16", "value": 5.2}}, "hash": "6cedf41f4833d71abed16ffd406b19d0a3eb050fa9d3a57dcdad42580095e045", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1b941090f50d6d1c2e114abbd1b88aa2", "key": "modified"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "966610370a5d0561045d02a9a96b5a17", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "fb25e45494e9fc78bc43b3acbf35ee5f", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "fa042361d1f895e22cba8e550a6b3c05", "key": "references"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-04T18:54:16", "modified": "2018-01-04T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 61}, "differentElements": ["references", "description", "cvelist"], "edition": 4, "lastseen": "2018-01-04T18:54:16"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). The issues are organized into three variants: \n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends waiting. \n \nMeltdown leverages a flaw that has been demonstrated in Intel CPUs. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \n \nAttacks require the ability to execute code locally on a target system. Typically this requires a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \n \nFor your convenience, here is a table that compares Spectre and Meltdown: \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| Intel x86 CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Unknown| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) (Gruss et. al.). Anders Fogh is credited with [research](<https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>) on variant 3.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 04 Jan 2018\n * Document Revision: 66\n\n", "edition": 6, "enchantments": {"score": {"modified": "2018-01-05T04:54:20", "value": 6.6}}, "hash": "87c740e1191106a5316a6b51454d418fe5d1b73c8f97a6fd82161877862ac8b1", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "1b941090f50d6d1c2e114abbd1b88aa2", "key": "modified"}, {"hash": "15dc974699d1c3f0e34516f908d3f946", "key": "description"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "aaa14a61c3205dd325ee5c227f16afdf", "key": "references"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T04:54:20", "modified": "2018-01-04T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 70}, "differentElements": ["references", "description"], "edition": 6, "lastseen": "2018-01-05T04:54:20"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>) (also KAISER and KPTI). These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz). \n \n--- \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts, such as reading otherwise protected kernel memory and bypassing KASLR. \n \n--- \n \n### Solution\n\n**Replace CPU hardware**\n\nThe underlying vulnerability is primarily caused by CPU architecture design choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware. \n \n--- \n \n**Apply updates** \n \nOperating system updates mitigate the underlying hardware vulnerability. \n \n--- \n \n### Vendor Information \n\nMultiple CPU architectures are affected. Operating systems and \n \n--- \nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 03 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 03 Jan 2018 \nLinux Kernel| | -| 03 Jan 2018 \nMicrosoft| | -| 03 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 1.5 | AV:L/AC:M/Au:S/C:P/I:N/A:N \nTemporal | 1.2 | E:POC/RL:OF/RC:C \nEnvironmental | 2.0 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://spectreattack.com/>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero and the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz).\n\nThis document was written by Art Manion.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 03 Jan 2018\n * Document Revision: 20\n\n", "edition": 2, "enchantments": {"score": {"modified": "2018-01-04T08:55:50", "value": 5.2}}, "hash": "bf6c60822c300aad7964b0e676b7514611b75797dd001485de802d44a44752bf", "hashmap": [{"hash": "0e67896450ab825b0a81e59a1465804c", "key": "modified"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "9e37dd458da7fdab180439553ca0da75", "key": "description"}, {"hash": "966610370a5d0561045d02a9a96b5a17", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "fa042361d1f895e22cba8e550a6b3c05", "key": "references"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-04T08:55:50", "modified": "2018-01-03T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 37}, "differentElements": ["description", "modified"], "edition": 2, "lastseen": "2018-01-04T08:55:50"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIntel| | -| 05 Jan 2018 \nLinux Kernel| | -| 04 Jan 2018 \nMicrosoft| | -| 05 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 122\n\n", "edition": 12, "enchantments": {"score": {"modified": "2018-01-05T22:55:36", "value": 6.6}}, "hash": "6b58bab9f508c64a32378e87c892f0a521fc87f3333dcce6ce409f5b383c198d", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9d98765d73fa6a690204e00e06298ea0", "key": "references"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "afe2476bebc5085ddf1bb60885806076", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T22:55:36", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 109}, "differentElements": ["references", "description"], "edition": 12, "lastseen": "2018-01-05T22:55:36"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Unknown| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems use to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAMD| | -| 03 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIntel| | -| 05 Jan 2018 \nLinux Kernel| | -| 04 Jan 2018 \nMicrosoft| | -| 05 Jan 2018 \nMozilla| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 92\n\n", "edition": 9, "enchantments": {"score": {"modified": "2018-01-05T17:09:08", "value": 6.6}}, "hash": "ee9803a3ac37051b266e636478114d68e0dda42580fcfa017c22cddbbf98950b", "hashmap": [{"hash": "aa0ce1e76b7a29999d2ba8d3c757da14", "key": "description"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "397d2b02b266ac00d3b8f73886c8fef9", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-05T17:09:08", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 95}, "differentElements": ["references", "description"], "edition": 9, "lastseen": "2018-01-05T17:09:08"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 08 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nDell| | -| 08 Jan 2018 \nDragonFly BSD Project| | -| 08 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n * <https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 08 Jan 2018\n * Document Revision: 171\n\n", "edition": 18, "enchantments": {"score": {"modified": "2018-01-09T00:55:29", "value": 6.6}}, "hash": "5b03afa9e41d9bccbab9a18143dc2d9d21c8ae9cab119b1592cebed9f713bdaa", "hashmap": [{"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "f5cc4adf0936f798be198d12ec6abd5d", "key": "modified"}, {"hash": "0f284d9296d2272a6ce2f454df8473d3", "key": "references"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "5ae272e59efa829b24ed691bce4b1c67", "key": "description"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-09T00:55:29", "modified": "2018-01-08T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 160}, "differentElements": ["references", "description"], "edition": 18, "lastseen": "2018-01-09T00:55:29"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIntel| | -| 05 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 05 Jan 2018\n * Document Revision: 145\n\n", "edition": 14, "enchantments": {"score": {"modified": "2018-01-06T12:53:18", "value": 6.6}}, "hash": "29a106d6ade88a871c1221f704e9580eb9bdb0c333aad4ecedae55521f37d7cc", "hashmap": [{"hash": "77e76d6e3062b562f92166c88fc7d5f2", "key": "references"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "157673a26b76a4585a91b6715dff3cbc", "key": "modified"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "3d77a66b5cf11b1e22dffefde2fe3d9d", "key": "description"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-06T12:53:18", "modified": "2018-01-05T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 142}, "differentElements": ["references", "description", "modified"], "edition": 14, "lastseen": "2018-01-06T12:53:18"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5754", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715", "CVE-2017-5715"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "description": "### Overview\n\nCPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>).\n\n### Description\n\n**Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.**\n\nCPU hardware implementations are vulnerable to side-channel attacks referred to as [Meltdown](<https://meltdownattack.com/>) and [Spectre](<https://spectreattack.com/>). Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by [Google Project Zero](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>), the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants: \n\n\n * Variant 1 (CVE-2017-5753, [Spectre](<https://spectreattack.com/spectre.pdf>)): Bounds check bypass\n * Variant 2 (CVE-2017-5715, also [Spectre](<https://spectreattack.com/spectre.pdf>)): Branch target injection[](<https://spectreattack.com/spectre.pdf>)\n * Variant 3 (CVE-2017-5754, [Meltdown](<https://meltdownattack.com/meltdown.pdf>)): Rogue data cache load, memory access permission check performed after kernel memory read\n \n**Spectre** \n \nSpectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions. \n \nWith Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the instructions at a location determined by a branch target that is mispredicted. \n \nWith both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted. \n \nWhile the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the[ Project Zero blog post](<https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>) describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre. \n \n**Meltdown** \n \nMeltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle. \n \nMeltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised. \n \nThe impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary. \n \nThe Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them. \n \nThe following table compares Spectre and Meltdown. \n \n| | **Spectre**| **Meltdown** \n---|---|--- \n**CPU mechanism for triggering**| Speculative execution from branch prediction| Out-of-order execution \n**Affected platforms**| CPUs that perform speculative execution from branch prediction| CPUs that allow memory reads in out-of-order instructions \n**Difficulty of successful attack**| High - Requires tailoring to the software environment of the victim process| Low - Kernel memory access exploit code is mostly universal \n**Impact**| Cross- and intra-process (including kernel) memory disclosure| Kernel memory disclosure to userspace \n**Software mitigations**| Indirect Branch Restricted Speculation ([IBRS](<https://lkml.org/lkml/2018/1/4/615>)) \n**Note: **This software mitigation also requires CPU microcode updates and it only mitigates Spectre variant 2| Kernel page-table isolation ([KPTI](<https://en.wikipedia.org/wiki/Kernel_page-table_isolation>)) \n \n### Impact\n\nAn attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks. \n \nTo execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk. \n \n--- \n \n### Solution\n\n**Apply updates** \n \nOperating system, CPU microcode updates, and some application updates mitigate these attacks. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nAmazon| | -| 05 Jan 2018 \nAMD| | -| 03 Jan 2018 \nAndroid Open Source Project| | -| 05 Jan 2018 \nApple| | -| 04 Jan 2018 \nArm| | -| 03 Jan 2018 \nCentOS| | -| 05 Jan 2018 \nCisco| | -| 05 Jan 2018 \nCitrix| | -| 05 Jan 2018 \nDebian GNU/Linux| | -| 05 Jan 2018 \nFedora Project| | -| 05 Jan 2018 \nFortinet, Inc.| | -| 05 Jan 2018 \nFreeBSD Project| | -| 05 Jan 2018 \nGoogle| | -| 03 Jan 2018 \nIBM Corporation| | -| 05 Jan 2018 \nIntel| | -| 05 Jan 2018 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23584653 Vendor Status Inquiry>). \n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 4.4 | AV:L/AC:M/Au:S/C:C/I:N/A:N \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 5.1 | CDP:ND/TD:H/CR:H/IR:ND/AR:ND \n \n### References\n\n * <https://meltdownattack.com/>\n * <https://meltdownattack.com/meltdown.pdf>\n * <https://spectreattack.com/>\n * <https://spectreattack.com/spectre.pdf>\n * <https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html>\n * <https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html>\n * <https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/>\n * <https://github.com/IAIK/KAISER>\n * <https://gruss.cc/files/kaiser.pdf>\n * <https://gruss.cc/files/prefetch.pdf>\n * <https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf>\n * <https://lkml.org/lkml/2017/12/27/2>\n * <https://lkml.org/lkml/2018/1/4/615>\n * <https://lwn.net/Articles/741878/>\n * <https://lwn.net/Articles/737940/>\n * <https://lwn.net/Articles/742702/>\n * <http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table>\n * <https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/>\n * <https://en.wikipedia.org/wiki/Kernel_page-table_isolation>\n * <https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/>\n\n### Credit\n\nThese issues were researched and reported by researchers at Google Project Zero (Jann Horn) the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (Gruss et. al.), and Anders Fogh.\n\nThis document was written by Art Manion and Will Dormann.\n\n### Other Information\n\n * CVE IDs: [CVE-2017-5753](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753>) [CVE-2017-5715](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715>) [CVE-2017-5754](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754>)\n * US-CERT Alert: [TA18-004A](<http://www.us-cert.gov/cas/techalerts/TA18-004A.html>)\n * Date Public: 03 Jan 2018\n * Date First Published: 03 Jan 2018\n * Date Last Updated: 06 Jan 2018\n * Document Revision: 155\n\n", "edition": 15, "enchantments": {"score": {"modified": "2018-01-07T02:55:54", "value": 6.6}}, "hash": "b15f6522f9ac4b29a113908d7760fc9942cf86f49c06bef4f4dcfcca34ed75c4", "hashmap": [{"hash": "f3e78aa00531760ae94ae257cb3ae657", "key": "references"}, {"hash": "b6ba9fa6ea18201bf39ea635ecca9f13", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "4851009339f11e5fb046c77cf4c521a7", "key": "href"}, {"hash": "64c1b0f18013d9fc9cd8b3fcc3b81629", "key": "cvelist"}, {"hash": "23742046928b6ac0049be6bc1a8e24de", "key": "cvss"}, {"hash": "f5b75daf56220350783b7a34313e09fa", "key": "modified"}, {"hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794", "key": "title"}, {"hash": "0e67896450ab825b0a81e59a1465804c", "key": "published"}, {"hash": "5d2cfab83ed6e86a4812690790dc7ad5", "key": "reporter"}, {"hash": "f15b8f8bd98a08b11d1b9e1166f44a7a", "key": "description"}], "history": [], "href": "https://www.kb.cert.org/vuls/id/584653", "id": "VU:584653", "lastseen": "2018-01-07T02:55:54", "modified": "2018-01-06T00:00:00", "objectVersion": "1.3", "published": "2018-01-03T00:00:00", "references": ["https://meltdownattack.com/meltdown.pdf", "https://meltdownattack.com/meltdown.pdf", "https://lwn.net/Articles/742702/", "https://nakedsecurity.sophos.com/2018/01/03/fckwit-aka-kaiser-aka-kpti-intel-cpu-flaw-needs-low-level-os-patches/", "https://lkml.org/lkml/2017/12/27/2", "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table", "https://gruss.cc/files/kaiser.pdf", "http://www.us-cert.gov/cas/techalerts/TA18-004A.html", "https://chrisam.net/2018/01/04/speculative-execution-side-channel-vulnerabilities-vendor-published-info/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://meltdownattack.com/", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "https://en.wikipedia.org/wiki/Kernel_page-table_isolation", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "https://spectreattack.com/", "https://spectreattack.com/", "https://spectreattack.com/", "https://lwn.net/Articles/737940/", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "https://lkml.org/lkml/2018/1/4/615", "https://lkml.org/lkml/2018/1/4/615", "https://github.com/IAIK/KAISER", "https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/", "https://lwn.net/Articles/741878/", "https://gruss.cc/files/prefetch.pdf", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf", "https://spectreattack.com/spectre.pdf"], "reporter": "CERT", "title": "CPU hardware vulnerable to side-channel attacks", "type": "cert", "viewCount": 157}, "differentElements": ["references", "description", "modified"], "edition": 15, "lastseen": "2018-01-07T02:55:54"}], "edition": 28, "hashmap": [{"key": "bulletinFamily", "hash": "caf9b6b99962bf5c2264824231d7a40c"}, {"key": "cvelist", "hash": "64c1b0f18013d9fc9cd8b3fcc3b81629"}, {"key": "cvss", "hash": "23742046928b6ac0049be6bc1a8e24de"}, {"key": "description", "hash": "a0acb8c4bacf421a6c7bd4e1f2500eb2"}, {"key": "href", "hash": "4851009339f11e5fb046c77cf4c521a7"}, {"key": "modified", "hash": "1a942ab282c8ec2d7156eb2d11f2c2fa"}, {"key": "published", "hash": "0e67896450ab825b0a81e59a1465804c"}, {"key": "references", "hash": "705648c54529556a06919c8107899e39"}, {"key": "reporter", "hash": "5d2cfab83ed6e86a4812690790dc7ad5"}, {"key": "title", "hash": "1d0954aaef62c3a5c7a1a3e8e3a5d794"}, {"key": "type", "hash": "b6ba9fa6ea18201bf39ea635ecca9f13"}], "hash": "8b99c7aa3b9f3ca5c7f129b389ea6c84434099c70a5e46b1a351c48634de9c1e", "viewCount": 280, "enchantments": {"vulnersScore": 1.4}, "objectVersion": "1.3"}
{"result": {"cve": [{"id": "CVE-2017-5753", "type": "cve", "title": "CVE-2017-5753", "description": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", "published": "2018-01-04T08:29:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5753", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-03-24T10:44:28"}, {"id": "CVE-2017-5754", "type": "cve", "title": "CVE-2017-5754", "description": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", "published": "2018-01-04T08:29:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "cvelist": ["CVE-2017-5754"], "lastseen": "2018-04-04T10:54:35"}, {"id": "CVE-2017-5715", "type": "cve", "title": "CVE-2017-5715", "description": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", "published": "2018-01-04T08:29:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5715", "cvelist": ["CVE-2017-5715"], "lastseen": "2018-04-06T10:53:03"}], "symantec": [{"id": "SMNTC-102371", "type": "symantec", "title": "Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability", "description": "### Description\n\nMultiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * AMD FX(tm)-8320 Eight-Core Processor \n * AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G \n * ARM Cortex A57 \n * Apple Mac Os X 10.11.6 \n * Apple Safari 1.0.0 \n * Apple Safari 1.0.0 \n * Apple Safari 1.0.3 \n * Apple Safari 1.1.0 \n * Apple Safari 1.1.1 \n * Apple Safari 1.2.0 \n * Apple Safari 1.2.1 \n * Apple Safari 1.2.2 \n * Apple Safari 1.2.3 \n * Apple Safari 1.2.4 \n * Apple Safari 1.2.5 \n * Apple Safari 1.3.0 \n * Apple Safari 1.3.0 \n * Apple Safari 1.3.1 \n * Apple Safari 1.3.2 312.5 \n * Apple Safari 1.3.2 312.6 \n * Apple Safari 1.3.2 \n * Apple Safari 10 \n * Apple Safari 10.0.1 \n * Apple Safari 10.0.2 \n * Apple Safari 10.0.3 \n * Apple Safari 10.1 \n * Apple Safari 10.1.1 \n * Apple Safari 10.1.2 \n * Apple Safari 11 \n * Apple Safari 2 \n * Apple Safari 2.0.1 \n * Apple Safari 2.0.2 \n * Apple Safari 2.0.3 417.8 \n * Apple Safari 2.0.3 417.9 \n * Apple Safari 2.0.3 417.9.2 \n * Apple Safari 2.0.3 417.9.3 \n * Apple Safari 2.0.3 \n * Apple Safari 2.0.4 419.3 \n * Apple Safari 2.0.4 \n * Apple Safari 3 \n * Apple Safari 3 \n * Apple Safari 3.0.0 \n * Apple Safari 3.1 \n * Apple Safari 3.1.0B \n * Apple Safari 3.1.1 \n * Apple Safari 3.1.2 \n * Apple Safari 3.2 \n * Apple Safari 3.2.1 \n * Apple Safari 3.2.2 \n * Apple Safari 3.2.3 \n * Apple Safari 3.52 \n * Apple Safari 4 \n * Apple Safari 4.0 \n * Apple Safari 4.0.1 \n * Apple Safari 4.0.2 \n * Apple Safari 4.0.3 \n * Apple Safari 4.0.4 \n * Apple Safari 4.0.5 \n * Apple Safari 4.1 \n * Apple Safari 4.1.1 \n * Apple Safari 4.1.2 \n * Apple Safari 4.1.3 \n * Apple Safari 4.28 \n * Apple Safari 4.30 \n * Apple Safari 4.31 \n * Apple Safari 5.0 \n * Apple Safari 5.0.1 \n * Apple Safari 5.0.2 \n * Apple Safari 5.0.3 \n * Apple Safari 5.0.4 \n * Apple Safari 5.0.5 \n * Apple Safari 5.0.6 \n * Apple Safari 5.1 \n * Apple Safari 5.1.1 \n * Apple Safari 5.1.10 \n * Apple Safari 5.1.2 \n * Apple Safari 5.1.3 \n * Apple Safari 5.1.4 \n * Apple Safari 5.1.5 \n * Apple Safari 5.1.6 \n * Apple Safari 5.1.7 \n * Apple Safari 5.31 \n * Apple Safari 5.33 \n * Apple Safari 5.34 \n * Apple Safari 6.0 \n * Apple Safari 6.0.1 \n * Apple Safari 6.0.2 \n * Apple Safari 6.0.3 \n * Apple Safari 6.0.4 \n * Apple Safari 6.0.5 \n * Apple Safari 6.1 \n * Apple Safari 6.1.1 \n * Apple Safari 6.1.2 \n * Apple Safari 6.1.3 \n * Apple Safari 6.1.4 \n * Apple Safari 6.1.5 \n * Apple Safari 6.1.6 \n * Apple Safari 6.2 \n * Apple Safari 6.2.1 \n * Apple Safari 6.2.2 \n * Apple Safari 6.2.3 \n * Apple Safari 6.2.4 \n * Apple Safari 6.2.5 \n * Apple Safari 6.2.6 \n * Apple Safari 6.2.7 \n * Apple Safari 6.2.8 \n * Apple Safari 7.0.1 \n * Apple Safari 7.0.2 \n * Apple Safari 7.0.3 \n * Apple Safari 7.0.4 \n * Apple Safari 7.0.5 \n * Apple Safari 7.0.6 \n * Apple Safari 7.1 \n * Apple Safari 7.1.0 \n * Apple Safari 7.1.1 \n * Apple Safari 7.1.2 \n * Apple Safari 7.1.3 \n * Apple Safari 7.1.4 \n * Apple Safari 7.1.5 \n * Apple Safari 7.1.6 \n * Apple Safari 7.1.7 \n * Apple Safari 7.1.8 \n * Apple Safari 8.0 \n * Apple Safari 8.0.1 \n * Apple Safari 8.0.2 \n * Apple Safari 8.0.3 \n * Apple Safari 8.0.4 \n * Apple Safari 8.0.5 \n * Apple Safari 8.0.6 \n * Apple Safari 8.0.7 \n * Apple Safari 8.0.8 \n * Apple Safari 9 \n * Apple Safari 9.0.1 \n * Apple Safari 9.0.2 \n * Apple Safari 9.0.3 \n * Apple Safari 9.1 \n * Apple Safari 9.1.1 \n * Apple Safari 9.1.2 \n * Apple Safari 9.1.3 \n * Apple Safari \n * Apple iOS 10 \n * Apple iOS 10.0.1 \n * Apple iOS 10.1 \n * Apple iOS 10.2 \n * Apple iOS 10.2.1 \n * Apple iOS 10.3 \n * Apple iOS 10.3.1 \n * Apple iOS 10.3.2 \n * Apple iOS 10.3.3 \n * Apple iOS 11 \n * Apple iOS 11.1 \n * Apple iOS 11.2 \n * Apple iOS 11.2.1 \n * Apple iOS 2.0 \n * Apple iOS 2.1 \n * Apple iOS 3 \n * Apple iOS 3.0 \n * Apple iOS 3.1 \n * Apple iOS 3.2 \n * Apple iOS 3.2.1 \n * Apple iOS 3.2.2 \n * Apple iOS 4 \n * Apple iOS 4 \n * Apple iOS 4.0.1 \n * Apple iOS 4.0.2 \n * Apple iOS 4.1 \n * Apple iOS 4.2 \n * Apple iOS 4.2.1 \n * Apple iOS 4.2.10 \n * Apple iOS 4.2.5 \n * Apple iOS 4.2.6 \n * Apple iOS 4.2.7 \n * Apple iOS 4.2.8 \n * Apple iOS 4.2.9 \n * Apple iOS 4.3 \n * Apple iOS 4.3.1 \n * Apple iOS 4.3.2 \n * Apple iOS 4.3.3 \n * Apple iOS 4.3.4 \n * Apple iOS 4.3.5 \n * Apple iOS 5 \n * Apple iOS 5 \n * Apple iOS 5.0.1 \n * Apple iOS 5.1 \n * Apple iOS 5.1.1 \n * Apple iOS 6 \n * Apple iOS 6.0.1 \n * Apple iOS 6.0.2 \n * Apple iOS 6.1 \n * Apple iOS 6.1.3 \n * Apple iOS 6.1.4 \n * Apple iOS 6.1.6 \n * Apple iOS 6.3.1 \n * Apple iOS 7 \n * Apple iOS 7.0.1 \n * Apple iOS 7.0.2 \n * Apple iOS 7.0.3 \n * Apple iOS 7.0.4 \n * Apple iOS 7.0.5 \n * Apple iOS 7.0.6 \n * Apple iOS 7.1 \n * Apple iOS 7.1.1 \n * Apple iOS 7.1.2 \n * Apple iOS 7.2.0 \n * Apple iOS 8 \n * Apple iOS 8.1 \n * Apple iOS 8.1.1 \n * Apple iOS 8.1.2 \n * Apple iOS 8.1.3 \n * Apple iOS 8.2 \n * Apple iOS 8.3 \n * Apple iOS 8.4 \n * Apple iOS 8.4.1 \n * Apple iOS 9 \n * Apple iOS 9.0.1 \n * Apple iOS 9.0.2 \n * Apple iOS 9.1 \n * Apple iOS 9.2 \n * Apple iOS 9.2.1 \n * Apple iOS 9.3 \n * Apple iOS 9.3.1 \n * Apple iOS 9.3.2 \n * Apple iOS 9.3.3 \n * Apple iOS 9.3.4 \n * Apple iOS 9.3.5 \n * Apple iPad Air \n * Apple iPhone \n * Apple iPod Touch \n * Apple macOS 10.12.6 \n * Apple macOS \n * Apple tvOS \n * Apple watchOS \n * BD Accuri C6 Plus \n * BD Alaris Systems Manager \n * BD Assurity Linc \n * BD BACTEC 9050 \n * BD BACTEC 9120/9240 \n * BD BACTEC FX \n * BD BACTEC FX40 \n * BD Data Innovations \n * BD FACSAria Fusion \n * BD FACSAria I/II/III \n * BD FACSCalibur \n * BD FACSCanto 10-color \n * BD FACSCanto 10-color clinical \n * BD FACSCanto II \n * BD FACSCanto II clinical \n * BD FACSCelesta \n * BD FACSCount \n * BD FACSDuet Sample Prep (ASaP) \n * BD FACSJazz \n * BD FACSLink Interface \n * BD FACSLyric \n * BD FACSMelody \n * BD FACSPresto \n * BD FACSSample Prep Assistant (SPA) III \n * BD FACSVerse \n * BD FACSVia \n * BD Focal Point - Linux \n * BD Focal Point - Solaris \n * BD GenCell CliC \n * BD Influx \n * BD Innova \n * BD Kiestra InoqulA Standalone \n * BD Kiestra TLA/WCA \n * BD LSR II \n * BD LSRFortessa \n * BD LSRFortessa X-20 \n * BD Lyse Wash Assistant \n * BD Panel Designer \n * BD Phoenix \n * BD PrepStain \n * BD Pyxis Anesthesia ES \n * BD Pyxis Anesthesia System 3500 \n * BD Pyxis CIISafe -Workstation \n * BD Pyxis CUBIE Replenishment Station \n * BD Pyxis CathRack v8 \n * BD Pyxis DuoStation \n * BD Pyxis EcoStation System \n * BD Pyxis Infant Care Verification \n * BD Pyxis MedStation 3500 \n * BD Pyxis MedStation 4000 Console \n * BD Pyxis MedStation ES \n * BD Pyxis Medication Administration \n * BD Pyxis Nursing Data Collection \n * BD Pyxis ParAssist System \n * BD Pyxis Parx \n * BD Pyxis Parx handheld \n * BD Pyxis ProcedureStation \n * BD Pyxis ScrubStation System \n * BD Pyxis Specimen Collection Verification \n * BD Pyxis StockStation System \n * BD Pyxis Supply Roller \n * BD Pyxis SupplyStation \n * BD Pyxis Transfusion Verification \n * BD Rowa Dose \n * BD Rowa Smart \n * BD Rowa Vmax System \n * BD Totalys Multiprocessor \n * BD Totalys SlidePrep \n * BD Veritor Plus System \n * BD Viper LT \n * BD Viper XTR \n * Bluecoat Content Analysis 2.1 \n * Bluecoat Content Analysis 2.2 \n * Bluecoat Malware Analysis Appliance 4.2 \n * Bluecoat Security Analytics 7.1 \n * Bluecoat Security Analytics 7.2 \n * Bluecoat Security Analytics 7.3 \n * Bluecoat X-Series XOS 10.0 \n * Bluecoat X-Series XOS 11.0 \n * Bluecoat X-Series XOS 9.7 \n * Cisco Carrier Routing System 6.6.0.BASE \n * Cisco Unified Computing System 2.2 \n * Cisco Unified Computing System 3.1 \n * Cisco Unified Computing System 3.2 \n * Google Android \n * Google Chrome 0.1.38.1 \n * Google Chrome 0.1.38.2 \n * Google Chrome 0.1.38.4 \n * Google Chrome 0.1.40.1 \n * Google Chrome 0.1.42.2 \n * Google Chrome 0.1.42.3 \n * Google Chrome 0.2.149.27 \n * Google Chrome 0.2.149.29 \n * Google Chrome 0.2.149.30 \n * Google Chrome 0.2.152.1 \n * Google Chrome 0.2.153.1 \n * Google Chrome 0.3.154 9 \n * Google Chrome 0.3.154.0 \n * Google Chrome 0.3.154.3 \n * Google Chrome 0.4.154.18 \n * Google Chrome 0.4.154.22 \n * Google Chrome 0.4.154.31 \n * Google Chrome 0.4.154.33 \n * Google Chrome 1.0.154.36 \n * Google Chrome 1.0.154.39 \n * Google Chrome 1.0.154.42 \n * Google Chrome 1.0.154.43 \n * Google Chrome 1.0.154.46 \n * Google Chrome 1.0.154.48 \n * Google Chrome 1.0.154.52 \n * Google Chrome 1.0.154.53 \n * Google Chrome 1.0.154.55 \n * Google Chrome 1.0.154.59 \n * Google Chrome 1.0.154.61 \n * Google Chrome 1.0.154.64 \n * Google Chrome 1.0.154.65 \n * Google Chrome 10 \n * Google Chrome 10.0.601.0 \n * Google Chrome 10.0.602.0 \n * Google Chrome 10.0.603.0 \n * Google Chrome 10.0.603.2 \n * Google Chrome 10.0.603.3 \n * Google Chrome 10.0.604.0 \n * Google Chrome 10.0.605.0 \n * Google Chrome 10.0.606.0 \n * Google Chrome 10.0.607.0 \n * Google Chrome 10.0.608.0 \n * Google Chrome 10.0.609.0 \n * Google Chrome 10.0.610.0 \n * Google Chrome 10.0.611.0 \n * Google Chrome 10.0.611.1 \n * Google Chrome 10.0.612.0 \n * Google Chrome 10.0.612.1 \n * Google Chrome 10.0.612.2 \n * Google Chrome 10.0.612.3 \n * Google Chrome 10.0.613.0 \n * Google Chrome 10.0.614.0 \n * Google Chrome 10.0.615.0 \n * Google Chrome 10.0.616.0 \n * Google Chrome 10.0.617.0 \n * Google Chrome 10.0.618.0 \n * Google Chrome 10.0.619.0 \n * Google Chrome 10.0.620.0 \n * Google Chrome 10.0.621.0 \n * Google Chrome 10.0.622.0 \n * Google Chrome 10.0.622.1 \n * Google Chrome 10.0.623.0 \n * Google Chrome 10.0.624.0 \n * Google Chrome 10.0.625.0 \n * Google Chrome 10.0.626.0 \n * Google Chrome 10.0.627.0 \n * Google Chrome 10.0.628.0 \n * Google Chrome 10.0.629.0 \n * Google Chrome 10.0.630.0 \n * Google Chrome 10.0.631.0 \n * Google Chrome 10.0.632.0 \n * Google Chrome 10.0.633.0 \n * Google Chrome 10.0.634.0 \n * Google Chrome 10.0.634.1 \n * Google Chrome 10.0.635.0 \n * Google Chrome 10.0.636.0 \n * Google Chrome 10.0.638.0 \n * Google Chrome 10.0.638.1 \n * Google Chrome 10.0.639.0 \n * Google Chrome 10.0.640.0 \n * Google Chrome 10.0.642.0 \n * Google Chrome 10.0.642.1 \n * Google Chrome 10.0.642.2 \n * Google Chrome 10.0.643.0 \n * Google Chrome 10.0.644.0 \n * Google Chrome 10.0.645.0 \n * Google Chrome 10.0.646.0 \n * Google Chrome 10.0.647.0 \n * Google Chrome 10.0.648.0 \n * Google Chrome 10.0.648.1 \n * Google Chrome 10.0.648.10 \n * Google Chrome 10.0.648.101 \n * Google Chrome 10.0.648.103 \n * Google Chrome 10.0.648.105 \n * Google Chrome 10.0.648.107 \n * Google Chrome 10.0.648.11 \n * Google Chrome 10.0.648.114 \n * Google Chrome 10.0.648.116 \n * Google Chrome 10.0.648.118 \n * Google Chrome 10.0.648.119 \n * Google Chrome 10.0.648.12 \n * Google Chrome 10.0.648.120 \n * Google Chrome 10.0.648.121 \n * Google Chrome 10.0.648.122 \n * Google Chrome 10.0.648.123 \n * Google Chrome 10.0.648.124 \n * Google Chrome 10.0.648.125 \n * Google Chrome 10.0.648.126 \n * Google Chrome 10.0.648.127 \n * Google Chrome 10.0.648.128 \n * Google Chrome 10.0.648.129 \n * Google Chrome 10.0.648.13 \n * Google Chrome 10.0.648.130 \n * Google Chrome 10.0.648.131 \n * Google Chrome 10.0.648.132 \n * Google Chrome 10.0.648.133 \n * Google Chrome 10.0.648.134 \n * Google Chrome 10.0.648.135 \n * Google Chrome 10.0.648.151 \n * Google Chrome 10.0.648.18 \n * Google Chrome 10.0.648.2 \n * Google Chrome 10.0.648.201 \n * Google Chrome 10.0.648.203 \n * Google Chrome 10.0.648.204 \n * Google Chrome 10.0.648.205 \n * Google Chrome 10.0.648.23 \n * Google Chrome 10.0.648.26 \n * Google Chrome 10.0.648.28 \n * Google Chrome 10.0.648.3 \n * Google Chrome 10.0.648.32 \n * Google Chrome 10.0.648.35 \n * Google Chrome 10.0.648.38 \n * Google Chrome 10.0.648.4 \n * Google Chrome 10.0.648.42 \n * Google Chrome 10.0.648.45 \n * Google Chrome 10.0.648.49 \n * Google Chrome 10.0.648.5 \n * Google Chrome 10.0.648.54 \n * Google Chrome 10.0.648.56 \n * Google Chrome 10.0.648.59 \n * Google Chrome 10.0.648.6 \n * Google Chrome 10.0.648.62 \n * Google Chrome 10.0.648.66 \n * Google Chrome 10.0.648.68 \n * Google Chrome 10.0.648.7 \n * Google Chrome 10.0.648.70 \n * Google Chrome 10.0.648.72 \n * Google Chrome 10.0.648.76 \n * Google Chrome 10.0.648.79 \n * Google Chrome 10.0.648.8 \n * Google Chrome 10.0.648.82 \n * Google Chrome 10.0.648.84 \n * Google Chrome 10.0.648.87 \n * Google Chrome 10.0.648.9 \n * Google Chrome 10.0.648.90 \n * Google Chrome 10.0.649.0 \n * Google Chrome 10.0.650.0 \n * Google Chrome 10.0.651.0 \n * Google Chrome 11 \n * Google Chrome 11.0.652.0 \n * Google Chrome 11.0.653.0 \n * Google Chrome 11.0.654.0 \n * Google Chrome 11.0.655.0 \n * Google Chrome 11.0.656.0 \n * Google Chrome 11.0.657.0 \n * Google Chrome 11.0.658.0 \n * Google Chrome 11.0.658.1 \n * Google Chrome 11.0.659.0 \n * Google Chrome 11.0.660.0 \n * Google Chrome 11.0.661.0 \n * Google Chrome 11.0.662.0 \n * Google Chrome 11.0.663.0 \n * Google Chrome 11.0.664.1 \n * Google Chrome 11.0.665.0 \n * Google Chrome 11.0.666.0 \n * Google Chrome 11.0.667.0 \n * Google Chrome 11.0.667.2 \n * Google Chrome 11.0.667.3 \n * Google Chrome 11.0.667.4 \n * Google Chrome 11.0.668.0 \n * Google Chrome 11.0.669.0 \n * Google Chrome 11.0.670.0 \n * Google Chrome 11.0.671.0 \n * Google Chrome 11.0.672.0 \n * Google Chrome 11.0.672.1 \n * Google Chrome 11.0.672.2 \n * Google Chrome 11.0.673.0 \n * Google Chrome 11.0.674.0 \n * Google Chrome 11.0.675.0 \n * Google Chrome 11.0.676.0 \n * Google Chrome 11.0.677.0 \n * Google Chrome 11.0.678.0 \n * Google Chrome 11.0.679.0 \n * Google Chrome 11.0.680.0 \n * Google Chrome 11.0.681.0 \n * Google Chrome 11.0.682.0 \n * Google Chrome 11.0.683.0 \n * Google Chrome 11.0.684.0 \n * Google Chrome 11.0.685.0 \n * Google Chrome 11.0.686.0 \n * Google Chrome 11.0.686.1 \n * Google Chrome 11.0.686.2 \n * Google Chrome 11.0.686.3 \n * Google Chrome 11.0.687.0 \n * Google Chrome 11.0.687.1 \n * Google Chrome 11.0.688.0 \n * Google Chrome 11.0.689.0 \n * Google Chrome 11.0.690.0 \n * Google Chrome 11.0.690.1 \n * Google Chrome 11.0.691.0 \n * Google Chrome 11.0.692.0 \n * Google Chrome 11.0.693.0 \n * Google Chrome 11.0.694.0 \n * Google Chrome 11.0.695.0 \n * Google Chrome 11.0.696.0 \n * Google Chrome 11.0.696.1 \n * Google Chrome 11.0.696.10 \n * Google Chrome 11.0.696.11 \n * Google Chrome 11.0.696.12 \n * Google Chrome 11.0.696.13 \n * Google Chrome 11.0.696.14 \n * Google Chrome 11.0.696.15 \n * Google Chrome 11.0.696.16 \n * Google Chrome 11.0.696.17 \n * Google Chrome 11.0.696.18 \n * Google Chrome 11.0.696.19 \n * Google Chrome 11.0.696.2 \n * Google Chrome 11.0.696.20 \n * Google Chrome 11.0.696.21 \n * Google Chrome 11.0.696.22 \n * Google Chrome 11.0.696.23 \n * Google Chrome 11.0.696.24 \n * Google Chrome 11.0.696.25 \n * Google Chrome 11.0.696.26 \n * Google Chrome 11.0.696.27 \n * Google Chrome 11.0.696.28 \n * Google Chrome 11.0.696.29 \n * Google Chrome 11.0.696.3 \n * Google Chrome 11.0.696.30 \n * Google Chrome 11.0.696.31 \n * Google Chrome 11.0.696.32 \n * Google Chrome 11.0.696.33 \n * Google Chrome 11.0.696.34 \n * Google Chrome 11.0.696.35 \n * Google Chrome 11.0.696.36 \n * Google Chrome 11.0.696.37 \n * Google Chrome 11.0.696.38 \n * Google Chrome 11.0.696.39 \n * Google Chrome 11.0.696.4 \n * Google Chrome 11.0.696.40 \n * Google Chrome 11.0.696.41 \n * Google Chrome 11.0.696.42 \n * Google Chrome 11.0.696.43 \n * Google Chrome 11.0.696.44 \n * Google Chrome 11.0.696.45 \n * Google Chrome 11.0.696.46 \n * Google Chrome 11.0.696.47 \n * Google Chrome 11.0.696.48 \n * Google Chrome 11.0.696.49 \n * Google Chrome 11.0.696.5 \n * Google Chrome 11.0.696.50 \n * Google Chrome 11.0.696.51 \n * Google Chrome 11.0.696.52 \n * Google Chrome 11.0.696.53 \n * Google Chrome 11.0.696.54 \n * Google Chrome 11.0.696.55 \n * Google Chrome 11.0.696.56 \n * Google Chrome 11.0.696.57 \n * Google Chrome 11.0.696.58 \n * Google Chrome 11.0.696.59 \n * Google Chrome 11.0.696.60 \n * Google Chrome 11.0.696.61 \n * Google Chrome 11.0.696.62 \n * Google Chrome 11.0.696.63 \n * Google Chrome 11.0.696.64 \n * Google Chrome 11.0.696.65 \n * Google Chrome 11.0.696.66 \n * Google Chrome 11.0.696.67 \n * Google Chrome 11.0.696.68 \n * Google Chrome 11.0.696.69 \n * Google Chrome 11.0.696.7 \n * Google Chrome 11.0.696.70 \n * Google Chrome 11.0.696.71 \n * Google Chrome 11.0.696.72 \n * Google Chrome 11.0.696.77 \n * Google Chrome 11.0.696.8 \n * Google Chrome 11.0.696.9 \n * Google Chrome 11.0.697.0 \n * Google Chrome 11.0.698.0 \n * Google Chrome 11.0.699.0 \n * Google Chrome 12 \n * Google Chrome 12.0.700.0 \n * Google Chrome 12.0.701.0 \n * Google Chrome 12.0.702.0 \n * Google Chrome 12.0.702.1 \n * Google Chrome 12.0.702.2 \n * Google Chrome 12.0.703.0 \n * Google Chrome 12.0.704.0 \n * Google Chrome 12.0.705.0 \n * Google Chrome 12.0.706.0 \n * Google Chrome 12.0.707.0 \n * Google Chrome 12.0.708.0 \n * Google Chrome 12.0.709.0 \n * Google Chrome 12.0.710.0 \n * Google Chrome 12.0.711.0 \n * Google Chrome 12.0.712.0 \n * Google Chrome 12.0.713.0 \n * Google Chrome 12.0.714.0 \n * Google Chrome 12.0.715.0 \n * Google Chrome 12.0.716.0 \n * Google Chrome 12.0.717.0 \n * Google Chrome 12.0.718.0 \n * Google Chrome 12.0.719.0 \n * Google Chrome 12.0.719.1 \n * Google Chrome 12.0.720.0 \n * Google Chrome 12.0.721.0 \n * Google Chrome 12.0.721.1 \n * Google Chrome 12.0.722.0 \n * Google Chrome 12.0.723.0 \n * Google Chrome 12.0.723.1 \n * Google Chrome 12.0.724.0 \n * Google Chrome 12.0.725.0 \n * Google Chrome 12.0.726.0 \n * Google Chrome 12.0.727.0 \n * Google Chrome 12.0.728.0 \n * Google Chrome 12.0.729.0 \n * Google Chrome 12.0.730.0 \n * Google Chrome 12.0.731.0 \n * Google Chrome 12.0.732.0 \n * Google Chrome 12.0.733.0 \n * Google Chrome 12.0.734.0 \n * Google Chrome 12.0.735.0 \n * Google Chrome 12.0.736.0 \n * Google Chrome 12.0.737.0 \n * Google Chrome 12.0.738.0 \n * Google Chrome 12.0.739.0 \n * Google Chrome 12.0.740.0 \n * Google Chrome 12.0.741.0 \n * Google Chrome 12.0.742.0 \n * Google Chrome 12.0.742.1 \n * Google Chrome 12.0.742.10 \n * Google Chrome 12.0.742.100 \n * Google Chrome 12.0.742.105 \n * Google Chrome 12.0.742.11 \n * Google Chrome 12.0.742.111 \n * Google Chrome 12.0.742.112 \n * Google Chrome 12.0.742.113 \n * Google Chrome 12.0.742.114 \n * Google Chrome 12.0.742.115 \n * Google Chrome 12.0.742.12 \n * Google Chrome 12.0.742.120 \n * Google Chrome 12.0.742.121 \n * Google Chrome 12.0.742.122 \n * Google Chrome 12.0.742.123 \n * Google Chrome 12.0.742.124 \n * Google Chrome 12.0.742.13 \n * Google Chrome 12.0.742.14 \n * Google Chrome 12.0.742.15 \n * Google Chrome 12.0.742.16 \n * Google Chrome 12.0.742.17 \n * Google Chrome 12.0.742.18 \n * Google Chrome 12.0.742.19 \n * Google Chrome 12.0.742.2 \n * Google Chrome 12.0.742.20 \n * Google Chrome 12.0.742.21 \n * Google Chrome 12.0.742.22 \n * Google Chrome 12.0.742.3 \n * Google Chrome 12.0.742.30 \n * Google Chrome 12.0.742.4 \n * Google Chrome 12.0.742.41 \n * Google Chrome 12.0.742.42 \n * Google Chrome 12.0.742.43 \n * Google Chrome 12.0.742.44 \n * Google Chrome 12.0.742.45 \n * Google Chrome 12.0.742.46 \n * Google Chrome 12.0.742.47 \n * Google Chrome 12.0.742.48 \n * Google Chrome 12.0.742.49 \n * Google Chrome 12.0.742.5 \n * Google Chrome 12.0.742.50 \n * Google Chrome 12.0.742.51 \n * Google Chrome 12.0.742.52 \n * Google Chrome 12.0.742.53 \n * Google Chrome 12.0.742.54 \n * Google Chrome 12.0.742.55 \n * Google Chrome 12.0.742.56 \n * Google Chrome 12.0.742.57 \n * Google Chrome 12.0.742.58 \n * Google Chrome 12.0.742.59 \n * Google Chrome 12.0.742.6 \n * Google Chrome 12.0.742.60 \n * Google Chrome 12.0.742.61 \n * Google Chrome 12.0.742.63 \n * Google Chrome 12.0.742.64 \n * Google Chrome 12.0.742.65 \n * Google Chrome 12.0.742.66 \n * Google Chrome 12.0.742.67 \n * Google Chrome 12.0.742.68 \n * Google Chrome 12.0.742.69 \n * Google Chrome 12.0.742.70 \n * Google Chrome 12.0.742.71 \n * Google Chrome 12.0.742.72 \n * Google Chrome 12.0.742.73 \n * Google Chrome 12.0.742.74 \n * Google Chrome 12.0.742.75 \n * Google Chrome 12.0.742.77 \n * Google Chrome 12.0.742.8 \n * Google Chrome 12.0.742.82 \n * Google Chrome 12.0.742.9 \n * Google Chrome 12.0.742.91 \n * Google Chrome 12.0.742.92 \n * Google Chrome 12.0.742.93 \n * Google Chrome 12.0.742.94 \n * Google Chrome 12.0.743.0 \n * Google Chrome 12.0.744.0 \n * Google Chrome 12.0.745.0 \n * Google Chrome 12.0.746.0 \n * Google Chrome 12.0.747.0 \n * Google Chrome 13 \n * Google Chrome 13.0.748.0 \n * Google Chrome 13.0.749.0 \n * Google Chrome 13.0.750.0 \n * Google Chrome 13.0.751.0 \n * Google Chrome 13.0.752.0 \n * Google Chrome 13.0.753.0 \n * Google Chrome 13.0.754.0 \n * Google Chrome 13.0.755.0 \n * Google Chrome 13.0.756.0 \n * Google Chrome 13.0.757.0 \n * Google Chrome 13.0.758.0 \n * Google Chrome 13.0.759.0 \n * Google Chrome 13.0.760.0 \n * Google Chrome 13.0.761.0 \n * Google Chrome 13.0.761.1 \n * Google Chrome 13.0.762.0 \n * Google Chrome 13.0.762.1 \n * Google Chrome 13.0.763.0 \n * Google Chrome 13.0.764.0 \n * Google Chrome 13.0.765.0 \n * Google Chrome 13.0.766.0 \n * Google Chrome 13.0.767.0 \n * Google Chrome 13.0.767.1 \n * Google Chrome 13.0.768.0 \n * Google Chrome 13.0.769.0 \n * Google Chrome 13.0.770.0 \n * Google Chrome 13.0.771.0 \n * Google Chrome 13.0.772.0 \n * Google Chrome 13.0.773.0 \n * Google Chrome 13.0.774.0 \n * Google Chrome 13.0.775.0 \n * Google Chrome 13.0.775.1 \n * Google Chrome 13.0.775.2 \n * Google Chrome 13.0.775.4 \n * Google Chrome 13.0.776.0 \n * Google Chrome 13.0.776.1 \n * Google Chrome 13.0.777.0 \n * Google Chrome 13.0.777.1 \n * Google Chrome 13.0.777.2 \n * Google Chrome 13.0.777.3 \n * Google Chrome 13.0.777.4 \n * Google Chrome 13.0.777.5 \n * Google Chrome 13.0.777.6 \n * Google Chrome 13.0.778.0 \n * Google Chrome 13.0.779.0 \n * Google Chrome 13.0.780.0 \n * Google Chrome 13.0.781.0 \n * Google Chrome 13.0.782.0 \n * Google Chrome 13.0.782.1 \n * Google Chrome 13.0.782.10 \n * Google Chrome 13.0.782.100 \n * Google Chrome 13.0.782.101 \n * Google Chrome 13.0.782.102 \n * Google Chrome 13.0.782.103 \n * Google Chrome 13.0.782.104 \n * Google Chrome 13.0.782.105 \n * Google Chrome 13.0.782.106 \n * Google Chrome 13.0.782.107 \n * Google Chrome 13.0.782.108 \n * Google Chrome 13.0.782.109 \n * Google Chrome 13.0.782.11 \n * Google Chrome 13.0.782.112 \n * Google Chrome 13.0.782.12 \n * Google Chrome 13.0.782.13 \n * Google Chrome 13.0.782.14 \n * Google Chrome 13.0.782.15 \n * Google Chrome 13.0.782.16 \n * Google Chrome 13.0.782.17 \n * Google Chrome 13.0.782.18 \n * Google Chrome 13.0.782.19 \n * Google Chrome 13.0.782.20 \n * Google Chrome 13.0.782.21 \n * Google Chrome 13.0.782.210 \n * Google Chrome 13.0.782.211 \n * Google Chrome 13.0.782.212 \n * Google Chrome 13.0.782.213 \n * Google Chrome 13.0.782.214 \n * Google Chrome 13.0.782.215 \n * Google Chrome 13.0.782.216 \n * Google Chrome 13.0.782.217 \n * Google Chrome 13.0.782.218 \n * Google Chrome 13.0.782.219 \n * Google Chrome 13.0.782.220 \n * Google Chrome 13.0.782.23 \n * Google Chrome 13.0.782.237 \n * Google Chrome 13.0.782.238 \n * Google Chrome 13.0.782.24 \n * Google Chrome 13.0.782.25 \n * Google Chrome 13.0.782.26 \n * Google Chrome 13.0.782.27 \n * Google Chrome 13.0.782.28 \n * Google Chrome 13.0.782.29 \n * Google Chrome 13.0.782.3 \n * Google Chrome 13.0.782.30 \n * Google Chrome 13.0.782.31 \n * Google Chrome 13.0.782.32 \n * Google Chrome 13.0.782.33 \n * Google Chrome 13.0.782.34 \n * Google Chrome 13.0.782.35 \n * Google Chrome 13.0.782.36 \n * Google Chrome 13.0.782.37 \n * Google Chrome 13.0.782.38 \n * Google Chrome 13.0.782.39 \n * Google Chrome 13.0.782.4 \n * Google Chrome 13.0.782.40 \n * Google Chrome 13.0.782.41 \n * Google Chrome 13.0.782.42 \n * Google Chrome 13.0.782.43 \n * Google Chrome 13.0.782.44 \n * Google Chrome 13.0.782.45 \n * Google Chrome 13.0.782.46 \n * Google Chrome 13.0.782.47 \n * Google Chrome 13.0.782.48 \n * Google Chrome 13.0.782.49 \n * Google Chrome 13.0.782.50 \n * Google Chrome 13.0.782.51 \n * Google Chrome 13.0.782.52 \n * Google Chrome 13.0.782.53 \n * Google Chrome 13.0.782.55 \n * Google Chrome 13.0.782.56 \n * Google Chrome 13.0.782.6 \n * Google Chrome 13.0.782.7 \n * Google Chrome 13.0.782.81 \n * Google Chrome 13.0.782.82 \n * Google Chrome 13.0.782.83 \n * Google Chrome 13.0.782.84 \n * Google Chrome 13.0.782.85 \n * Google Chrome 13.0.782.86 \n * Google Chrome 13.0.782.87 \n * Google Chrome 13.0.782.88 \n * Google Chrome 13.0.782.89 \n * Google Chrome 13.0.782.90 \n * Google Chrome 13.0.782.91 \n * Google Chrome 13.0.782.92 \n * Google Chrome 13.0.782.93 \n * Google Chrome 13.0.782.94 \n * Google Chrome 13.0.782.95 \n * Google Chrome 13.0.782.96 \n * Google Chrome 13.0.782.97 \n * Google Chrome 13.0.782.98 \n * Google Chrome 13.0.782.99 \n * Google Chrome 14 \n * Google Chrome 14.0.783.0 \n * Google Chrome 14.0.784.0 \n * Google Chrome 14.0.785.0 \n * Google Chrome 14.0.786.0 \n * Google Chrome 14.0.787.0 \n * Google Chrome 14.0.788.0 \n * Google Chrome 14.0.789.0 \n * Google Chrome 14.0.790.0 \n * Google Chrome 14.0.791.0 \n * Google Chrome 14.0.792.0 \n * Google Chrome 14.0.793.0 \n * Google Chrome 14.0.794.0 \n * Google Chrome 14.0.795.0 \n * Google Chrome 14.0.796.0 \n * Google Chrome 14.0.797.0 \n * Google Chrome 14.0.798.0 \n * Google Chrome 14.0.799.0 \n * Google Chrome 14.0.800.0 \n * Google Chrome 14.0.801.0 \n * Google Chrome 14.0.802.0 \n * Google Chrome 14.0.803.0 \n * Google Chrome 14.0.804.0 \n * Google Chrome 14.0.805.0 \n * Google Chrome 14.0.806.0 \n * Google Chrome 14.0.807.0 \n * Google Chrome 14.0.808.0 \n * Google Chrome 14.0.809.0 \n * Google Chrome 14.0.810.0 \n * Google Chrome 14.0.811.0 \n * Google Chrome 14.0.812.0 \n * Google Chrome 14.0.813.0 \n * Google Chrome 14.0.814.0 \n * Google Chrome 14.0.815.0 \n * Google Chrome 14.0.816.0 \n * Google Chrome 14.0.818.0 \n * Google Chrome 14.0.819.0 \n * Google Chrome 14.0.820.0 \n * Google Chrome 14.0.821.0 \n * Google Chrome 14.0.822.0 \n * Google Chrome 14.0.823.0 \n * Google Chrome 14.0.824.0 \n * Google Chrome 14.0.825.0 \n * Google Chrome 14.0.826.0 \n * Google Chrome 14.0.827.0 \n * Google Chrome 14.0.827.10 \n * Google Chrome 14.0.827.12 \n * Google Chrome 14.0.829.1 \n * Google Chrome 14.0.830.0 \n * Google Chrome 14.0.831.0 \n * Google Chrome 14.0.832.0 \n * Google Chrome 14.0.833.0 \n * Google Chrome 14.0.834.0 \n * Google Chrome 14.0.835.0 \n * Google Chrome 14.0.835.1 \n * Google Chrome 14.0.835.100 \n * Google Chrome 14.0.835.101 \n * Google Chrome 14.0.835.102 \n * Google Chrome 14.0.835.103 \n * Google Chrome 14.0.835.104 \n * Google Chrome 14.0.835.105 \n * Google Chrome 14.0.835.106 \n * Google Chrome 14.0.835.107 \n * Google Chrome 14.0.835.108 \n * Google Chrome 14.0.835.109 \n * Google Chrome 14.0.835.11 \n * Google Chrome 14.0.835.110 \n * Google Chrome 14.0.835.111 \n * Google Chrome 14.0.835.112 \n * Google Chrome 14.0.835.113 \n * Google Chrome 14.0.835.114 \n * Google Chrome 14.0.835.115 \n * Google Chrome 14.0.835.116 \n * Google Chrome 14.0.835.117 \n * Google Chrome 14.0.835.118 \n * Google Chrome 14.0.835.119 \n * Google Chrome 14.0.835.120 \n * Google Chrome 14.0.835.121 \n * Google Chrome 14.0.835.122 \n * Google Chrome 14.0.835.123 \n * Google Chrome 14.0.835.124 \n * Google Chrome 14.0.835.125 \n * Google Chrome 14.0.835.126 \n * Google Chrome 14.0.835.127 \n * Google Chrome 14.0.835.128 \n * Google Chrome 14.0.835.13 \n * Google Chrome 14.0.835.14 \n * Google Chrome 14.0.835.149 \n * Google Chrome 14.0.835.15 \n * Google Chrome 14.0.835.150 \n * Google Chrome 14.0.835.151 \n * Google Chrome 14.0.835.152 \n * Google Chrome 14.0.835.153 \n * Google Chrome 14.0.835.154 \n * Google Chrome 14.0.835.155 \n * Google Chrome 14.0.835.156 \n * Google Chrome 14.0.835.157 \n * Google Chrome 14.0.835.158 \n * Google Chrome 14.0.835.159 \n * Google Chrome 14.0.835.16 \n * Google Chrome 14.0.835.160 \n * Google Chrome 14.0.835.161 \n * Google Chrome 14.0.835.162 \n * Google Chrome 14.0.835.163 \n * Google Chrome 14.0.835.18 \n * Google Chrome 14.0.835.184 \n * Google Chrome 14.0.835.186 \n * Google Chrome 14.0.835.187 \n * Google Chrome 14.0.835.2 \n * Google Chrome 14.0.835.20 \n * Google Chrome 14.0.835.202 \n * Google Chrome 14.0.835.203 \n * Google Chrome 14.0.835.204 \n * Google Chrome 14.0.835.21 \n * Google Chrome 14.0.835.22 \n * Google Chrome 14.0.835.23 \n * Google Chrome 14.0.835.24 \n * Google Chrome 14.0.835.25 \n * Google Chrome 14.0.835.26 \n * Google Chrome 14.0.835.27 \n * Google Chrome 14.0.835.28 \n * Google Chrome 14.0.835.29 \n * Google Chrome 14.0.835.30 \n * Google Chrome 14.0.835.31 \n * Google Chrome 14.0.835.32 \n * Google Chrome 14.0.835.33 \n * Google Chrome 14.0.835.34 \n * Google Chrome 14.0.835.35 \n * Google Chrome 14.0.835.4 \n * Google Chrome 14.0.835.8 \n * Google Chrome 14.0.835.86 \n * Google Chrome 14.0.835.87 \n * Google Chrome 14.0.835.88 \n * Google Chrome 14.0.835.89 \n * Google Chrome 14.0.835.9 \n * Google Chrome 14.0.835.90 \n * Google Chrome 14.0.835.91 \n * Google Chrome 14.0.835.92 \n * Google Chrome 14.0.835.93 \n * Google Chrome 14.0.835.94 \n * Google Chrome 14.0.835.95 \n * Google Chrome 14.0.835.96 \n * Google Chrome 14.0.835.97 \n * Google Chrome 14.0.835.98 \n * Google Chrome 14.0.835.99 \n * Google Chrome 14.0.836.0 \n * Google Chrome 14.0.837.0 \n * Google Chrome 14.0.838.0 \n * Google Chrome 14.0.839.0 \n * Google Chrome 15 \n * Google Chrome 15.0.859.0 \n * Google Chrome 15.0.860.0 \n * Google Chrome 15.0.861.0 \n * Google Chrome 15.0.862.0 \n * Google Chrome 15.0.862.1 \n * Google Chrome 15.0.863.0 \n * Google Chrome 15.0.864.0 \n * Google Chrome 15.0.865.0 \n * Google Chrome 15.0.866.0 \n * Google Chrome 15.0.867.0 \n * Google Chrome 15.0.868.0 \n * Google Chrome 15.0.868.1 \n * Google Chrome 15.0.869.0 \n * Google Chrome 15.0.870.0 \n * Google Chrome 15.0.871.0 \n * Google Chrome 15.0.871.1 \n * Google Chrome 15.0.872.0 \n * Google Chrome 15.0.873.0 \n * Google Chrome 15.0.874 102 \n * Google Chrome 15.0.874.0 \n * Google Chrome 15.0.874.1 \n * Google Chrome 15.0.874.10 \n * Google Chrome 15.0.874.101 \n * Google Chrome 15.0.874.102 \n * Google Chrome 15.0.874.103 \n * Google Chrome 15.0.874.104 \n * Google Chrome 15.0.874.106 \n * Google Chrome 15.0.874.11 \n * Google Chrome 15.0.874.116 \n * Google Chrome 15.0.874.117 \n * Google Chrome 15.0.874.119 \n * Google Chrome 15.0.874.12 \n * Google Chrome 15.0.874.120 \n * Google Chrome 15.0.874.121 \n * Google Chrome 15.0.874.13 \n * Google Chrome 15.0.874.14 \n * Google Chrome 15.0.874.15 \n * Google Chrome 15.0.874.16 \n * Google Chrome 15.0.874.17 \n * Google Chrome 15.0.874.18 \n * Google Chrome 15.0.874.19 \n * Google Chrome 15.0.874.2 \n * Google Chrome 15.0.874.20 \n * Google Chrome 15.0.874.21 \n * Google Chrome 15.0.874.22 \n * Google Chrome 15.0.874.23 \n * Google Chrome 15.0.874.24 \n * Google Chrome 15.0.874.3 \n * Google Chrome 15.0.874.4 \n * Google Chrome 15.0.874.44 \n * Google Chrome 15.0.874.45 \n * Google Chrome 15.0.874.46 \n * Google Chrome 15.0.874.47 \n * Google Chrome 15.0.874.48 \n * Google Chrome 15.0.874.49 \n * Google Chrome 15.0.874.5 \n * Google Chrome 15.0.874.6 \n * Google Chrome 15.0.874.7 \n * Google Chrome 15.0.874.8 \n * Google Chrome 15.0.874.9 \n * Google Chrome 16 \n * Google Chrome 16.0.877.0 \n * Google Chrome 16.0.878.0 \n * Google Chrome 16.0.879.0 \n * Google Chrome 16.0.880.0 \n * Google Chrome 16.0.881.0 \n * Google Chrome 16.0.882.0 \n * Google Chrome 16.0.883.0 \n * Google Chrome 16.0.884.0 \n * Google Chrome 16.0.885.0 \n * Google Chrome 16.0.886.0 \n * Google Chrome 16.0.886.1 \n * Google Chrome 16.0.887.0 \n * Google Chrome 16.0.888.0 \n * Google Chrome 16.0.889.0 \n * Google Chrome 16.0.889.2 \n * Google Chrome 16.0.889.3 \n * Google Chrome 16.0.890.0 \n * Google Chrome 16.0.890.1 \n * Google Chrome 16.0.891.0 \n * Google Chrome 16.0.891.1 \n * Google Chrome 16.0.892.0 \n * Google Chrome 16.0.893.0 \n * Google Chrome 16.0.893.1 \n * Google Chrome 16.0.894.0 \n * Google Chrome 16.0.895.0 \n * Google Chrome 16.0.896.0 \n * Google Chrome 16.0.897.0 \n * Google Chrome 16.0.898.0 \n * Google Chrome 16.0.899.0 \n * Google Chrome 16.0.900.0 \n * Google Chrome 16.0.901.0 \n * Google Chrome 16.0.902.0 \n * Google Chrome 16.0.903.0 \n * Google Chrome 16.0.904.0 \n * Google Chrome 16.0.905.0 \n * Google Chrome 16.0.906.0 \n * Google Chrome 16.0.906.1 \n * Google Chrome 16.0.907.0 \n * Google Chrome 16.0.908.0 \n * Google Chrome 16.0.909.0 \n * Google Chrome 16.0.910.0 \n * Google Chrome 16.0.911.0 \n * Google Chrome 16.0.911.1 \n * Google Chrome 16.0.911.2 \n * Google Chrome 16.0.912.0 \n * Google Chrome 16.0.912.1 \n * Google Chrome 16.0.912.10 \n * Google Chrome 16.0.912.11 \n * Google Chrome 16.0.912.12 \n * Google Chrome 16.0.912.13 \n * Google Chrome 16.0.912.14 \n * Google Chrome 16.0.912.15 \n * Google Chrome 16.0.912.19 \n * Google Chrome 16.0.912.2 \n * Google Chrome 16.0.912.20 \n * Google Chrome 16.0.912.21 \n * Google Chrome 16.0.912.22 \n * Google Chrome 16.0.912.23 \n * Google Chrome 16.0.912.24 \n * Google Chrome 16.0.912.25 \n * Google Chrome 16.0.912.26 \n * Google Chrome 16.0.912.27 \n * Google Chrome 16.0.912.28 \n * Google Chrome 16.0.912.29 \n * Google Chrome 16.0.912.3 \n * Google Chrome 16.0.912.30 \n * Google Chrome 16.0.912.31 \n * Google Chrome 16.0.912.32 \n * Google Chrome 16.0.912.33 \n * Google Chrome 16.0.912.34 \n * Google Chrome 16.0.912.35 \n * Google Chrome 16.0.912.36 \n * Google Chrome 16.0.912.37 \n * Google Chrome 16.0.912.38 \n * Google Chrome 16.0.912.39 \n * Google Chrome 16.0.912.4 \n * Google Chrome 16.0.912.40 \n * Google Chrome 16.0.912.41 \n * Google Chrome 16.0.912.42 \n * Google Chrome 16.0.912.43 \n * Google Chrome 16.0.912.5 \n * Google Chrome 16.0.912.6 \n * Google Chrome 16.0.912.62 \n * Google Chrome 16.0.912.63 \n * Google Chrome 16.0.912.66 \n * Google Chrome 16.0.912.7 \n * Google Chrome 16.0.912.74 \n * Google Chrome 16.0.912.75 \n * Google Chrome 16.0.912.76 \n * Google Chrome 16.0.912.77 \n * Google Chrome 16.0.912.8 \n * Google Chrome 16.0.912.9 \n * Google Chrome 17 \n * Google Chrome 17.0.921.3 \n * Google Chrome 17.0.922.0 \n * Google Chrome 17.0.923.0 \n * Google Chrome 17.0.923.1 \n * Google Chrome 17.0.924.0 \n * Google Chrome 17.0.925.0 \n * Google Chrome 17.0.926.0 \n * Google Chrome 17.0.927.0 \n * Google Chrome 17.0.928.0 \n * Google Chrome 17.0.928.1 \n * Google Chrome 17.0.928.2 \n * Google Chrome 17.0.928.3 \n * Google Chrome 17.0.929.0 \n * Google Chrome 17.0.930.0 \n * Google Chrome 17.0.931.0 \n * Google Chrome 17.0.932.0 \n * Google Chrome 17.0.933.0 \n * Google Chrome 17.0.933.1 \n * Google Chrome 17.0.934.0 \n * Google Chrome 17.0.935.0 \n * Google Chrome 17.0.935.1 \n * Google Chrome 17.0.936.0 \n * Google Chrome 17.0.936.1 \n * Google Chrome 17.0.937.0 \n * Google Chrome 17.0.938.0 \n * Google Chrome 17.0.939.0 \n * Google Chrome 17.0.939.1 \n * Google Chrome 17.0.940.0 \n * Google Chrome 17.0.941.0 \n * Google Chrome 17.0.942.0 \n * Google Chrome 17.0.943.0 \n * Google Chrome 17.0.944.0 \n * Google Chrome 17.0.945.0 \n * Google Chrome 17.0.946.0 \n * Google Chrome 17.0.947.0 \n * Google Chrome 17.0.948.0 \n * Google Chrome 17.0.949.0 \n * Google Chrome 17.0.950.0 \n * Google Chrome 17.0.951.0 \n * Google Chrome 17.0.952.0 \n * Google Chrome 17.0.953.0 \n * Google Chrome 17.0.954.0 \n * Google Chrome 17.0.954.1 \n * Google Chrome 17.0.954.2 \n * Google Chrome 17.0.954.3 \n * Google Chrome 17.0.955.0 \n * Google Chrome 17.0.956.0 \n * Google Chrome 17.0.957.0 \n * Google Chrome 17.0.958.0 \n * Google Chrome 17.0.958.1 \n * Google Chrome 17.0.959.0 \n * Google Chrome 17.0.960.0 \n * Google Chrome 17.0.961.0 \n * Google Chrome 17.0.962.0 \n * Google Chrome 17.0.963.0 \n * Google Chrome 17.0.963.1 \n * Google Chrome 17.0.963.10 \n * Google Chrome 17.0.963.11 \n * Google Chrome 17.0.963.12 \n * Google Chrome 17.0.963.13 \n * Google Chrome 17.0.963.14 \n * Google Chrome 17.0.963.15 \n * Google Chrome 17.0.963.16 \n * Google Chrome 17.0.963.17 \n * Google Chrome 17.0.963.18 \n * Google Chrome 17.0.963.19 \n * Google Chrome 17.0.963.2 \n * Google Chrome 17.0.963.20 \n * Google Chrome 17.0.963.21 \n * Google Chrome 17.0.963.22 \n * Google Chrome 17.0.963.23 \n * Google Chrome 17.0.963.24 \n * Google Chrome 17.0.963.25 \n * Google Chrome 17.0.963.26 \n * Google Chrome 17.0.963.27 \n * Google Chrome 17.0.963.28 \n * Google Chrome 17.0.963.29 \n * Google Chrome 17.0.963.3 \n * Google Chrome 17.0.963.30 \n * Google Chrome 17.0.963.31 \n * Google Chrome 17.0.963.32 \n * Google Chrome 17.0.963.33 \n * Google Chrome 17.0.963.34 \n * Google Chrome 17.0.963.35 \n * Google Chrome 17.0.963.36 \n * Google Chrome 17.0.963.37 \n * Google Chrome 17.0.963.38 \n * Google Chrome 17.0.963.39 \n * Google Chrome 17.0.963.4 \n * Google Chrome 17.0.963.40 \n * Google Chrome 17.0.963.41 \n * Google Chrome 17.0.963.42 \n * Google Chrome 17.0.963.43 \n * Google Chrome 17.0.963.44 \n * Google Chrome 17.0.963.45 \n * Google Chrome 17.0.963.46 \n * Google Chrome 17.0.963.47 \n * Google Chrome 17.0.963.48 \n * Google Chrome 17.0.963.49 \n * Google Chrome 17.0.963.5 \n * Google Chrome 17.0.963.50 \n * Google Chrome 17.0.963.51 \n * Google Chrome 17.0.963.52 \n * Google Chrome 17.0.963.53 \n * Google Chrome 17.0.963.54 \n * Google Chrome 17.0.963.55 \n * Google Chrome 17.0.963.56 \n * Google Chrome 17.0.963.57 \n * Google Chrome 17.0.963.59 \n * Google Chrome 17.0.963.6 \n * Google Chrome 17.0.963.60 \n * Google Chrome 17.0.963.61 \n * Google Chrome 17.0.963.62 \n * Google Chrome 17.0.963.63 \n * Google Chrome 17.0.963.64 \n * Google Chrome 17.0.963.65 \n * Google Chrome 17.0.963.66 \n * Google Chrome 17.0.963.67 \n * Google Chrome 17.0.963.69 \n * Google Chrome 17.0.963.7 \n * Google Chrome 17.0.963.70 \n * Google Chrome 17.0.963.74 \n * Google Chrome 17.0.963.75 \n * Google Chrome 17.0.963.76 \n * Google Chrome 17.0.963.77 \n * Google Chrome 17.0.963.78 \n * Google Chrome 17.0.963.79 \n * Google Chrome 17.0.963.8 \n * Google Chrome 17.0.963.80 \n * Google Chrome 17.0.963.81 \n * Google Chrome 17.0.963.82 \n * Google Chrome 17.0.963.83 \n * Google Chrome 17.0.963.84 \n * Google Chrome 17.0.963.9 \n * Google Chrome 18 \n * Google Chrome 18.0.1000.0 \n * Google Chrome 18.0.1001.0 \n * Google Chrome 18.0.1001.1 \n * Google Chrome 18.0.1002.0 \n * Google Chrome 18.0.1003.0 \n * Google Chrome 18.0.1003.1 \n * Google Chrome 18.0.1004.0 \n * Google Chrome 18.0.1005.0 \n * Google Chrome 18.0.1006.0 \n * Google Chrome 18.0.1007.0 \n * Google Chrome 18.0.1008.0 \n * Google Chrome 18.0.1009.0 \n * Google Chrome 18.0.1010.0 \n * Google Chrome 18.0.1010.1 \n * Google Chrome 18.0.1010.2 \n * Google Chrome 18.0.1011.1 \n * Google Chrome 18.0.1012.0 \n * Google Chrome 18.0.1012.1 \n * Google Chrome 18.0.1012.2 \n * Google Chrome 18.0.1013.0 \n * Google Chrome 18.0.1014.0 \n * Google Chrome 18.0.1015.0 \n * Google Chrome 18.0.1016.0 \n * Google Chrome 18.0.1017.0 \n * Google Chrome 18.0.1017.1 \n * Google Chrome 18.0.1017.2 \n * Google Chrome 18.0.1017.3 \n * Google Chrome 18.0.1018.0 \n * Google Chrome 18.0.1019.0 \n * Google Chrome 18.0.1019.1 \n * Google Chrome 18.0.1020.0 \n * Google Chrome 18.0.1021.0 \n * Google Chrome 18.0.1022.0 \n * Google Chrome 18.0.1023.0 \n * Google Chrome 18.0.1024.0 \n * Google Chrome 18.0.1025.0 \n * Google Chrome 18.0.1025.1 \n * Google Chrome 18.0.1025.10 \n * Google Chrome 18.0.1025.100 \n * Google Chrome 18.0.1025.102 \n * Google Chrome 18.0.1025.107 \n * Google Chrome 18.0.1025.108 \n * Google Chrome 18.0.1025.109 \n * Google Chrome 18.0.1025.110 \n * Google Chrome 18.0.1025.111 \n * Google Chrome 18.0.1025.112 \n * Google Chrome 18.0.1025.113 \n * Google Chrome 18.0.1025.114 \n * Google Chrome 18.0.1025.116 \n * Google Chrome 18.0.1025.117 \n * Google Chrome 18.0.1025.118 \n * Google Chrome 18.0.1025.120 \n * Google Chrome 18.0.1025.129 \n * Google Chrome 18.0.1025.130 \n * Google Chrome 18.0.1025.131 \n * Google Chrome 18.0.1025.132 \n * Google Chrome 18.0.1025.133 \n * Google Chrome 18.0.1025.134 \n * Google Chrome 18.0.1025.135 \n * Google Chrome 18.0.1025.136 \n * Google Chrome 18.0.1025.137 \n * Google Chrome 18.0.1025.139 \n * Google Chrome 18.0.1025.140 \n * Google Chrome 18.0.1025.142 \n * Google Chrome 18.0.1025.145 \n * Google Chrome 18.0.1025.146 \n * Google Chrome 18.0.1025.147 \n * Google Chrome 18.0.1025.148 \n * Google Chrome 18.0.1025.149 \n * Google Chrome 18.0.1025.150 \n * Google Chrome 18.0.1025.151 \n * Google Chrome 18.0.1025.162 \n * Google Chrome 18.0.1025.168 \n * Google Chrome 18.0.1025.2 \n * Google Chrome 18.0.1025.29 \n * Google Chrome 18.0.1025.3 \n * Google Chrome 18.0.1025.30 \n * Google Chrome 18.0.1025.31 \n * Google Chrome 18.0.1025.32 \n * Google Chrome 18.0.1025.33 \n * Google Chrome 18.0.1025.35 \n * Google Chrome 18.0.1025.36 \n * Google Chrome 18.0.1025.37 \n * Google Chrome 18.0.1025.38 \n * Google Chrome 18.0.1025.39 \n * Google Chrome 18.0.1025.4 \n * Google Chrome 18.0.1025.40 \n * Google Chrome 18.0.1025.41 \n * Google Chrome 18.0.1025.42 \n * Google Chrome 18.0.1025.43 \n * Google Chrome 18.0.1025.44 \n * Google Chrome 18.0.1025.45 \n * Google Chrome 18.0.1025.46 \n * Google Chrome 18.0.1025.47 \n * Google Chrome 18.0.1025.48 \n * Google Chrome 18.0.1025.49 \n * Google Chrome 18.0.1025.5 \n * Google Chrome 18.0.1025.50 \n * Google Chrome 18.0.1025.51 \n * Google Chrome 18.0.1025.52 \n * Google Chrome 18.0.1025.54 \n * Google Chrome 18.0.1025.55 \n * Google Chrome 18.0.1025.56 \n * Google Chrome 18.0.1025.57 \n * Google Chrome 18.0.1025.58 \n * Google Chrome 18.0.1025.6 \n * Google Chrome 18.0.1025.60 \n * Google Chrome 18.0.1025.7 \n * Google Chrome 18.0.1025.73 \n * Google Chrome 18.0.1025.74 \n * Google Chrome 18.0.1025.8 \n * Google Chrome 18.0.1025.9 \n * Google Chrome 18.0.1025.95 \n * Google Chrome 18.0.1025.96 \n * Google Chrome 18.0.1025.97 \n * Google Chrome 18.0.1025.98 \n * Google Chrome 18.0.1025.99 \n * Google Chrome 19 \n * Google Chrome 19.0.1028.0 \n * Google Chrome 19.0.1029.0 \n * Google Chrome 19.0.1030.0 \n * Google Chrome 19.0.1031.0 \n * Google Chrome 19.0.1032.0 \n * Google Chrome 19.0.1033.0 \n * Google Chrome 19.0.1034.0 \n * Google Chrome 19.0.1035.0 \n * Google Chrome 19.0.1036.0 \n * Google Chrome 19.0.1036.2 \n * Google Chrome 19.0.1036.3 \n * Google Chrome 19.0.1036.4 \n * Google Chrome 19.0.1036.6 \n * Google Chrome 19.0.1036.7 \n * Google Chrome 19.0.1037.0 \n * Google Chrome 19.0.1038.0 \n * Google Chrome 19.0.1039.0 \n * Google Chrome 19.0.1040.0 \n * Google Chrome 19.0.1041.0 \n * Google Chrome 19.0.1042.0 \n * Google Chrome 19.0.1043.0 \n * Google Chrome 19.0.1044.0 \n * Google Chrome 19.0.1045.0 \n * Google Chrome 19.0.1046.0 \n * Google Chrome 19.0.1047.0 \n * Google Chrome 19.0.1048.0 \n * Google Chrome 19.0.1049.0 \n * Google Chrome 19.0.1049.1 \n * Google Chrome 19.0.1049.2 \n * Google Chrome 19.0.1049.3 \n * Google Chrome 19.0.1050.0 \n * Google Chrome 19.0.1051.0 \n * Google Chrome 19.0.1052.0 \n * Google Chrome 19.0.1053.0 \n * Google Chrome 19.0.1054.0 \n * Google Chrome 19.0.1055.0 \n * Google Chrome 19.0.1055.1 \n * Google Chrome 19.0.1055.2 \n * Google Chrome 19.0.1055.3 \n * Google Chrome 19.0.1056.0 \n * Google Chrome 19.0.1056.1 \n * Google Chrome 19.0.1057.0 \n * Google Chrome 19.0.1057.1 \n * Google Chrome 19.0.1057.3 \n * Google Chrome 19.0.1058.0 \n * Google Chrome 19.0.1058.1 \n * Google Chrome 19.0.1059.0 \n * Google Chrome 19.0.1060.0 \n * Google Chrome 19.0.1060.1 \n * Google Chrome 19.0.1061.0 \n * Google Chrome 19.0.1061.1 \n * Google Chrome 19.0.1062.0 \n * Google Chrome 19.0.1062.1 \n * Google Chrome 19.0.1063.0 \n * Google Chrome 19.0.1063.1 \n * Google Chrome 19.0.1064.0 \n * Google Chrome 19.0.1065.0 \n * Google Chrome 19.0.1066.0 \n * Google Chrome 19.0.1067.0 \n * Google Chrome 19.0.1068.0 \n * Google Chrome 19.0.1068.1 \n * Google Chrome 19.0.1069.0 \n * Google Chrome 19.0.1070.0 \n * Google Chrome 19.0.1071.0 \n * Google Chrome 19.0.1072.0 \n * Google Chrome 19.0.1073.0 \n * Google Chrome 19.0.1074.0 \n * Google Chrome 19.0.1075.0 \n * Google Chrome 19.0.1076.0 \n * Google Chrome 19.0.1076.1 \n * Google Chrome 19.0.1077.0 \n * Google Chrome 19.0.1077.1 \n * Google Chrome 19.0.1077.2 \n * Google Chrome 19.0.1077.3 \n * Google Chrome 19.0.1078.0 \n * Google Chrome 19.0.1079.0 \n * Google Chrome 19.0.1080.0 \n * Google Chrome 19.0.1081.0 \n * Google Chrome 19.0.1081.2 \n * Google Chrome 19.0.1082.0 \n * Google Chrome 19.0.1082.1 \n * Google Chrome 19.0.1083.0 \n * Google Chrome 19.0.1084.0 \n * Google Chrome 19.0.1084.1 \n * Google Chrome 19.0.1084.10 \n * Google Chrome 19.0.1084.11 \n * Google Chrome 19.0.1084.12 \n * Google Chrome 19.0.1084.13 \n * Google Chrome 19.0.1084.14 \n * Google Chrome 19.0.1084.15 \n * Google Chrome 19.0.1084.16 \n * Google Chrome 19.0.1084.17 \n * Google Chrome 19.0.1084.18 \n * Google Chrome 19.0.1084.19 \n * Google Chrome 19.0.1084.2 \n * Google Chrome 19.0.1084.20 \n * Google Chrome 19.0.1084.21 \n * Google Chrome 19.0.1084.22 \n * Google Chrome 19.0.1084.23 \n * Google Chrome 19.0.1084.24 \n * Google Chrome 19.0.1084.25 \n * Google Chrome 19.0.1084.26 \n * Google Chrome 19.0.1084.27 \n * Google Chrome 19.0.1084.28 \n * Google Chrome 19.0.1084.29 \n * Google Chrome 19.0.1084.3 \n * Google Chrome 19.0.1084.30 \n * Google Chrome 19.0.1084.31 \n * Google Chrome 19.0.1084.32 \n * Google Chrome 19.0.1084.33 \n * Google Chrome 19.0.1084.35 \n * Google Chrome 19.0.1084.36 \n * Google Chrome 19.0.1084.37 \n * Google Chrome 19.0.1084.38 \n * Google Chrome 19.0.1084.39 \n * Google Chrome 19.0.1084.4 \n * Google Chrome 19.0.1084.40 \n * Google Chrome 19.0.1084.41 \n * Google Chrome 19.0.1084.42 \n * Google Chrome 19.0.1084.43 \n * Google Chrome 19.0.1084.44 \n * Google Chrome 19.0.1084.45 \n * Google Chrome 19.0.1084.46 \n * Google Chrome 19.0.1084.47 \n * Google Chrome 19.0.1084.48 \n * Google Chrome 19.0.1084.5 \n * Google Chrome 19.0.1084.50 \n * Google Chrome 19.0.1084.51 \n * Google Chrome 19.0.1084.52 \n * Google Chrome 19.0.1084.6 \n * Google Chrome 19.0.1084.7 \n * Google Chrome 19.0.1084.8 \n * Google Chrome 19.0.1084.9 \n * Google Chrome 19.0.1085.0 \n * Google Chrome 2.0.156.1 \n * Google Chrome 2.0.157.0 \n * Google Chrome 2.0.157.2 \n * Google Chrome 2.0.158.0 \n * Google Chrome 2.0.159.0 \n * Google Chrome 2.0.169.0 \n * Google Chrome 2.0.169.1 \n * Google Chrome 2.0.170.0 \n * Google Chrome 2.0.172 \n * Google Chrome 2.0.172.2 \n * Google Chrome 2.0.172.27 \n * Google Chrome 2.0.172.28 \n * Google Chrome 2.0.172.30 \n * Google Chrome 2.0.172.31 \n * Google Chrome 2.0.172.33 \n * Google Chrome 2.0.172.37 \n * Google Chrome 2.0.172.38 \n * Google Chrome 2.0.172.43 \n * Google Chrome 2.0.172.8 \n * Google Chrome 20 \n * Google Chrome 20.0.1132.0 \n * Google Chrome 20.0.1132.1 \n * Google Chrome 20.0.1132.10 \n * Google Chrome 20.0.1132.11 \n * Google Chrome 20.0.1132.12 \n * Google Chrome 20.0.1132.13 \n * Google Chrome 20.0.1132.14 \n * Google Chrome 20.0.1132.15 \n * Google Chrome 20.0.1132.16 \n * Google Chrome 20.0.1132.17 \n * Google Chrome 20.0.1132.18 \n * Google Chrome 20.0.1132.19 \n * Google Chrome 20.0.1132.2 \n * Google Chrome 20.0.1132.20 \n * Google Chrome 20.0.1132.21 \n * Google Chrome 20.0.1132.22 \n * Google Chrome 20.0.1132.23 \n * Google Chrome 20.0.1132.24 \n * Google Chrome 20.0.1132.25 \n * Google Chrome 20.0.1132.26 \n * Google Chrome 20.0.1132.27 \n * Google Chrome 20.0.1132.28 \n * Google Chrome 20.0.1132.29 \n * Google Chrome 20.0.1132.3 \n * Google Chrome 20.0.1132.30 \n * Google Chrome 20.0.1132.31 \n * Google Chrome 20.0.1132.32 \n * Google Chrome 20.0.1132.33 \n * Google Chrome 20.0.1132.34 \n * Google Chrome 20.0.1132.35 \n * Google Chrome 20.0.1132.36 \n * Google Chrome 20.0.1132.37 \n * Google Chrome 20.0.1132.38 \n * Google Chrome 20.0.1132.39 \n * Google Chrome 20.0.1132.4 \n * Google Chrome 20.0.1132.40 \n * Google Chrome 20.0.1132.41 \n * Google Chrome 20.0.1132.42 \n * Google Chrome 20.0.1132.43 \n * Google Chrome 20.0.1132.45 \n * Google Chrome 20.0.1132.46 \n * Google Chrome 20.0.1132.47 \n * Google Chrome 20.0.1132.5 \n * Google Chrome 20.0.1132.54 \n * Google Chrome 20.0.1132.55 \n * Google Chrome 20.0.1132.56 \n * Google Chrome 20.0.1132.57 \n * Google Chrome 20.0.1132.6 \n * Google Chrome 20.0.1132.7 \n * Google Chrome 20.0.1132.8 \n * Google Chrome 20.0.1132.9 \n * Google Chrome 21 \n * Google Chrome 21.0.1180.0 \n * Google Chrome 21.0.1180.1 \n * Google Chrome 21.0.1180.2 \n * Google Chrome 21.0.1180.31 \n * Google Chrome 21.0.1180.32 \n * Google Chrome 21.0.1180.33 \n * Google Chrome 21.0.1180.34 \n * Google Chrome 21.0.1180.35 \n * Google Chrome 21.0.1180.36 \n * Google Chrome 21.0.1180.37 \n * Google Chrome 21.0.1180.38 \n * Google Chrome 21.0.1180.39 \n * Google Chrome 21.0.1180.41 \n * Google Chrome 21.0.1180.46 \n * Google Chrome 21.0.1180.47 \n * Google Chrome 21.0.1180.48 \n * Google Chrome 21.0.1180.49 \n * Google Chrome 21.0.1180.50 \n * Google Chrome 21.0.1180.51 \n * Google Chrome 21.0.1180.52 \n * Google Chrome 21.0.1180.53 \n * Google Chrome 21.0.1180.54 \n * Google Chrome 21.0.1180.55 \n * Google Chrome 21.0.1180.56 \n * Google Chrome 21.0.1180.57 \n * Google Chrome 21.0.1180.59 \n * Google Chrome 21.0.1180.60 \n * Google Chrome 21.0.1180.61 \n * Google Chrome 21.0.1180.62 \n * Google Chrome 21.0.1180.63 \n * Google Chrome 21.0.1180.64 \n * Google Chrome 21.0.1180.68 \n * Google Chrome 21.0.1180.69 \n * Google Chrome 21.0.1180.70 \n * Google Chrome 21.0.1180.71 \n * Google Chrome 21.0.1180.72 \n * Google Chrome 21.0.1180.73 \n * Google Chrome 21.0.1180.74 \n * Google Chrome 21.0.1180.75 \n * Google Chrome 21.0.1180.76 \n * Google Chrome 21.0.1180.77 \n * Google Chrome 21.0.1180.78 \n * Google Chrome 21.0.1180.79 \n * Google Chrome 21.0.1180.80 \n * Google Chrome 21.0.1180.81 \n * Google Chrome 21.0.1180.82 \n * Google Chrome 21.0.1180.83 \n * Google Chrome 21.0.1180.84 \n * Google Chrome 21.0.1180.85 \n * Google Chrome 21.0.1180.86 \n * Google Chrome 21.0.1180.87 \n * Google Chrome 21.0.1180.88 \n * Google Chrome 21.0.1180.89 \n * Google Chrome 22 \n * Google Chrome 22.0.1229.0 \n * Google Chrome 22.0.1229.1 \n * Google Chrome 22.0.1229.10 \n * Google Chrome 22.0.1229.11 \n * Google Chrome 22.0.1229.12 \n * Google Chrome 22.0.1229.14 \n * Google Chrome 22.0.1229.16 \n * Google Chrome 22.0.1229.17 \n * Google Chrome 22.0.1229.18 \n * Google Chrome 22.0.1229.2 \n * Google Chrome 22.0.1229.20 \n * Google Chrome 22.0.1229.21 \n * Google Chrome 22.0.1229.22 \n * Google Chrome 22.0.1229.23 \n * Google Chrome 22.0.1229.24 \n * Google Chrome 22.0.1229.25 \n * Google Chrome 22.0.1229.26 \n * Google Chrome 22.0.1229.27 \n * Google Chrome 22.0.1229.28 \n * Google Chrome 22.0.1229.29 \n * Google Chrome 22.0.1229.3 \n * Google Chrome 22.0.1229.31 \n * Google Chrome 22.0.1229.32 \n * Google Chrome 22.0.1229.33 \n * Google Chrome 22.0.1229.35 \n * Google Chrome 22.0.1229.36 \n * Google Chrome 22.0.1229.37 \n * Google Chrome 22.0.1229.39 \n * Google Chrome 22.0.1229.4 \n * Google Chrome 22.0.1229.48 \n * Google Chrome 22.0.1229.49 \n * Google Chrome 22.0.1229.50 \n * Google Chrome 22.0.1229.51 \n * Google Chrome 22.0.1229.52 \n * Google Chrome 22.0.1229.53 \n * Google Chrome 22.0.1229.54 \n * Google Chrome 22.0.1229.55 \n * Google Chrome 22.0.1229.56 \n * Google Chrome 22.0.1229.57 \n * Google Chrome 22.0.1229.58 \n * Google Chrome 22.0.1229.59 \n * Google Chrome 22.0.1229.6 \n * Google Chrome 22.0.1229.60 \n * Google Chrome 22.0.1229.62 \n * Google Chrome 22.0.1229.63 \n * Google Chrome 22.0.1229.64 \n * Google Chrome 22.0.1229.65 \n * Google Chrome 22.0.1229.67 \n * Google Chrome 22.0.1229.7 \n * Google Chrome 22.0.1229.76 \n * Google Chrome 22.0.1229.78 \n * Google Chrome 22.0.1229.79 \n * Google Chrome 22.0.1229.8 \n * Google Chrome 22.0.1229.89 \n * Google Chrome 22.0.1229.9 \n * Google Chrome 22.0.1229.91 \n * Google Chrome 22.0.1229.92 \n * Google Chrome 22.0.1229.94 \n * Google Chrome 22.0.1229.95 \n * Google Chrome 22.0.1229.96 \n * Google Chrome 23.0.1271.0 \n * Google Chrome 23.0.1271.1 \n * Google Chrome 23.0.1271.10 \n * Google Chrome 23.0.1271.11 \n * Google Chrome 23.0.1271.12 \n * Google Chrome 23.0.1271.13 \n * Google Chrome 23.0.1271.14 \n * Google Chrome 23.0.1271.15 \n * Google Chrome 23.0.1271.16 \n * Google Chrome 23.0.1271.17 \n * Google Chrome 23.0.1271.18 \n * Google Chrome 23.0.1271.19 \n * Google Chrome 23.0.1271.2 \n * Google Chrome 23.0.1271.20 \n * Google Chrome 23.0.1271.21 \n * Google Chrome 23.0.1271.22 \n * Google Chrome 23.0.1271.23 \n * Google Chrome 23.0.1271.24 \n * Google Chrome 23.0.1271.26 \n * Google Chrome 23.0.1271.3 \n * Google Chrome 23.0.1271.30 \n * Google Chrome 23.0.1271.31 \n * Google Chrome 23.0.1271.32 \n * Google Chrome 23.0.1271.33 \n * Google Chrome 23.0.1271.35 \n * Google Chrome 23.0.1271.36 \n * Google Chrome 23.0.1271.37 \n * Google Chrome 23.0.1271.38 \n * Google Chrome 23.0.1271.39 \n * Google Chrome 23.0.1271.4 \n * Google Chrome 23.0.1271.40 \n * Google Chrome 23.0.1271.41 \n * Google Chrome 23.0.1271.44 \n * Google Chrome 23.0.1271.45 \n * Google Chrome 23.0.1271.46 \n * Google Chrome 23.0.1271.49 \n * Google Chrome 23.0.1271.5 \n * Google Chrome 23.0.1271.50 \n * Google Chrome 23.0.1271.51 \n * Google Chrome 23.0.1271.52 \n * Google Chrome 23.0.1271.53 \n * Google Chrome 23.0.1271.54 \n * Google Chrome 23.0.1271.55 \n * Google Chrome 23.0.1271.56 \n * Google Chrome 23.0.1271.57 \n * Google Chrome 23.0.1271.58 \n * Google Chrome 23.0.1271.59 \n * Google Chrome 23.0.1271.6 \n * Google Chrome 23.0.1271.60 \n * Google Chrome 23.0.1271.61 \n * Google Chrome 23.0.1271.62 \n * Google Chrome 23.0.1271.64 \n * Google Chrome 23.0.1271.7 \n * Google Chrome 23.0.1271.8 \n * Google Chrome 23.0.1271.83 \n * Google Chrome 23.0.1271.84 \n * Google Chrome 23.0.1271.85 \n * Google Chrome 23.0.1271.86 \n * Google Chrome 23.0.1271.87 \n * Google Chrome 23.0.1271.88 \n * Google Chrome 23.0.1271.89 \n * Google Chrome 23.0.1271.9 \n * Google Chrome 23.0.1271.91 \n * Google Chrome 23.0.1271.95 \n * Google Chrome 23.0.1271.96 \n * Google Chrome 23.0.1271.97 \n * Google Chrome 24.0.1272.0 \n * Google Chrome 24.0.1272.1 \n * Google Chrome 24.0.1273.0 \n * Google Chrome 24.0.1274.0 \n * Google Chrome 24.0.1275.0 \n * Google Chrome 24.0.1276.0 \n * Google Chrome 24.0.1276.1 \n * Google Chrome 24.0.1277.0 \n * Google Chrome 24.0.1278.0 \n * Google Chrome 24.0.1279.0 \n * Google Chrome 24.0.1280.0 \n * Google Chrome 24.0.1281.0 \n * Google Chrome 24.0.1281.1 \n * Google Chrome 24.0.1281.2 \n * Google Chrome 24.0.1281.3 \n * Google Chrome 24.0.1282.0 \n * Google Chrome 24.0.1283.0 \n * Google Chrome 24.0.1284.0 \n * Google Chrome 24.0.1284.1 \n * Google Chrome 24.0.1284.2 \n * Google Chrome 24.0.1285.0 \n * Google Chrome 24.0.1285.1 \n * Google Chrome 24.0.1285.2 \n * Google Chrome 24.0.1286.0 \n * Google Chrome 24.0.1286.1 \n * Google Chrome 24.0.1287.0 \n * Google Chrome 24.0.1287.1 \n * Google Chrome 24.0.1288.0 \n * Google Chrome 24.0.1288.1 \n * Google Chrome 24.0.1289.0 \n * Google Chrome 24.0.1289.1 \n * Google Chrome 24.0.1290.0 \n * Google Chrome 24.0.1291.0 \n * Google Chrome 24.0.1292.0 \n * Google Chrome 24.0.1293.0 \n * Google Chrome 24.0.1294.0 \n * Google Chrome 24.0.1295.0 \n * Google Chrome 24.0.1296.0 \n * Google Chrome 24.0.1297.0 \n * Google Chrome 24.0.1298.0 \n * Google Chrome 24.0.1299.0 \n * Google Chrome 24.0.1300.0 \n * Google Chrome 24.0.1301.0 \n * Google Chrome 24.0.1301.2 \n * Google Chrome 24.0.1302.0 \n * Google Chrome 24.0.1303.0 \n * Google Chrome 24.0.1304.0 \n * Google Chrome 24.0.1304.1 \n * Google Chrome 24.0.1305.0 \n * Google Chrome 24.0.1305.1 \n * Google Chrome 24.0.1305.2 \n * Google Chrome 24.0.1305.3 \n * Google Chrome 24.0.1305.4 \n * Google Chrome 24.0.1306.0 \n * Google Chrome 24.0.1306.1 \n * Google Chrome 24.0.1307.0 \n * Google Chrome 24.0.1307.1 \n * Google Chrome 24.0.1308.0 \n * Google Chrome 24.0.1309.0 \n * Google Chrome 24.0.1310.0 \n * Google Chrome 24.0.1311.0 \n * Google Chrome 24.0.1311.1 \n * Google Chrome 24.0.1312.0 \n * Google Chrome 24.0.1312.1 \n * Google Chrome 24.0.1312.10 \n * Google Chrome 24.0.1312.11 \n * Google Chrome 24.0.1312.12 \n * Google Chrome 24.0.1312.13 \n * Google Chrome 24.0.1312.14 \n * Google Chrome 24.0.1312.15 \n * Google Chrome 24.0.1312.16 \n * Google Chrome 24.0.1312.17 \n * Google Chrome 24.0.1312.18 \n * Google Chrome 24.0.1312.19 \n * Google Chrome 24.0.1312.20 \n * Google Chrome 24.0.1312.21 \n * Google Chrome 24.0.1312.22 \n * Google Chrome 24.0.1312.23 \n * Google Chrome 24.0.1312.24 \n * Google Chrome 24.0.1312.25 \n * Google Chrome 24.0.1312.26 \n * Google Chrome 24.0.1312.27 \n * Google Chrome 24.0.1312.28 \n * Google Chrome 24.0.1312.29 \n * Google Chrome 24.0.1312.30 \n * Google Chrome 24.0.1312.31 \n * Google Chrome 24.0.1312.32 \n * Google Chrome 24.0.1312.33 \n * Google Chrome 24.0.1312.34 \n * Google Chrome 24.0.1312.35 \n * Google Chrome 24.0.1312.36 \n * Google Chrome 24.0.1312.37 \n * Google Chrome 24.0.1312.38 \n * Google Chrome 24.0.1312.39 \n * Google Chrome 24.0.1312.4 \n * Google Chrome 24.0.1312.40 \n * Google Chrome 24.0.1312.41 \n * Google Chrome 24.0.1312.42 \n * Google Chrome 24.0.1312.43 \n * Google Chrome 24.0.1312.44 \n * Google Chrome 24.0.1312.45 \n * Google Chrome 24.0.1312.46 \n * Google Chrome 24.0.1312.47 \n * Google Chrome 24.0.1312.48 \n * Google Chrome 24.0.1312.49 \n * Google Chrome 24.0.1312.5 \n * Google Chrome 24.0.1312.50 \n * Google Chrome 24.0.1312.51 \n * Google Chrome 24.0.1312.52 \n * Google Chrome 24.0.1312.53 \n * Google Chrome 24.0.1312.54 \n * Google Chrome 24.0.1312.55 \n * Google Chrome 24.0.1312.56 \n * Google Chrome 24.0.1312.57 \n * Google Chrome 24.0.1312.6 \n * Google Chrome 24.0.1312.7 \n * Google Chrome 24.0.1312.70 \n * Google Chrome 24.0.1312.8 \n * Google Chrome 24.0.1312.9 \n * Google Chrome 25 \n * Google Chrome 25.0.1364.0 \n * Google Chrome 25.0.1364.1 \n * Google Chrome 25.0.1364.10 \n * Google Chrome 25.0.1364.108 \n * Google Chrome 25.0.1364.11 \n * Google Chrome 25.0.1364.110 \n * Google Chrome 25.0.1364.112 \n * Google Chrome 25.0.1364.113 \n * Google Chrome 25.0.1364.114 \n * Google Chrome 25.0.1364.115 \n * Google Chrome 25.0.1364.116 \n * Google Chrome 25.0.1364.117 \n * Google Chrome 25.0.1364.118 \n * Google Chrome 25.0.1364.119 \n * Google Chrome 25.0.1364.12 \n * Google Chrome 25.0.1364.120 \n * Google Chrome 25.0.1364.121 \n * Google Chrome 25.0.1364.122 \n * Google Chrome 25.0.1364.123 \n * Google Chrome 25.0.1364.124 \n * Google Chrome 25.0.1364.125 \n * Google Chrome 25.0.1364.126 \n * Google Chrome 25.0.1364.13 \n * Google Chrome 25.0.1364.14 \n * Google Chrome 25.0.1364.15 \n * Google Chrome 25.0.1364.152 \n * Google Chrome 25.0.1364.16 \n * Google Chrome 25.0.1364.160 \n * Google Chrome 25.0.1364.17 \n * Google Chrome 25.0.1364.172 \n * Google Chrome 25.0.1364.18 \n * Google Chrome 25.0.1364.19 \n * Google Chrome 25.0.1364.2 \n * Google Chrome 25.0.1364.20 \n * Google Chrome 25.0.1364.21 \n * Google Chrome 25.0.1364.22 \n * Google Chrome 25.0.1364.23 \n * Google Chrome 25.0.1364.24 \n * Google Chrome 25.0.1364.25 \n * Google Chrome 25.0.1364.26 \n * Google Chrome 25.0.1364.27 \n * Google Chrome 25.0.1364.28 \n * Google Chrome 25.0.1364.29 \n * Google Chrome 25.0.1364.3 \n * Google Chrome 25.0.1364.30 \n * Google Chrome 25.0.1364.31 \n * Google Chrome 25.0.1364.32 \n * Google Chrome 25.0.1364.33 \n * Google Chrome 25.0.1364.34 \n * Google Chrome 25.0.1364.35 \n * Google Chrome 25.0.1364.36 \n * Google Chrome 25.0.1364.37 \n * Google Chrome 25.0.1364.38 \n * Google Chrome 25.0.1364.39 \n * Google Chrome 25.0.1364.40 \n * Google Chrome 25.0.1364.41 \n * Google Chrome 25.0.1364.42 \n * Google Chrome 25.0.1364.43 \n * Google Chrome 25.0.1364.44 \n * Google Chrome 25.0.1364.45 \n * Google Chrome 25.0.1364.46 \n * Google Chrome 25.0.1364.47 \n * Google Chrome 25.0.1364.48 \n * Google Chrome 25.0.1364.49 \n * Google Chrome 25.0.1364.5 \n * Google Chrome 25.0.1364.50 \n * Google Chrome 25.0.1364.51 \n * Google Chrome 25.0.1364.52 \n * Google Chrome 25.0.1364.53 \n * Google Chrome 25.0.1364.54 \n * Google Chrome 25.0.1364.55 \n * Google Chrome 25.0.1364.56 \n * Google Chrome 25.0.1364.57 \n * Google Chrome 25.0.1364.58 \n * Google Chrome 25.0.1364.61 \n * Google Chrome 25.0.1364.62 \n * Google Chrome 25.0.1364.63 \n * Google Chrome 25.0.1364.65 \n * Google Chrome 25.0.1364.66 \n * Google Chrome 25.0.1364.67 \n * Google Chrome 25.0.1364.68 \n * Google Chrome 25.0.1364.7 \n * Google Chrome 25.0.1364.70 \n * Google Chrome 25.0.1364.72 \n * Google Chrome 25.0.1364.73 \n * Google Chrome 25.0.1364.74 \n * Google Chrome 25.0.1364.75 \n * Google Chrome 25.0.1364.76 \n * Google Chrome 25.0.1364.77 \n * Google Chrome 25.0.1364.78 \n * Google Chrome 25.0.1364.79 \n * Google Chrome 25.0.1364.8 \n * Google Chrome 25.0.1364.80 \n * Google Chrome 25.0.1364.81 \n * Google Chrome 25.0.1364.82 \n * Google Chrome 25.0.1364.84 \n * Google Chrome 25.0.1364.85 \n * Google Chrome 25.0.1364.86 \n * Google Chrome 25.0.1364.87 \n * Google Chrome 25.0.1364.88 \n * Google Chrome 25.0.1364.89 \n * Google Chrome 25.0.1364.9 \n * Google Chrome 25.0.1364.90 \n * Google Chrome 25.0.1364.91 \n * Google Chrome 25.0.1364.92 \n * Google Chrome 25.0.1364.93 \n * Google Chrome 25.0.1364.95 \n * Google Chrome 25.0.1364.97 \n * Google Chrome 25.0.1364.98 \n * Google Chrome 25.0.1364.99 \n * Google Chrome 26.0.1410.28 \n * Google Chrome 26.0.1410.43 \n * Google Chrome 26.0.1410.46 \n * Google Chrome 26.0.1410.53 \n * Google Chrome 26.0.1410.63 \n * Google Chrome 26.0.1410.64 \n * Google Chrome 27.0.1444.0 \n * Google Chrome 27.0.1444.3 \n * Google Chrome 27.0.1453.0 \n * Google Chrome 27.0.1453.1 \n * Google Chrome 27.0.1453.10 \n * Google Chrome 27.0.1453.102 \n * Google Chrome 27.0.1453.103 \n * Google Chrome 27.0.1453.104 \n * Google Chrome 27.0.1453.105 \n * Google Chrome 27.0.1453.106 \n * Google Chrome 27.0.1453.107 \n * Google Chrome 27.0.1453.108 \n * Google Chrome 27.0.1453.109 \n * Google Chrome 27.0.1453.11 \n * Google Chrome 27.0.1453.110 \n * Google Chrome 27.0.1453.111 \n * Google Chrome 27.0.1453.112 \n * Google Chrome 27.0.1453.113 \n * Google Chrome 27.0.1453.114 \n * Google Chrome 27.0.1453.115 \n * Google Chrome 27.0.1453.116 \n * Google Chrome 27.0.1453.12 \n * Google Chrome 27.0.1453.13 \n * Google Chrome 27.0.1453.15 \n * Google Chrome 27.0.1453.2 \n * Google Chrome 27.0.1453.3 \n * Google Chrome 27.0.1453.34 \n * Google Chrome 27.0.1453.35 \n * Google Chrome 27.0.1453.36 \n * Google Chrome 27.0.1453.37 \n * Google Chrome 27.0.1453.38 \n * Google Chrome 27.0.1453.39 \n * Google Chrome 27.0.1453.4 \n * Google Chrome 27.0.1453.40 \n * Google Chrome 27.0.1453.41 \n * Google Chrome 27.0.1453.42 \n * Google Chrome 27.0.1453.43 \n * Google Chrome 27.0.1453.44 \n * Google Chrome 27.0.1453.45 \n * Google Chrome 27.0.1453.46 \n * Google Chrome 27.0.1453.47 \n * Google Chrome 27.0.1453.49 \n * Google Chrome 27.0.1453.5 \n * Google Chrome 27.0.1453.50 \n * Google Chrome 27.0.1453.51 \n * Google Chrome 27.0.1453.52 \n * Google Chrome 27.0.1453.54 \n * Google Chrome 27.0.1453.55 \n * Google Chrome 27.0.1453.56 \n * Google Chrome 27.0.1453.57 \n * Google Chrome 27.0.1453.58 \n * Google Chrome 27.0.1453.59 \n * Google Chrome 27.0.1453.6 \n * Google Chrome 27.0.1453.60 \n * Google Chrome 27.0.1453.61 \n * Google Chrome 27.0.1453.62 \n * Google Chrome 27.0.1453.63 \n * Google Chrome 27.0.1453.64 \n * Google Chrome 27.0.1453.65 \n * Google Chrome 27.0.1453.66 \n * Google Chrome 27.0.1453.67 \n * Google Chrome 27.0.1453.68 \n * Google Chrome 27.0.1453.69 \n * Google Chrome 27.0.1453.7 \n * Google Chrome 27.0.1453.70 \n * Google Chrome 27.0.1453.71 \n * Google Chrome 27.0.1453.72 \n * Google Chrome 27.0.1453.73 \n * Google Chrome 27.0.1453.74 \n * Google Chrome 27.0.1453.75 \n * Google Chrome 27.0.1453.76 \n * Google Chrome 27.0.1453.77 \n * Google Chrome 27.0.1453.78 \n * Google Chrome 27.0.1453.79 \n * Google Chrome 27.0.1453.8 \n * Google Chrome 27.0.1453.80 \n * Google Chrome 27.0.1453.81 \n * Google Chrome 27.0.1453.82 \n * Google Chrome 27.0.1453.83 \n * Google Chrome 27.0.1453.84 \n * Google Chrome 27.0.1453.85 \n * Google Chrome 27.0.1453.86 \n * Google Chrome 27.0.1453.87 \n * Google Chrome 27.0.1453.88 \n * Google Chrome 27.0.1453.89 \n * Google Chrome 27.0.1453.9 \n * Google Chrome 27.0.1453.90 \n * Google Chrome 27.0.1453.91 \n * Google Chrome 27.0.1453.93 \n * Google Chrome 27.0.1453.94 \n * Google Chrome 28.0.1498.0 \n * Google Chrome 28.0.1500.0 \n * Google Chrome 28.0.1500.10 \n * Google Chrome 28.0.1500.11 \n * Google Chrome 28.0.1500.12 \n * Google Chrome 28.0.1500.13 \n * Google Chrome 28.0.1500.14 \n * Google Chrome 28.0.1500.15 \n * Google Chrome 28.0.1500.16 \n * Google Chrome 28.0.1500.17 \n * Google Chrome 28.0.1500.18 \n * Google Chrome 28.0.1500.19 \n * Google Chrome 28.0.1500.2 \n * Google Chrome 28.0.1500.20 \n * Google Chrome 28.0.1500.21 \n * Google Chrome 28.0.1500.22 \n * Google Chrome 28.0.1500.23 \n * Google Chrome 28.0.1500.24 \n * Google Chrome 28.0.1500.25 \n * Google Chrome 28.0.1500.26 \n * Google Chrome 28.0.1500.27 \n * Google Chrome 28.0.1500.28 \n * Google Chrome 28.0.1500.29 \n * Google Chrome 28.0.1500.3 \n * Google Chrome 28.0.1500.31 \n * Google Chrome 28.0.1500.32 \n * Google Chrome 28.0.1500.33 \n * Google Chrome 28.0.1500.34 \n * Google Chrome 28.0.1500.35 \n * Google Chrome 28.0.1500.36 \n * Google Chrome 28.0.1500.37 \n * Google Chrome 28.0.1500.38 \n * Google Chrome 28.0.1500.39 \n * Google Chrome 28.0.1500.4 \n * Google Chrome 28.0.1500.40 \n * Google Chrome 28.0.1500.41 \n * Google Chrome 28.0.1500.42 \n * Google Chrome 28.0.1500.43 \n * Google Chrome 28.0.1500.44 \n * Google Chrome 28.0.1500.45 \n * Google Chrome 28.0.1500.46 \n * Google Chrome 28.0.1500.47 \n * Google Chrome 28.0.1500.48 \n * Google Chrome 28.0.1500.49 \n * Google Chrome 28.0.1500.5 \n * Google Chrome 28.0.1500.50 \n * Google Chrome 28.0.1500.51 \n * Google Chrome 28.0.1500.52 \n * Google Chrome 28.0.1500.53 \n * Google Chrome 28.0.1500.54 \n * Google Chrome 28.0.1500.56 \n * Google Chrome 28.0.1500.58 \n * Google Chrome 28.0.1500.59 \n * Google Chrome 28.0.1500.6 \n * Google Chrome 28.0.1500.60 \n * Google Chrome 28.0.1500.61 \n * Google Chrome 28.0.1500.62 \n * Google Chrome 28.0.1500.63 \n * Google Chrome 28.0.1500.64 \n * Google Chrome 28.0.1500.66 \n * Google Chrome 28.0.1500.68 \n * Google Chrome 28.0.1500.70 \n * Google Chrome 28.0.1500.71 \n * Google Chrome 28.0.1500.72 \n * Google Chrome 28.0.1500.8 \n * Google Chrome 28.0.1500.89 \n * Google Chrome 28.0.1500.9 \n * Google Chrome 28.0.1500.91 \n * Google Chrome 28.0.1500.93 \n * Google Chrome 28.0.1500.94 \n * Google Chrome 28.0.1500.95 \n * Google Chrome 29.0.1547.0 \n * Google Chrome 29.0.1547.10 \n * Google Chrome 29.0.1547.12 \n * Google Chrome 29.0.1547.14 \n * Google Chrome 29.0.1547.16 \n * Google Chrome 29.0.1547.18 \n * Google Chrome 29.0.1547.2 \n * Google Chrome 29.0.1547.21 \n * Google Chrome 29.0.1547.23 \n * Google Chrome 29.0.1547.28 \n * Google Chrome 29.0.1547.3 \n * Google Chrome 29.0.1547.31 \n * Google Chrome 29.0.1547.33 \n * Google Chrome 29.0.1547.35 \n * Google Chrome 29.0.1547.37 \n * Google Chrome 29.0.1547.39 \n * Google Chrome 29.0.1547.40 \n * Google Chrome 29.0.1547.42 \n * Google Chrome 29.0.1547.46 \n * Google Chrome 29.0.1547.48 \n * Google Chrome 29.0.1547.5 \n * Google Chrome 29.0.1547.51 \n * Google Chrome 29.0.1547.53 \n * Google Chrome 29.0.1547.55 \n * Google Chrome 29.0.1547.57 \n * Google Chrome 29.0.1547.7 \n * Google Chrome 29.0.1547.76 \n * Google Chrome 29.0.1547.9 \n * Google Chrome 3 \n * Google Chrome 3.0 Beta \n * Google Chrome 3.0.182.2 \n * Google Chrome 3.0.190.2 \n * Google Chrome 3.0.193.2 Beta \n * Google Chrome 3.0.195.2 \n * Google Chrome 3.0.195.21 \n * Google Chrome 3.0.195.24 \n * Google Chrome 3.0.195.25 \n * Google Chrome 3.0.195.27 \n * Google Chrome 3.0.195.32 \n * Google Chrome 3.0.195.33 \n * Google Chrome 3.0.195.36 \n * Google Chrome 3.0.195.37 \n * Google Chrome 3.0.195.38 \n * Google Chrome 30.0.1599.0 \n * Google Chrome 30.0.1599.10 \n * Google Chrome 30.0.1599.100 \n * Google Chrome 30.0.1599.101 \n * Google Chrome 30.0.1599.12 \n * Google Chrome 30.0.1599.14 \n * Google Chrome 30.0.1599.16 \n * Google Chrome 30.0.1599.18 \n * Google Chrome 30.0.1599.2 \n * Google Chrome 30.0.1599.21 \n * Google Chrome 30.0.1599.23 \n * Google Chrome 30.0.1599.25 \n * Google Chrome 30.0.1599.27 \n * Google Chrome 30.0.1599.29 \n * Google Chrome 30.0.1599.31 \n * Google Chrome 30.0.1599.33 \n * Google Chrome 30.0.1599.35 \n * Google Chrome 30.0.1599.37 \n * Google Chrome 30.0.1599.39 \n * Google Chrome 30.0.1599.40 \n * Google Chrome 30.0.1599.42 \n * Google Chrome 30.0.1599.44 \n * Google Chrome 30.0.1599.48 \n * Google Chrome 30.0.1599.5 \n * Google Chrome 30.0.1599.51 \n * Google Chrome 30.0.1599.53 \n * Google Chrome 30.0.1599.57 \n * Google Chrome 30.0.1599.59 \n * Google Chrome 30.0.1599.60 \n * Google Chrome 30.0.1599.64 \n * Google Chrome 30.0.1599.66 \n * Google Chrome 30.0.1599.67 \n * Google Chrome 30.0.1599.68 \n * Google Chrome 30.0.1599.69 \n * Google Chrome 30.0.1599.7 \n * Google Chrome 30.0.1599.79 \n * Google Chrome 30.0.1599.80 \n * Google Chrome 30.0.1599.81 \n * Google Chrome 30.0.1599.82 \n * Google Chrome 30.0.1599.84 \n * Google Chrome 30.0.1599.85 \n * Google Chrome 30.0.1599.86 \n * Google Chrome 30.0.1599.87 \n * Google Chrome 30.0.1599.88 \n * Google Chrome 30.0.1599.9 \n * Google Chrome 30.0.1599.90 \n * Google Chrome 31.0.1650.0 \n * Google Chrome 31.0.1650.10 \n * Google Chrome 31.0.1650.11 \n * Google Chrome 31.0.1650.12 \n * Google Chrome 31.0.1650.13 \n * Google Chrome 31.0.1650.14 \n * Google Chrome 31.0.1650.15 \n * Google Chrome 31.0.1650.16 \n * Google Chrome 31.0.1650.17 \n * Google Chrome 31.0.1650.18 \n * Google Chrome 31.0.1650.19 \n * Google Chrome 31.0.1650.2 \n * Google Chrome 31.0.1650.20 \n * Google Chrome 31.0.1650.22 \n * Google Chrome 31.0.1650.23 \n * Google Chrome 31.0.1650.25 \n * Google Chrome 31.0.1650.26 \n * Google Chrome 31.0.1650.27 \n * Google Chrome 31.0.1650.28 \n * Google Chrome 31.0.1650.29 \n * Google Chrome 31.0.1650.3 \n * Google Chrome 31.0.1650.30 \n * Google Chrome 31.0.1650.31 \n * Google Chrome 31.0.1650.32 \n * Google Chrome 31.0.1650.33 \n * Google Chrome 31.0.1650.34 \n * Google Chrome 31.0.1650.35 \n * Google Chrome 31.0.1650.36 \n * Google Chrome 31.0.1650.37 \n * Google Chrome 31.0.1650.38 \n * Google Chrome 31.0.1650.39 \n * Google Chrome 31.0.1650.4 \n * Google Chrome 31.0.1650.41 \n * Google Chrome 31.0.1650.42 \n * Google Chrome 31.0.1650.43 \n * Google Chrome 31.0.1650.44 \n * Google Chrome 31.0.1650.45 \n * Google Chrome 31.0.1650.46 \n * Google Chrome 31.0.1650.47 \n * Google Chrome 31.0.1650.48 \n * Google Chrome 31.0.1650.49 \n * Google Chrome 31.0.1650.5 \n * Google Chrome 31.0.1650.50 \n * Google Chrome 31.0.1650.52 \n * Google Chrome 31.0.1650.54 \n * Google Chrome 31.0.1650.57 \n * Google Chrome 31.0.1650.58 \n * Google Chrome 31.0.1650.6 \n * Google Chrome 31.0.1650.60 \n * Google Chrome 31.0.1650.61 \n * Google Chrome 31.0.1650.62 \n * Google Chrome 31.0.1650.63 \n * Google Chrome 31.0.1650.7 \n * Google Chrome 31.0.1650.8 \n * Google Chrome 31.0.1650.9 \n * Google Chrome 32.0.1651.2 \n * Google Chrome 32.0.1652.1 \n * Google Chrome 32.0.1653.1 \n * Google Chrome 32.0.1654.0 \n * Google Chrome 32.0.1654.3 \n * Google Chrome 32.0.1655.1 \n * Google Chrome 32.0.1656.1 \n * Google Chrome 32.0.1657.0 \n * Google Chrome 32.0.1658.0 \n * Google Chrome 32.0.1658.2 \n * Google Chrome 32.0.1659.1 \n * Google Chrome 32.0.1659.3 \n * Google Chrome 32.0.1660.1 \n * Google Chrome 32.0.1661.0 \n * Google Chrome 32.0.1662.0 \n * Google Chrome 32.0.1662.2 \n * Google Chrome 32.0.1663.1 \n * Google Chrome 32.0.1663.3 \n * Google Chrome 32.0.1664.1 \n * Google Chrome 32.0.1664.3 \n * Google Chrome 32.0.1666.0 \n * Google Chrome 32.0.1667.0 \n * Google Chrome 32.0.1668.0 \n * Google Chrome 32.0.1668.2 \n * Google Chrome 32.0.1668.4 \n * Google Chrome 32.0.1668.6 \n * Google Chrome 32.0.1669.1 \n * Google Chrome 32.0.1669.3 \n * Google Chrome 32.0.1670.1 \n * Google Chrome 32.0.1670.3 \n * Google Chrome 32.0.1670.5 \n * Google Chrome 32.0.1671.2 \n * Google Chrome 32.0.1671.4 \n * Google Chrome 32.0.1671.8 \n * Google Chrome 32.0.1672.2 \n * Google Chrome 32.0.1673.2 \n * Google Chrome 32.0.1673.4 \n * Google Chrome 32.0.1674.1 \n * Google Chrome 32.0.1675.0 \n * Google Chrome 32.0.1675.2 \n * Google Chrome 32.0.1676.0 \n * Google Chrome 32.0.1676.2 \n * Google Chrome 32.0.1677.1 \n * Google Chrome 32.0.1678.1 \n * Google Chrome 32.0.1679.0 \n * Google Chrome 32.0.1680.0 \n * Google Chrome 32.0.1681.0 \n * Google Chrome 32.0.1681.3 \n * Google Chrome 32.0.1682.3 \n * Google Chrome 32.0.1682.5 \n * Google Chrome 32.0.1683.1 \n * Google Chrome 32.0.1684.0 \n * Google Chrome 32.0.1684.2 \n * Google Chrome 32.0.1685.0 \n * Google Chrome 32.0.1685.2 \n * Google Chrome 32.0.1686.0 \n * Google Chrome 32.0.1687.0 \n * Google Chrome 32.0.1688.0 \n * Google Chrome 32.0.1689.0 \n * Google Chrome 32.0.1689.2 \n * Google Chrome 32.0.1690.0 \n * Google Chrome 32.0.1700.0 \n * Google Chrome 32.0.1700.100 \n * Google Chrome 32.0.1700.102 \n * Google Chrome 32.0.1700.103 \n * Google Chrome 32.0.1700.107 \n * Google Chrome 32.0.1700.11 \n * Google Chrome 32.0.1700.13 \n * Google Chrome 32.0.1700.15 \n * Google Chrome 32.0.1700.17 \n * Google Chrome 32.0.1700.19 \n * Google Chrome 32.0.1700.21 \n * Google Chrome 32.0.1700.23 \n * Google Chrome 32.0.1700.26 \n * Google Chrome 32.0.1700.28 \n * Google Chrome 32.0.1700.3 \n * Google Chrome 32.0.1700.31 \n * Google Chrome 32.0.1700.33 \n * Google Chrome 32.0.1700.35 \n * Google Chrome 32.0.1700.39 \n * Google Chrome 32.0.1700.41 \n * Google Chrome 32.0.1700.50 \n * Google Chrome 32.0.1700.52 \n * Google Chrome 32.0.1700.54 \n * Google Chrome 32.0.1700.56 \n * Google Chrome 32.0.1700.58 \n * Google Chrome 32.0.1700.6 \n * Google Chrome 32.0.1700.63 \n * Google Chrome 32.0.1700.65 \n * Google Chrome 32.0.1700.67 \n * Google Chrome 32.0.1700.69 \n * Google Chrome 32.0.1700.70 \n * Google Chrome 32.0.1700.74 \n * Google Chrome 32.0.1700.76 \n * Google Chrome 32.0.1700.77 \n * Google Chrome 32.0.1700.9 \n * Google Chrome 32.0.1700.95 \n * Google Chrome 32.0.1700.97 \n * Google Chrome 32.0.1700.98 \n * Google Chrome 33.0.1750.0 \n * Google Chrome 33.0.1750.10 \n * Google Chrome 33.0.1750.106 \n * Google Chrome 33.0.1750.108 \n * Google Chrome 33.0.1750.11 \n * Google Chrome 33.0.1750.111 \n * Google Chrome 33.0.1750.113 \n * Google Chrome 33.0.1750.116 \n * Google Chrome 33.0.1750.117 \n * Google Chrome 33.0.1750.124 \n * Google Chrome 33.0.1750.125 \n * Google Chrome 33.0.1750.13 \n * Google Chrome 33.0.1750.132 \n * Google Chrome 33.0.1750.135 \n * Google Chrome 33.0.1750.14 \n * Google Chrome 33.0.1750.144 \n * Google Chrome 33.0.1750.146 \n * Google Chrome 33.0.1750.149 \n * Google Chrome 33.0.1750.151 \n * Google Chrome 33.0.1750.152 \n * Google Chrome 33.0.1750.154 \n * Google Chrome 33.0.1750.16 \n * Google Chrome 33.0.1750.166 \n * Google Chrome 33.0.1750.168 \n * Google Chrome 33.0.1750.19 \n * Google Chrome 33.0.1750.20 \n * Google Chrome 33.0.1750.22 \n * Google Chrome 33.0.1750.24 \n * Google Chrome 33.0.1750.26 \n * Google Chrome 33.0.1750.28 \n * Google Chrome 33.0.1750.3 \n * Google Chrome 33.0.1750.31 \n * Google Chrome 33.0.1750.35 \n * Google Chrome 33.0.1750.37 \n * Google Chrome 33.0.1750.39 \n * Google Chrome 33.0.1750.40 \n * Google Chrome 33.0.1750.42 \n * Google Chrome 33.0.1750.44 \n * Google Chrome 33.0.1750.46 \n * Google Chrome 33.0.1750.48 \n * Google Chrome 33.0.1750.5 \n * Google Chrome 33.0.1750.51 \n * Google Chrome 33.0.1750.53 \n * Google Chrome 33.0.1750.55 \n * Google Chrome 33.0.1750.57 \n * Google Chrome 33.0.1750.59 \n * Google Chrome 33.0.1750.60 \n * Google Chrome 33.0.1750.62 \n * Google Chrome 33.0.1750.64 \n * Google Chrome 33.0.1750.66 \n * Google Chrome 33.0.1750.68 \n * Google Chrome 33.0.1750.7 \n * Google Chrome 33.0.1750.71 \n * Google Chrome 33.0.1750.74 \n * Google Chrome 33.0.1750.76 \n * Google Chrome 33.0.1750.79 \n * Google Chrome 33.0.1750.80 \n * Google Chrome 33.0.1750.82 \n * Google Chrome 33.0.1750.85 \n * Google Chrome 33.0.1750.89 \n * Google Chrome 33.0.1750.90 \n * Google Chrome 33.0.1750.92 \n * Google Chrome 34.0.1847.0 \n * Google Chrome 34.0.1847.10 \n * Google Chrome 34.0.1847.101 \n * Google Chrome 34.0.1847.103 \n * Google Chrome 34.0.1847.109 \n * Google Chrome 34.0.1847.112 \n * Google Chrome 34.0.1847.114 \n * Google Chrome 34.0.1847.116 \n * Google Chrome 34.0.1847.118 \n * Google Chrome 34.0.1847.120 \n * Google Chrome 34.0.1847.130 \n * Google Chrome 34.0.1847.131 \n * Google Chrome 34.0.1847.132 \n * Google Chrome 34.0.1847.134 \n * Google Chrome 34.0.1847.136 \n * Google Chrome 34.0.1847.137 \n * Google Chrome 34.0.1847.15 \n * Google Chrome 34.0.1847.23 \n * Google Chrome 34.0.1847.25 \n * Google Chrome 34.0.1847.36 \n * Google Chrome 34.0.1847.38 \n * Google Chrome 34.0.1847.4 \n * Google Chrome 34.0.1847.42 \n * Google Chrome 34.0.1847.44 \n * Google Chrome 34.0.1847.46 \n * Google Chrome 34.0.1847.48 \n * Google Chrome 34.0.1847.5 \n * Google Chrome 34.0.1847.51 \n * Google Chrome 34.0.1847.53 \n * Google Chrome 34.0.1847.55 \n * Google Chrome 34.0.1847.57 \n * Google Chrome 34.0.1847.59 \n * Google Chrome 34.0.1847.60 \n * Google Chrome 34.0.1847.62 \n * Google Chrome 34.0.1847.64 \n * Google Chrome 34.0.1847.66 \n * Google Chrome 34.0.1847.68 \n * Google Chrome 34.0.1847.7 \n * Google Chrome 34.0.1847.72 \n * Google Chrome 34.0.1847.74 \n * Google Chrome 34.0.1847.76 \n * Google Chrome 34.0.1847.78 \n * Google Chrome 34.0.1847.8 \n * Google Chrome 34.0.1847.81 \n * Google Chrome 34.0.1847.83 \n * Google Chrome 34.0.1847.86 \n * Google Chrome 34.0.1847.9 \n * Google Chrome 34.0.1847.92 \n * Google Chrome 34.0.1847.97 \n * Google Chrome 34.0.1847.99 \n * Google Chrome 35.0.1916.0 \n * Google Chrome 35.0.1916.10 \n * Google Chrome 35.0.1916.103 \n * Google Chrome 35.0.1916.105 \n * Google Chrome 35.0.1916.107 \n * Google Chrome 35.0.1916.109 \n * Google Chrome 35.0.1916.110 \n * Google Chrome 35.0.1916.112 \n * Google Chrome 35.0.1916.114 \n * Google Chrome 35.0.1916.13 \n * Google Chrome 35.0.1916.15 \n * Google Chrome 35.0.1916.153 \n * Google Chrome 35.0.1916.18 \n * Google Chrome 35.0.1916.2 \n * Google Chrome 35.0.1916.21 \n * Google Chrome 35.0.1916.23 \n * Google Chrome 35.0.1916.3 \n * Google Chrome 35.0.1916.32 \n * Google Chrome 35.0.1916.34 \n * Google Chrome 35.0.1916.36 \n * Google Chrome 35.0.1916.38 \n * Google Chrome 35.0.1916.4 \n * Google Chrome 35.0.1916.41 \n * Google Chrome 35.0.1916.43 \n * Google Chrome 35.0.1916.45 \n * Google Chrome 35.0.1916.47 \n * Google Chrome 35.0.1916.49 \n * Google Chrome 35.0.1916.51 \n * Google Chrome 35.0.1916.54 \n * Google Chrome 35.0.1916.57 \n * Google Chrome 35.0.1916.6 \n * Google Chrome 35.0.1916.68 \n * Google Chrome 35.0.1916.7 \n * Google Chrome 35.0.1916.72 \n * Google Chrome 35.0.1916.77 \n * Google Chrome 35.0.1916.80 \n * Google Chrome 35.0.1916.84 \n * Google Chrome 35.0.1916.86 \n * Google Chrome 35.0.1916.9 \n * Google Chrome 35.0.1916.92 \n * Google Chrome 35.0.1916.95 \n * Google Chrome 35.0.1916.98 \n * Google Chrome 36.0.1985.122 \n * Google Chrome 36.0.1985.143 \n * Google Chrome 37.0.2062.0 \n * Google Chrome 37.0.2062.10 \n * Google Chrome 37.0.2062.12 \n * Google Chrome 37.0.2062.120 \n * Google Chrome 37.0.2062.124 \n * Google Chrome 37.0.2062.14 \n * Google Chrome 37.0.2062.16 \n * Google Chrome 37.0.2062.18 \n * Google Chrome 37.0.2062.2 \n * Google Chrome 37.0.2062.21 \n * Google Chrome 37.0.2062.23 \n * Google Chrome 37.0.2062.25 \n * Google Chrome 37.0.2062.27 \n * Google Chrome 37.0.2062.29 \n * Google Chrome 37.0.2062.30 \n * Google Chrome 37.0.2062.32 \n * Google Chrome 37.0.2062.34 \n * Google Chrome 37.0.2062.36 \n * Google Chrome 37.0.2062.39 \n * Google Chrome 37.0.2062.43 \n * Google Chrome 37.0.2062.45 \n * Google Chrome 37.0.2062.47 \n * Google Chrome 37.0.2062.49 \n * Google Chrome 37.0.2062.50 \n * Google Chrome 37.0.2062.52 \n * Google Chrome 37.0.2062.54 \n * Google Chrome 37.0.2062.56 \n * Google Chrome 37.0.2062.58 \n * Google Chrome 37.0.2062.6 \n * Google Chrome 37.0.2062.61 \n * Google Chrome 37.0.2062.63 \n * Google Chrome 37.0.2062.65 \n * Google Chrome 37.0.2062.67 \n * Google Chrome 37.0.2062.69 \n * Google Chrome 37.0.2062.70 \n * Google Chrome 37.0.2062.72 \n * Google Chrome 37.0.2062.74 \n * Google Chrome 37.0.2062.76 \n * Google Chrome 37.0.2062.78 \n * Google Chrome 37.0.2062.80 \n * Google Chrome 37.0.2062.89 \n * Google Chrome 37.0.2062.90 \n * Google Chrome 37.0.2062.92 \n * Google Chrome 37.0.2062.94 \n * Google Chrome 37.0.2062.95 \n * Google Chrome 37.0.2062.97 \n * Google Chrome 38.0.2125.101 \n * Google Chrome 38.0.2125.101 ~~~Android~~ \n * Google Chrome 38.0.2125.122 \n * Google Chrome 39.0.2171.63 \n * Google Chrome 39.0.2171.65 \n * Google Chrome 4 \n * Google Chrome 4.0.211.0 \n * Google Chrome 4.0.212.0 \n * Google Chrome 4.0.212.1 \n * Google Chrome 4.0.221.8 \n * Google Chrome 4.0.222.0 \n * Google Chrome 4.0.222.1 \n * Google Chrome 4.0.222.12 \n * Google Chrome 4.0.222.5 \n * Google Chrome 4.0.223.0 \n * Google Chrome 4.0.223.1 \n * Google Chrome 4.0.223.2 \n * Google Chrome 4.0.223.4 \n * Google Chrome 4.0.223.5 \n * Google Chrome 4.0.223.7 \n * Google Chrome 4.0.223.8 \n * Google Chrome 4.0.224.0 \n * Google Chrome 4.0.229.1 \n * Google Chrome 4.0.235.0 \n * Google Chrome 4.0.236.0 \n * Google Chrome 4.0.237.0 \n * Google Chrome 4.0.237.1 \n * Google Chrome 4.0.239.0 \n * Google Chrome 4.0.240.0 \n * Google Chrome 4.0.241.0 \n * Google Chrome 4.0.242.0 \n * Google Chrome 4.0.243.0 \n * Google Chrome 4.0.244.0 \n * Google Chrome 4.0.245.0 \n * Google Chrome 4.0.246.0 \n * Google Chrome 4.0.247.0 \n * Google Chrome 4.0.248.0 \n * Google Chrome 4.0.249.0 \n * Google Chrome 4.0.249.1 \n * Google Chrome 4.0.249.10 \n * Google Chrome 4.0.249.11 \n * Google Chrome 4.0.249.12 \n * Google Chrome 4.0.249.14 \n * Google Chrome 4.0.249.16 \n * Google Chrome 4.0.249.17 \n * Google Chrome 4.0.249.18 \n * Google Chrome 4.0.249.19 \n * Google Chrome 4.0.249.2 \n * Google Chrome 4.0.249.20 \n * Google Chrome 4.0.249.21 \n * Google Chrome 4.0.249.22 \n * Google Chrome 4.0.249.23 \n * Google Chrome 4.0.249.24 \n * Google Chrome 4.0.249.25 \n * Google Chrome 4.0.249.26 \n * Google Chrome 4.0.249.27 \n * Google Chrome 4.0.249.28 \n * Google Chrome 4.0.249.29 \n * Google Chrome 4.0.249.3 \n * Google Chrome 4.0.249.30 \n * Google Chrome 4.0.249.31 \n * Google Chrome 4.0.249.32 \n * Google Chrome 4.0.249.33 \n * Google Chrome 4.0.249.34 \n * Google Chrome 4.0.249.35 \n * Google Chrome 4.0.249.36 \n * Google Chrome 4.0.249.37 \n * Google Chrome 4.0.249.38 \n * Google Chrome 4.0.249.39 \n * Google Chrome 4.0.249.4 \n * Google Chrome 4.0.249.40 \n * Google Chrome 4.0.249.41 \n * Google Chrome 4.0.249.42 \n * Google Chrome 4.0.249.43 \n * Google Chrome 4.0.249.44 \n * Google Chrome 4.0.249.45 \n * Google Chrome 4.0.249.46 \n * Google Chrome 4.0.249.47 \n * Google Chrome 4.0.249.48 \n * Google Chrome 4.0.249.49 \n * Google Chrome 4.0.249.5 \n * Google Chrome 4.0.249.50 \n * Google Chrome 4.0.249.51 \n * Google Chrome 4.0.249.52 \n * Google Chrome 4.0.249.53 \n * Google Chrome 4.0.249.54 \n * Google Chrome 4.0.249.55 \n * Google Chrome 4.0.249.56 \n * Google Chrome 4.0.249.57 \n * Google Chrome 4.0.249.58 \n * Google Chrome 4.0.249.59 \n * Google Chrome 4.0.249.6 \n * Google Chrome 4.0.249.60 \n * Google Chrome 4.0.249.61 \n * Google Chrome 4.0.249.62 \n * Google Chrome 4.0.249.63 \n * Google Chrome 4.0.249.64 \n * Google Chrome 4.0.249.65 \n * Google Chrome 4.0.249.66 \n * Google Chrome 4.0.249.67 \n * Google Chrome 4.0.249.68 \n * Google Chrome 4.0.249.69 \n * Google Chrome 4.0.249.7 \n * Google Chrome 4.0.249.70 \n * Google Chrome 4.0.249.71 \n * Google Chrome 4.0.249.72 \n * Google Chrome 4.0.249.73 \n * Google Chrome 4.0.249.74 \n * Google Chrome 4.0.249.75 \n * Google Chrome 4.0.249.76 \n * Google Chrome 4.0.249.77 \n * Google Chrome 4.0.249.78 \n * Google Chrome 4.0.249.78 Beta \n * Google Chrome 4.0.249.79 \n * Google Chrome 4.0.249.8 \n * Google Chrome 4.0.249.80 \n * Google Chrome 4.0.249.81 \n * Google Chrome 4.0.249.82 \n * Google Chrome 4.0.249.89 \n * Google Chrome 4.0.249.9 \n * Google Chrome 4.0.250.0 \n * Google Chrome 4.0.250.2 \n * Google Chrome 4.0.251.0 \n * Google Chrome 4.0.252.0 \n * Google Chrome 4.0.254.0 \n * Google Chrome 4.0.255.0 \n * Google Chrome 4.0.256.0 \n * Google Chrome 4.0.257.0 \n * Google Chrome 4.0.258.0 \n * Google Chrome 4.0.259.0 \n * Google Chrome 4.0.260.0 \n * Google Chrome 4.0.261.0 \n * Google Chrome 4.0.262.0 \n * Google Chrome 4.0.263.0 \n * Google Chrome 4.0.264.0 \n * Google Chrome 4.0.265.0 \n * Google Chrome 4.0.266.0 \n * Google Chrome 4.0.267.0 \n * Google Chrome 4.0.268.0 \n * Google Chrome 4.0.269.0 \n * Google Chrome 4.0.271.0 \n * Google Chrome 4.0.272.0 \n * Google Chrome 4.0.275.0 \n * Google Chrome 4.0.275.1 \n * Google Chrome 4.0.276.0 \n * Google Chrome 4.0.277.0 \n * Google Chrome 4.0.278.0 \n * Google Chrome 4.0.286.0 \n * Google Chrome 4.0.287.0 \n * Google Chrome 4.0.288.0 \n * Google Chrome 4.0.288.1 \n * Google Chrome 4.0.289.0 \n * Google Chrome 4.0.290.0 \n * Google Chrome 4.0.292.0 \n * Google Chrome 4.0.294.0 \n * Google Chrome 4.0.295.0 \n * Google Chrome 4.0.296.0 \n * Google Chrome 4.0.299.0 \n * Google Chrome 4.0.300.0 \n * Google Chrome 4.0.301.0 \n * Google Chrome 4.0.302.0 \n * Google Chrome 4.0.302.1 \n * Google Chrome 4.0.302.2 \n * Google Chrome 4.0.302.3 \n * Google Chrome 4.0.303.0 \n * Google Chrome 4.0.304.0 \n * Google Chrome 4.0.305.0 \n * Google Chrome 4.1 Beta \n * Google Chrome 4.1.249.0 \n * Google Chrome 4.1.249.1001 \n * Google Chrome 4.1.249.1004 \n * Google Chrome 4.1.249.1006 \n * Google Chrome 4.1.249.1007 \n * Google Chrome 4.1.249.1008 \n * Google Chrome 4.1.249.1009 \n * Google Chrome 4.1.249.1010 \n * Google Chrome 4.1.249.1011 \n * Google Chrome 4.1.249.1012 \n * Google Chrome 4.1.249.1013 \n * Google Chrome 4.1.249.1014 \n * Google Chrome 4.1.249.1015 \n * Google Chrome 4.1.249.1016 \n * Google Chrome 4.1.249.1017 \n * Google Chrome 4.1.249.1018 \n * Google Chrome 4.1.249.1019 \n * Google Chrome 4.1.249.1020 \n * Google Chrome 4.1.249.1021 \n * Google Chrome 4.1.249.1022 \n * Google Chrome 4.1.249.1023 \n * Google Chrome 4.1.249.1024 \n * Google Chrome 4.1.249.1025 \n * Google Chrome 4.1.249.1026 \n * Google Chrome 4.1.249.1027 \n * Google Chrome 4.1.249.1028 \n * Google Chrome 4.1.249.1029 \n * Google Chrome 4.1.249.1030 \n * Google Chrome 4.1.249.1031 \n * Google Chrome 4.1.249.1032 \n * Google Chrome 4.1.249.1033 \n * Google Chrome 4.1.249.1034 \n * Google Chrome 4.1.249.1035 \n * Google Chrome 4.1.249.1036 \n * Google Chrome 4.1.249.1037 \n * Google Chrome 4.1.249.1038 \n * Google Chrome 4.1.249.1039 \n * Google Chrome 4.1.249.1040 \n * Google Chrome 4.1.249.1041 \n * Google Chrome 4.1.249.1042 \n * Google Chrome 4.1.249.1043 \n * Google Chrome 4.1.249.1044 \n * Google Chrome 4.1.249.1045 \n * Google Chrome 4.1.249.1046 \n * Google Chrome 4.1.249.1047 \n * Google Chrome 4.1.249.1048 \n * Google Chrome 4.1.249.1049 \n * Google Chrome 4.1.249.1050 \n * Google Chrome 4.1.249.1051 \n * Google Chrome 4.1.249.1052 \n * Google Chrome 4.1.249.1053 \n * Google Chrome 4.1.249.1054 \n * Google Chrome 4.1.249.1055 \n * Google Chrome 4.1.249.1056 \n * Google Chrome 4.1.249.1057 \n * Google Chrome 4.1.249.1058 \n * Google Chrome 4.1.249.1059 \n * Google Chrome 4.1.249.1060 \n * Google Chrome 4.1.249.1061 \n * Google Chrome 4.1.249.1062 \n * Google Chrome 4.1.249.1063 \n * Google Chrome 4.1.249.1064 \n * Google Chrome 40.0.2214.111 \n * Google Chrome 40.0.2214.115 \n * Google Chrome 40.0.2214.85 \n * Google Chrome 40.0.2214.91 \n * Google Chrome 41.0.2272 \n * Google Chrome 41.0.2272.118 \n * Google Chrome 41.0.2272.76 \n * Google Chrome 42.0.2311 \n * Google Chrome 42.0.2311.135 \n * Google Chrome 42.0.2311.90 \n * Google Chrome 43.0.2357 \n * Google Chrome 43.0.2357.130 \n * Google Chrome 43.0.2357.65 \n * Google Chrome 44.0.2403 \n * Google Chrome 44.0.2403.157 \n * Google Chrome 44.0.2403.89 \n * Google Chrome 45.0.2454 \n * Google Chrome 45.0.2454.101 \n * Google Chrome 45.0.2454.85 \n * Google Chrome 46.0.2490 \n * Google Chrome 46.0.2490.71 \n * Google Chrome 46.0.2490.76 \n * Google Chrome 46.0.2490.86 \n * Google Chrome 47.0 \n * Google Chrome 47.0.2526.106 \n * Google Chrome 47.0.2526.73 \n * Google Chrome 47.0.2526.80 \n * Google Chrome 48.0.2564.109 \n * Google Chrome 48.0.2564.116 \n * Google Chrome 48.0.2564.82 \n * Google Chrome 49.0.2566.0 \n * Google Chrome 49.0.2623.108 \n * Google Chrome 49.0.2623.75 \n * Google Chrome 49.0.2623.87 \n * Google Chrome 5.0.306.0 \n * Google Chrome 5.0.306.1 \n * Google Chrome 5.0.307.1 \n * Google Chrome 5.0.307.10 \n * Google Chrome 5.0.307.11 \n * Google Chrome 5.0.307.3 \n * Google Chrome 5.0.307.4 \n * Google Chrome 5.0.307.5 \n * Google Chrome 5.0.307.6 \n * Google Chrome 5.0.307.7 \n * Google Chrome 5.0.307.8 \n * Google Chrome 5.0.307.9 \n * Google Chrome 5.0.308.0 \n * Google Chrome 5.0.309.0 \n * Google Chrome 5.0.313.0 \n * Google Chrome 5.0.314.0 \n * Google Chrome 5.0.314.1 \n * Google Chrome 5.0.315.0 \n * Google Chrome 5.0.316.0 \n * Google Chrome 5.0.317.0 \n * Google Chrome 5.0.317.1 \n * Google Chrome 5.0.317.2 \n * Google Chrome 5.0.318.0 \n * Google Chrome 5.0.319.0 \n * Google Chrome 5.0.320.0 \n * Google Chrome 5.0.321.0 \n * Google Chrome 5.0.322.0 \n * Google Chrome 5.0.322.1 \n * Google Chrome 5.0.322.2 \n * Google Chrome 5.0.323.0 \n * Google Chrome 5.0.324.0 \n * Google Chrome 5.0.325.0 \n * Google Chrome 5.0.326.0 \n * Google Chrome 5.0.327.0 \n * Google Chrome 5.0.328.0 \n * Google Chrome 5.0.329.0 \n * Google Chrome 5.0.330.0 \n * Google Chrome 5.0.332.0 \n * Google Chrome 5.0.333.0 \n * Google Chrome 5.0.334.0 \n * Google Chrome 5.0.335.0 \n * Google Chrome 5.0.335.1 \n * Google Chrome 5.0.335.2 \n * Google Chrome 5.0.335.3 \n * Google Chrome 5.0.335.4 \n * Google Chrome 5.0.336.0 \n * Google Chrome 5.0.337.0 \n * Google Chrome 5.0.338.0 \n * Google Chrome 5.0.339.0 \n * Google Chrome 5.0.340.0 \n * Google Chrome 5.0.341.0 \n * Google Chrome 5.0.342.0 \n * Google Chrome 5.0.342.1 \n * Google Chrome 5.0.342.2 \n * Google Chrome 5.0.342.3 \n * Google Chrome 5.0.342.4 \n * Google Chrome 5.0.342.5 \n * Google Chrome 5.0.342.6 \n * Google Chrome 5.0.342.7 \n * Google Chrome 5.0.342.7 Beta Mac \n * Google Chrome 5.0.342.8 \n * Google Chrome 5.0.342.9 \n * Google Chrome 5.0.343.0 \n * Google Chrome 5.0.344.0 \n * Google Chrome 5.0.345.0 \n * Google Chrome 5.0.346.0 \n * Google Chrome 5.0.347.0 \n * Google Chrome 5.0.348.0 \n * Google Chrome 5.0.349.0 \n * Google Chrome 5.0.350.0 \n * Google Chrome 5.0.350.1 \n * Google Chrome 5.0.351.0 \n * Google Chrome 5.0.353.0 \n * Google Chrome 5.0.354.0 \n * Google Chrome 5.0.354.1 \n * Google Chrome 5.0.355.0 \n * Google Chrome 5.0.356.0 \n * Google Chrome 5.0.356.1 \n * Google Chrome 5.0.356.2 \n * Google Chrome 5.0.357.0 \n * Google Chrome 5.0.358.0 \n * Google Chrome 5.0.359.0 \n * Google Chrome 5.0.360.0 \n * Google Chrome 5.0.360.3 \n * Google Chrome 5.0.360.4 \n * Google Chrome 5.0.360.5 \n * Google Chrome 5.0.361.0 \n * Google Chrome 5.0.362.0 \n * Google Chrome 5.0.363.0 \n * Google Chrome 5.0.364.0 \n * Google Chrome 5.0.365.0 \n * Google Chrome 5.0.366.0 \n * Google Chrome 5.0.366.1 \n * Google Chrome 5.0.366.2 \n * Google Chrome 5.0.366.3 \n * Google Chrome 5.0.366.4 \n * Google Chrome 5.0.367.0 \n * Google Chrome 5.0.368.0 \n * Google Chrome 5.0.369.0 \n * Google Chrome 5.0.369.1 \n * Google Chrome 5.0.369.2 \n * Google Chrome 5.0.370.0 \n * Google Chrome 5.0.371.0 \n * Google Chrome 5.0.372.0 \n * Google Chrome 5.0.373.0 \n * Google Chrome 5.0.374.0 \n * Google Chrome 5.0.375.0 \n * Google Chrome 5.0.375.1 \n * Google Chrome 5.0.375.10 \n * Google Chrome 5.0.375.11 \n * Google Chrome 5.0.375.12 \n * Google Chrome 5.0.375.125 \n * Google Chrome 5.0.375.126 \n * Google Chrome 5.0.375.127 \n * Google Chrome 5.0.375.13 \n * Google Chrome 5.0.375.14 \n * Google Chrome 5.0.375.15 \n * Google Chrome 5.0.375.16 \n * Google Chrome 5.0.375.17 \n * Google Chrome 5.0.375.18 \n * Google Chrome 5.0.375.19 \n * Google Chrome 5.0.375.2 \n * Google Chrome 5.0.375.20 \n * Google Chrome 5.0.375.21 \n * Google Chrome 5.0.375.22 \n * Google Chrome 5.0.375.23 \n * Google Chrome 5.0.375.25 \n * Google Chrome 5.0.375.26 \n * Google Chrome 5.0.375.27 \n * Google Chrome 5.0.375.28 \n * Google Chrome 5.0.375.29 \n * Google Chrome 5.0.375.3 \n * Google Chrome 5.0.375.30 \n * Google Chrome 5.0.375.31 \n * Google Chrome 5.0.375.32 \n * Google Chrome 5.0.375.33 \n * Google Chrome 5.0.375.34 \n * Google Chrome 5.0.375.35 \n * Google Chrome 5.0.375.36 \n * Google Chrome 5.0.375.37 \n * Google Chrome 5.0.375.38 \n * Google Chrome 5.0.375.39 \n * Google Chrome 5.0.375.4 \n * Google Chrome 5.0.375.40 \n * Google Chrome 5.0.375.41 \n * Google Chrome 5.0.375.42 \n * Google Chrome 5.0.375.43 \n * Google Chrome 5.0.375.44 \n * Google Chrome 5.0.375.45 \n * Google Chrome 5.0.375.46 \n * Google Chrome 5.0.375.47 \n * Google Chrome 5.0.375.48 \n * Google Chrome 5.0.375.49 \n * Google Chrome 5.0.375.5 \n * Google Chrome 5.0.375.50 \n * Google Chrome 5.0.375.51 \n * Google Chrome 5.0.375.52 \n * Google Chrome 5.0.375.53 \n * Google Chrome 5.0.375.54 \n * Google Chrome 5.0.375.55 \n * Google Chrome 5.0.375.56 \n * Google Chrome 5.0.375.57 \n * Google Chrome 5.0.375.58 \n * Google Chrome 5.0.375.59 \n * Google Chrome 5.0.375.6 \n * Google Chrome 5.0.375.60 \n * Google Chrome 5.0.375.61 \n * Google Chrome 5.0.375.62 \n * Google Chrome 5.0.375.63 \n * Google Chrome 5.0.375.64 \n * Google Chrome 5.0.375.65 \n * Google Chrome 5.0.375.66 \n * Google Chrome 5.0.375.67 \n * Google Chrome 5.0.375.68 \n * Google Chrome 5.0.375.69 \n * Google Chrome 5.0.375.7 \n * Google Chrome 5.0.375.70 \n * Google Chrome 5.0.375.71 \n * Google Chrome 5.0.375.72 \n * Google Chrome 5.0.375.73 \n * Google Chrome 5.0.375.74 \n * Google Chrome 5.0.375.75 \n * Google Chrome 5.0.375.76 \n * Google Chrome 5.0.375.77 \n * Google Chrome 5.0.375.78 \n * Google Chrome 5.0.375.79 \n * Google Chrome 5.0.375.8 \n * Google Chrome 5.0.375.80 \n * Google Chrome 5.0.375.81 \n * Google Chrome 5.0.375.82 \n * Google Chrome 5.0.375.83 \n * Google Chrome 5.0.375.84 \n * Google Chrome 5.0.375.85 \n * Google Chrome 5.0.375.86 \n * Google Chrome 5.0.375.87 \n * Google Chrome 5.0.375.88 \n * Google Chrome 5.0.375.89 \n * Google Chrome 5.0.375.9 \n * Google Chrome 5.0.375.90 \n * Google Chrome 5.0.375.91 \n * Google Chrome 5.0.375.92 \n * Google Chrome 5.0.375.93 \n * Google Chrome 5.0.375.94 \n * Google Chrome 5.0.375.95 \n * Google Chrome 5.0.375.96 \n * Google Chrome 5.0.375.97 \n * Google Chrome 5.0.375.98 \n * Google Chrome 5.0.375.99 \n * Google Chrome 5.0.376.0 \n * Google Chrome 5.0.378.0 \n * Google Chrome 5.0.379.0 \n * Google Chrome 5.0.380.0 \n * Google Chrome 5.0.381.0 \n * Google Chrome 5.0.382.0 \n * Google Chrome 5.0.382.3 \n * Google Chrome 5.0.383.0 \n * Google Chrome 5.0.384.0 \n * Google Chrome 5.0.385.0 \n * Google Chrome 5.0.386.0 \n * Google Chrome 5.0.387.0 \n * Google Chrome 5.0.390.0 \n * Google Chrome 5.0.391.0 \n * Google Chrome 5.0.392.0 \n * Google Chrome 5.0.393.0 \n * Google Chrome 5.0.394.0 \n * Google Chrome 5.0.395.0 \n * Google Chrome 5.0.396.0 \n * Google Chrome 50.0.2661.102 \n * Google Chrome 50.0.2661.75 \n * Google Chrome 50.0.2661.94 \n * Google Chrome 51.0.2704.103 \n * Google Chrome 51.0.2704.63 \n * Google Chrome 51.0.2704.79 \n * Google Chrome 52.0.2743.116 \n * Google Chrome 52.0.2743.82 \n * Google Chrome 53.0.2785.113 \n * Google Chrome 53.0.2785.143 \n * Google Chrome 53.0.2785.89 \n * Google Chrome 54.0.2840.59 \n * Google Chrome 54.0.2840.85 \n * Google Chrome 54.0.2840.87 \n * Google Chrome 54.0.2840.90 \n * Google Chrome 54.0.2840.98 \n * Google Chrome 54.0.2840.99 \n * Google Chrome 55.0.2883.75 \n * Google Chrome 56.0.2924.76 \n * Google Chrome 57.0.2987.133 \n * Google Chrome 57.0.2987.98 \n * Google Chrome 58.0.3029.81 \n * Google Chrome 58.0.3029.96 \n * Google Chrome 59.0.3071.104 \n * Google Chrome 59.0.3071.115 \n * Google Chrome 59.0.3071.86 \n * Google Chrome 6.0.397.0 \n * Google Chrome 6.0.398.0 \n * Google Chrome 6.0.399.0 \n * Google Chrome 6.0.400.0 \n * Google Chrome 6.0.401.0 \n * Google Chrome 6.0.401.1 \n * Google Chrome 6.0.403.0 \n * Google Chrome 6.0.404.0 \n * Google Chrome 6.0.404.1 \n * Google Chrome 6.0.404.2 \n * Google Chrome 6.0.405.0 \n * Google Chrome 6.0.406.0 \n * Google Chrome 6.0.407.0 \n * Google Chrome 6.0.408.0 \n * Google Chrome 6.0.408.1 \n * Google Chrome 6.0.408.10 \n * Google Chrome 6.0.408.2 \n * Google Chrome 6.0.408.3 \n * Google Chrome 6.0.408.4 \n * Google Chrome 6.0.408.5 \n * Google Chrome 6.0.408.6 \n * Google Chrome 6.0.408.7 \n * Google Chrome 6.0.408.8 \n * Google Chrome 6.0.408.9 \n * Google Chrome 6.0.409.0 \n * Google Chrome 6.0.410.0 \n * Google Chrome 6.0.411.0 \n * Google Chrome 6.0.412.0 \n * Google Chrome 6.0.413.0 \n * Google Chrome 6.0.414.0 \n * Google Chrome 6.0.415.0 \n * Google Chrome 6.0.415.1 \n * Google Chrome 6.0.416.0 \n * Google Chrome 6.0.416.1 \n * Google Chrome 6.0.417.0 \n * Google Chrome 6.0.418.0 \n * Google Chrome 6.0.418.1 \n * Google Chrome 6.0.418.2 \n * Google Chrome 6.0.418.3 \n * Google Chrome 6.0.418.4 \n * Google Chrome 6.0.418.5 \n * Google Chrome 6.0.418.6 \n * Google Chrome 6.0.418.7 \n * Google Chrome 6.0.418.8 \n * Google Chrome 6.0.418.9 \n * Google Chrome 6.0.419.0 \n * Google Chrome 6.0.421.0 \n * Google Chrome 6.0.422.0 \n * Google Chrome 6.0.423.0 \n * Google Chrome 6.0.424.0 \n * Google Chrome 6.0.425.0 \n * Google Chrome 6.0.426.0 \n * Google Chrome 6.0.427.0 \n * Google Chrome 6.0.428.0 \n * Google Chrome 6.0.430.0 \n * Google Chrome 6.0.431.0 \n * Google Chrome 6.0.432.0 \n * Google Chrome 6.0.433.0 \n * Google Chrome 6.0.434.0 \n * Google Chrome 6.0.435.0 \n * Google Chrome 6.0.436.0 \n * Google Chrome 6.0.437.0 \n * Google Chrome 6.0.437.1 \n * Google Chrome 6.0.437.2 \n * Google Chrome 6.0.437.3 \n * Google Chrome 6.0.438.0 \n * Google Chrome 6.0.440.0 \n * Google Chrome 6.0.441.0 \n * Google Chrome 6.0.443.0 \n * Google Chrome 6.0.444.0 \n * Google Chrome 6.0.445.0 \n * Google Chrome 6.0.445.1 \n * Google Chrome 6.0.446.0 \n * Google Chrome 6.0.447.0 \n * Google Chrome 6.0.447.1 \n * Google Chrome 6.0.447.2 \n * Google Chrome 6.0.449.0 \n * Google Chrome 6.0.450.0 \n * Google Chrome 6.0.450.1 \n * Google Chrome 6.0.450.2 \n * Google Chrome 6.0.450.3 \n * Google Chrome 6.0.450.4 \n * Google Chrome 6.0.451.0 \n * Google Chrome 6.0.452.0 \n * Google Chrome 6.0.452.1 \n * Google Chrome 6.0.453.0 \n * Google Chrome 6.0.453.1 \n * Google Chrome 6.0.454.0 \n * Google Chrome 6.0.455.0 \n * Google Chrome 6.0.456.0 \n * Google Chrome 6.0.457.0 \n * Google Chrome 6.0.458.0 \n * Google Chrome 6.0.458.1 \n * Google Chrome 6.0.458.2 \n * Google Chrome 6.0.459.0 \n * Google Chrome 6.0.460.0 \n * Google Chrome 6.0.461.0 \n * Google Chrome 6.0.462.0 \n * Google Chrome 6.0.464.1 \n * Google Chrome 6.0.465.1 \n * Google Chrome 6.0.465.2 \n * Google Chrome 6.0.466.0 \n * Google Chrome 6.0.466.1 \n * Google Chrome 6.0.466.2 \n * Google Chrome 6.0.466.3 \n * Google Chrome 6.0.466.4 \n * Google Chrome 6.0.466.5 \n * Google Chrome 6.0.466.6 \n * Google Chrome 6.0.467.0 \n * Google Chrome 6.0.469.0 \n * Google Chrome 6.0.470.0 \n * Google Chrome 6.0.471.0 \n * Google Chrome 6.0.472.0 \n * Google Chrome 6.0.472.1 \n * Google Chrome 6.0.472.10 \n * Google Chrome 6.0.472.11 \n * Google Chrome 6.0.472.12 \n * Google Chrome 6.0.472.13 \n * Google Chrome 6.0.472.14 \n * Google Chrome 6.0.472.15 \n * Google Chrome 6.0.472.16 \n * Google Chrome 6.0.472.17 \n * Google Chrome 6.0.472.18 \n * Google Chrome 6.0.472.19 \n * Google Chrome 6.0.472.2 \n * Google Chrome 6.0.472.20 \n * Google Chrome 6.0.472.21 \n * Google Chrome 6.0.472.22 \n * Google Chrome 6.0.472.23 \n * Google Chrome 6.0.472.24 \n * Google Chrome 6.0.472.25 \n * Google Chrome 6.0.472.26 \n * Google Chrome 6.0.472.27 \n * Google Chrome 6.0.472.28 \n * Google Chrome 6.0.472.29 \n * Google Chrome 6.0.472.3 \n * Google Chrome 6.0.472.30 \n * Google Chrome 6.0.472.31 \n * Google Chrome 6.0.472.32 \n * Google Chrome 6.0.472.33 \n * Google Chrome 6.0.472.34 \n * Google Chrome 6.0.472.35 \n * Google Chrome 6.0.472.36 \n * Google Chrome 6.0.472.37 \n * Google Chrome 6.0.472.38 \n * Google Chrome 6.0.472.39 \n * Google Chrome 6.0.472.4 \n * Google Chrome 6.0.472.40 \n * Google Chrome 6.0.472.41 \n * Google Chrome 6.0.472.42 \n * Google Chrome 6.0.472.43 \n * Google Chrome 6.0.472.44 \n * Google Chrome 6.0.472.45 \n * Google Chrome 6.0.472.46 \n * Google Chrome 6.0.472.47 \n * Google Chrome 6.0.472.48 \n * Google Chrome 6.0.472.49 \n * Google Chrome 6.0.472.5 \n * Google Chrome 6.0.472.50 \n * Google Chrome 6.0.472.51 \n * Google Chrome 6.0.472.52 \n * Google Chrome 6.0.472.53 \n * Google Chrome 6.0.472.54 \n * Google Chrome 6.0.472.55 \n * Google Chrome 6.0.472.56 \n * Google Chrome 6.0.472.57 \n * Google Chrome 6.0.472.58 \n * Google Chrome 6.0.472.59 \n * Google Chrome 6.0.472.6 \n * Google Chrome 6.0.472.60 \n * Google Chrome 6.0.472.61 \n * Google Chrome 6.0.472.62 \n * Google Chrome 6.0.472.63 \n * Google Chrome 6.0.472.7 \n * Google Chrome 6.0.472.8 \n * Google Chrome 6.0.472.9 \n * Google Chrome 6.0.473.0 \n * Google Chrome 6.0.474.0 \n * Google Chrome 6.0.475.0 \n * Google Chrome 6.0.476.0 \n * Google Chrome 6.0.477.0 \n * Google Chrome 6.0.478.0 \n * Google Chrome 6.0.479.0 \n * Google Chrome 6.0.480.0 \n * Google Chrome 6.0.481.0 \n * Google Chrome 6.0.482.0 \n * Google Chrome 6.0.483.0 \n * Google Chrome 6.0.484.0 \n * Google Chrome 6.0.485.0 \n * Google Chrome 6.0.486.0 \n * Google Chrome 6.0.487.0 \n * Google Chrome 6.0.488.0 \n * Google Chrome 6.0.489.0 \n * Google Chrome 6.0.490.0 \n * Google Chrome 6.0.490.1 \n * Google Chrome 6.0.491.0 \n * Google Chrome 6.0.492.0 \n * Google Chrome 6.0.493.0 \n * Google Chrome 6.0.494.0 \n * Google Chrome 6.0.495.0 \n * Google Chrome 6.0.495.1 \n * Google Chrome 6.0.496.0 \n * Google Chrome 60.0.3080.5 \n * Google Chrome 60.0.3112.78 \n * Google Chrome 60.0.3112.80 \n * Google Chrome 61.0.3163.100 \n * Google Chrome 61.0.3163.79 \n * Google Chrome 62.0.3202.62 \n * Google Chrome 62.0.3202.75 \n * Google Chrome 62.0.3202.89 \n * Google Chrome 7.0.497.0 \n * Google Chrome 7.0.498.0 \n * Google Chrome 7.0.499.0 \n * Google Chrome 7.0.499.1 \n * Google Chrome 7.0.500.0 \n * Google Chrome 7.0.500.1 \n * Google Chrome 7.0.503.0 \n * Google Chrome 7.0.503.1 \n * Google Chrome 7.0.504.0 \n * Google Chrome 7.0.505.0 \n * Google Chrome 7.0.506.0 \n * Google Chrome 7.0.507.0 \n * Google Chrome 7.0.507.1 \n * Google Chrome 7.0.507.2 \n * Google Chrome 7.0.507.3 \n * Google Chrome 7.0.509.0 \n * Google Chrome 7.0.510.0 \n * Google Chrome 7.0.511.1 \n * Google Chrome 7.0.511.2 \n * Google Chrome 7.0.511.4 \n * Google Chrome 7.0.512.0 \n * Google Chrome 7.0.513.0 \n * Google Chrome 7.0.514.0 \n * Google Chrome 7.0.514.1 \n * Google Chrome 7.0.515.0 \n * Google Chrome 7.0.516.0 \n * Google Chrome 7.0.517.0 \n * Google Chrome 7.0.517.10 \n * Google Chrome 7.0.517.11 \n * Google Chrome 7.0.517.12 \n * Google Chrome 7.0.517.13 \n * Google Chrome 7.0.517.14 \n * Google Chrome 7.0.517.16 \n * Google Chrome 7.0.517.17 \n * Google Chrome 7.0.517.18 \n * Google Chrome 7.0.517.19 \n * Google Chrome 7.0.517.2 \n * Google Chrome 7.0.517.20 \n * Google Chrome 7.0.517.21 \n * Google Chrome 7.0.517.22 \n * Google Chrome 7.0.517.23 \n * Google Chrome 7.0.517.24 \n * Google Chrome 7.0.517.25 \n * Google Chrome 7.0.517.26 \n * Google Chrome 7.0.517.27 \n * Google Chrome 7.0.517.28 \n * Google Chrome 7.0.517.29 \n * Google Chrome 7.0.517.30 \n * Google Chrome 7.0.517.31 \n * Google Chrome 7.0.517.32 \n * Google Chrome 7.0.517.33 \n * Google Chrome 7.0.517.34 \n * Google Chrome 7.0.517.35 \n * Google Chrome 7.0.517.36 \n * Google Chrome 7.0.517.37 \n * Google Chrome 7.0.517.38 \n * Google Chrome 7.0.517.39 \n * Google Chrome 7.0.517.4 \n * Google Chrome 7.0.517.40 \n * Google Chrome 7.0.517.41 \n * Google Chrome 7.0.517.42 \n * Google Chrome 7.0.517.43 \n * Google Chrome 7.0.517.44 \n * Google Chrome 7.0.517.5 \n * Google Chrome 7.0.517.6 \n * Google Chrome 7.0.517.7 \n * Google Chrome 7.0.517.8 \n * Google Chrome 7.0.517.9 \n * Google Chrome 7.0.518.0 \n * Google Chrome 7.0.519.0 \n * Google Chrome 7.0.520.0 \n * Google Chrome 7.0.521.0 \n * Google Chrome 7.0.522.0 \n * Google Chrome 7.0.524.0 \n * Google Chrome 7.0.525.0 \n * Google Chrome 7.0.526.0 \n * Google Chrome 7.0.528.0 \n * Google Chrome 7.0.529.0 \n * Google Chrome 7.0.529.1 \n * Google Chrome 7.0.529.2 \n * Google Chrome 7.0.530.0 \n * Google Chrome 7.0.531.0 \n * Google Chrome 7.0.531.1 \n * Google Chrome 7.0.531.2 \n * Google Chrome 7.0.535.1 \n * Google Chrome 7.0.535.2 \n * Google Chrome 7.0.536.0 \n * Google Chrome 7.0.536.1 \n * Google Chrome 7.0.536.2 \n * Google Chrome 7.0.536.3 \n * Google Chrome 7.0.536.4 \n * Google Chrome 7.0.537.0 \n * Google Chrome 7.0.538.0 \n * Google Chrome 7.0.539.0 \n * Google Chrome 7.0.540.0 \n * Google Chrome 7.0.541.0 \n * Google Chrome 7.0.542.0 \n * Google Chrome 7.0.544.0 \n * Google Chrome 7.0.547.0 \n * Google Chrome 7.0.547.1 \n * Google Chrome 7.0.548.0 \n * Google Chrome 8.0.549.0 \n * Google Chrome 8.0.550.0 \n * Google Chrome 8.0.551.0 \n * Google Chrome 8.0.551.1 \n * Google Chrome 8.0.552.0 \n * Google Chrome 8.0.552.1 \n * Google Chrome 8.0.552.10 \n * Google Chrome 8.0.552.100 \n * Google Chrome 8.0.552.101 \n * Google Chrome 8.0.552.102 \n * Google Chrome 8.0.552.103 \n * Google Chrome 8.0.552.104 \n * Google Chrome 8.0.552.105 \n * Google Chrome 8.0.552.11 \n * Google Chrome 8.0.552.12 \n * Google Chrome 8.0.552.13 \n * Google Chrome 8.0.552.14 \n * Google Chrome 8.0.552.15 \n * Google Chrome 8.0.552.16 \n * Google Chrome 8.0.552.17 \n * Google Chrome 8.0.552.18 \n * Google Chrome 8.0.552.19 \n * Google Chrome 8.0.552.2 \n * Google Chrome 8.0.552.20 \n * Google Chrome 8.0.552.200 \n * Google Chrome 8.0.552.201 \n * Google Chrome 8.0.552.202 \n * Google Chrome 8.0.552.203 \n * Google Chrome 8.0.552.204 \n * Google Chrome 8.0.552.205 \n * Google Chrome 8.0.552.206 \n * Google Chrome 8.0.552.207 \n * Google Chrome 8.0.552.208 \n * Google Chrome 8.0.552.209 \n * Google Chrome 8.0.552.21 \n * Google Chrome 8.0.552.210 \n * Google Chrome 8.0.552.211 \n * Google Chrome 8.0.552.212 \n * Google Chrome 8.0.552.213 \n * Google Chrome 8.0.552.214 \n * Google Chrome 8.0.552.215 \n * Google Chrome 8.0.552.216 \n * Google Chrome 8.0.552.217 \n * Google Chrome 8.0.552.218 \n * Google Chrome 8.0.552.219 \n * Google Chrome 8.0.552.220 \n * Google Chrome 8.0.552.221 \n * Google Chrome 8.0.552.222 \n * Google Chrome 8.0.552.223 \n * Google Chrome 8.0.552.224 \n * Google Chrome 8.0.552.225 \n * Google Chrome 8.0.552.226 \n * Google Chrome 8.0.552.227 \n * Google Chrome 8.0.552.228 \n * Google Chrome 8.0.552.229 \n * Google Chrome 8.0.552.23 \n * Google Chrome 8.0.552.230 \n * Google Chrome 8.0.552.231 \n * Google Chrome 8.0.552.232 \n * Google Chrome 8.0.552.233 \n * Google Chrome 8.0.552.234 \n * Google Chrome 8.0.552.235 \n * Google Chrome 8.0.552.237 \n * Google Chrome 8.0.552.24 \n * Google Chrome 8.0.552.25 \n * Google Chrome 8.0.552.26 \n * Google Chrome 8.0.552.27 \n * Google Chrome 8.0.552.28 \n * Google Chrome 8.0.552.29 \n * Google Chrome 8.0.552.300 \n * Google Chrome 8.0.552.301 \n * Google Chrome 8.0.552.302 \n * Google Chrome 8.0.552.303 \n * Google Chrome 8.0.552.304 \n * Google Chrome 8.0.552.305 \n * Google Chrome 8.0.552.306 \n * Google Chrome 8.0.552.307 \n * Google Chrome 8.0.552.308 \n * Google Chrome 8.0.552.309 \n * Google Chrome 8.0.552.310 \n * Google Chrome 8.0.552.311 \n * Google Chrome 8.0.552.312 \n * Google Chrome 8.0.552.313 \n * Google Chrome 8.0.552.315 \n * Google Chrome 8.0.552.316 \n * Google Chrome 8.0.552.317 \n * Google Chrome 8.0.552.318 \n * Google Chrome 8.0.552.319 \n * Google Chrome 8.0.552.320 \n * Google Chrome 8.0.552.321 \n * Google Chrome 8.0.552.322 \n * Google Chrome 8.0.552.323 \n * Google Chrome 8.0.552.324 \n * Google Chrome 8.0.552.325 \n * Google Chrome 8.0.552.326 \n * Google Chrome 8.0.552.327 \n * Google Chrome 8.0.552.328 \n * Google Chrome 8.0.552.329 \n * Google Chrome 8.0.552.330 \n * Google Chrome 8.0.552.331 \n * Google Chrome 8.0.552.332 \n * Google Chrome 8.0.552.333 \n * Google Chrome 8.0.552.334 \n * Google Chrome 8.0.552.335 \n * Google Chrome 8.0.552.336 \n * Google Chrome 8.0.552.337 \n * Google Chrome 8.0.552.338 \n * Google Chrome 8.0.552.339 \n * Google Chrome 8.0.552.340 \n * Google Chrome 8.0.552.341 \n * Google Chrome 8.0.552.342 \n * Google Chrome 8.0.552.343 \n * Google Chrome 8.0.552.344 \n * Google Chrome 8.0.552.35 \n * Google Chrome 8.0.552.4 \n * Google Chrome 8.0.552.40 \n * Google Chrome 8.0.552.41 \n * Google Chrome 8.0.552.42 \n * Google Chrome 8.0.552.43 \n * Google Chrome 8.0.552.44 \n * Google Chrome 8.0.552.45 \n * Google Chrome 8.0.552.47 \n * Google Chrome 8.0.552.48 \n * Google Chrome 8.0.552.49 \n * Google Chrome 8.0.552.5 \n * Google Chrome 8.0.552.50 \n * Google Chrome 8.0.552.51 \n * Google Chrome 8.0.552.52 \n * Google Chrome 8.0.552.6 \n * Google Chrome 8.0.552.7 \n * Google Chrome 8.0.552.8 \n * Google Chrome 8.0.552.9 \n * Google Chrome 8.0.553.0 \n * Google Chrome 8.0.554.0 \n * Google Chrome 8.0.556.0 \n * Google Chrome 8.0.557.0 \n * Google Chrome 8.0.558.0 \n * Google Chrome 8.0.559.0 \n * Google Chrome 8.0.560.0 \n * Google Chrome 8.0.561.0 \n * Google Chrome 9 \n * Google Chrome 9.0.562.0 \n * Google Chrome 9.0.563.0 \n * Google Chrome 9.0.564.0 \n * Google Chrome 9.0.565.0 \n * Google Chrome 9.0.566.0 \n * Google Chrome 9.0.567.0 \n * Google Chrome 9.0.568.0 \n * Google Chrome 9.0.569.0 \n * Google Chrome 9.0.570.0 \n * Google Chrome 9.0.570.1 \n * Google Chrome 9.0.571.0 \n * Google Chrome 9.0.572.0 \n * Google Chrome 9.0.572.1 \n * Google Chrome 9.0.573.0 \n * Google Chrome 9.0.574.0 \n * Google Chrome 9.0.575.0 \n * Google Chrome 9.0.576.0 \n * Google Chrome 9.0.577.0 \n * Google Chrome 9.0.578.0 \n * Google Chrome 9.0.579.0 \n * Google Chrome 9.0.580.0 \n * Google Chrome 9.0.581.0 \n * Google Chrome 9.0.582.0 \n * Google Chrome 9.0.583.0 \n * Google Chrome 9.0.584.0 \n * Google Chrome 9.0.585.0 \n * Google Chrome 9.0.586.0 \n * Google Chrome 9.0.587.0 \n * Google Chrome 9.0.587.1 \n * Google Chrome 9.0.588.0 \n * Google Chrome 9.0.589.0 \n * Google Chrome 9.0.590.0 \n * Google Chrome 9.0.591.0 \n * Google Chrome 9.0.592.0 \n * Google Chrome 9.0.593.0 \n * Google Chrome 9.0.594.0 \n * Google Chrome 9.0.595.0 \n * Google Chrome 9.0.596.0 \n * Google Chrome 9.0.597.0 \n * Google Chrome 9.0.597.1 \n * Google Chrome 9.0.597.10 \n * Google Chrome 9.0.597.100 \n * Google Chrome 9.0.597.101 \n * Google Chrome 9.0.597.102 \n * Google Chrome 9.0.597.106 \n * Google Chrome 9.0.597.107 \n * Google Chrome 9.0.597.11 \n * Google Chrome 9.0.597.12 \n * Google Chrome 9.0.597.14 \n * Google Chrome 9.0.597.15 \n * Google Chrome 9.0.597.16 \n * Google Chrome 9.0.597.17 \n * Google Chrome 9.0.597.18 \n * Google Chrome 9.0.597.19 \n * Google Chrome 9.0.597.2 \n * Google Chrome 9.0.597.20 \n * Google Chrome 9.0.597.21 \n * Google Chrome 9.0.597.22 \n * Google Chrome 9.0.597.23 \n * Google Chrome 9.0.597.24 \n * Google Chrome 9.0.597.25 \n * Google Chrome 9.0.597.26 \n * Google Chrome 9.0.597.27 \n * Google Chrome 9.0.597.28 \n * Google Chrome 9.0.597.29 \n * Google Chrome 9.0.597.30 \n * Google Chrome 9.0.597.31 \n * Google Chrome 9.0.597.32 \n * Google Chrome 9.0.597.33 \n * Google Chrome 9.0.597.34 \n * Google Chrome 9.0.597.35 \n * Google Chrome 9.0.597.36 \n * Google Chrome 9.0.597.37 \n * Google Chrome 9.0.597.38 \n * Google Chrome 9.0.597.39 \n * Google Chrome 9.0.597.4 \n * Google Chrome 9.0.597.40 \n * Google Chrome 9.0.597.41 \n * Google Chrome 9.0.597.42 \n * Google Chrome 9.0.597.44 \n * Google Chrome 9.0.597.45 \n * Google Chrome 9.0.597.46 \n * Google Chrome 9.0.597.47 \n * Google Chrome 9.0.597.5 \n * Google Chrome 9.0.597.54 \n * Google Chrome 9.0.597.55 \n * Google Chrome 9.0.597.56 \n * Google Chrome 9.0.597.57 \n * Google Chrome 9.0.597.58 \n * Google Chrome 9.0.597.59 \n * Google Chrome 9.0.597.60 \n * Google Chrome 9.0.597.62 \n * Google Chrome 9.0.597.63 \n * Google Chrome 9.0.597.64 \n * Google Chrome 9.0.597.65 \n * Google Chrome 9.0.597.66 \n * Google Chrome 9.0.597.67 \n * Google Chrome 9.0.597.68 \n * Google Chrome 9.0.597.69 \n * Google Chrome 9.0.597.7 \n * Google Chrome 9.0.597.70 \n * Google Chrome 9.0.597.71 \n * Google Chrome 9.0.597.72 \n * Google Chrome 9.0.597.73 \n * Google Chrome 9.0.597.74 \n * Google Chrome 9.0.597.75 \n * Google Chrome 9.0.597.76 \n * Google Chrome 9.0.597.77 \n * Google Chrome 9.0.597.78 \n * Google Chrome 9.0.597.79 \n * Google Chrome 9.0.597.8 \n * Google Chrome 9.0.597.80 \n * Google Chrome 9.0.597.81 \n * Google Chrome 9.0.597.82 \n * Google Chrome 9.0.597.83 \n * Google Chrome 9.0.597.84 \n * Google Chrome 9.0.597.85 \n * Google Chrome 9.0.597.86 \n * Google Chrome 9.0.597.88 \n * Google Chrome 9.0.597.9 \n * Google Chrome 9.0.597.90 \n * Google Chrome 9.0.597.92 \n * Google Chrome 9.0.597.94 \n * Google Chrome 9.0.597.96 \n * Google Chrome 9.0.597.97 \n * Google Chrome 9.0.597.98 \n * Google Chrome 9.0.597.99 \n * Google Chrome 9.0.598.0 \n * Google Chrome 9.0.599.0 \n * Google Chrome 9.0.600.0 \n * Google Chrome OS 0.10.140.0 \n * Google Chrome OS 0.9.110.6 \n * Google Chrome OS 0.9.126.0 \n * Google Chrome OS 0.9.128.3 \n * Google Chrome OS 0.9.130.14 Beta \n * Google Chrome OS 0.9.131.0 \n * Google Chrome OS 0.9.134.14 \n * Google Chrome OS 20.0.1132.0 \n * Google Chrome OS 20.0.1132.1 \n * Google Chrome OS 20.0.1132.10 \n * Google Chrome OS 20.0.1132.11 \n * Google Chrome OS 20.0.1132.12 \n * Google Chrome OS 20.0.1132.13 \n * Google Chrome OS 20.0.1132.14 \n * Google Chrome OS 20.0.1132.15 \n * Google Chrome OS 20.0.1132.16 \n * Google Chrome OS 20.0.1132.17 \n * Google Chrome OS 20.0.1132.18 \n * Google Chrome OS 20.0.1132.19 \n * Google Chrome OS 20.0.1132.2 \n * Google Chrome OS 20.0.1132.20 \n * Google Chrome OS 20.0.1132.21 \n * Google Chrome OS 20.0.1132.3 \n * Google Chrome OS 20.0.1132.4 \n * Google Chrome OS 20.0.1132.5 \n * Google Chrome OS 20.0.1132.6 \n * Google Chrome OS 20.0.1132.7 \n * Google Chrome OS 20.0.1132.8 \n * Google Chrome OS 20.0.1132.9 \n * Google Chrome OS 21.0.1180.0 \n * Google Chrome OS 21.0.1180.1 \n * Google Chrome OS 21.0.1180.10 \n * Google Chrome OS 21.0.1180.11 \n * Google Chrome OS 21.0.1180.13 \n * Google Chrome OS 21.0.1180.14 \n * Google Chrome OS 21.0.1180.15 \n * Google Chrome OS 21.0.1180.17 \n * Google Chrome OS 21.0.1180.18 \n * Google Chrome OS 21.0.1180.2 \n * Google Chrome OS 21.0.1180.3 \n * Google Chrome OS 21.0.1180.31 \n * Google Chrome OS 21.0.1180.32 \n * Google Chrome OS 21.0.1180.33 \n * Google Chrome OS 21.0.1180.34 \n * Google Chrome OS 21.0.1180.35 \n * Google Chrome OS 21.0.1180.36 \n * Google Chrome OS 21.0.1180.37 \n * Google Chrome OS 21.0.1180.38 \n * Google Chrome OS 21.0.1180.39 \n * Google Chrome OS 21.0.1180.4 \n * Google Chrome OS 21.0.1180.41 \n * Google Chrome OS 21.0.1180.46 \n * Google Chrome OS 21.0.1180.47 \n * Google Chrome OS 21.0.1180.48 \n * Google Chrome OS 21.0.1180.49 \n * Google Chrome OS 21.0.1180.5 \n * Google Chrome OS 21.0.1180.50 \n * Google Chrome OS 21.0.1180.51 \n * Google Chrome OS 21.0.1180.52 \n * Google Chrome OS 21.0.1180.53 \n * Google Chrome OS 21.0.1180.54 \n * Google Chrome OS 21.0.1180.55 \n * Google Chrome OS 21.0.1180.56 \n * Google Chrome OS 21.0.1180.57 \n * Google Chrome OS 21.0.1180.6 \n * Google Chrome OS 21.0.1180.7 \n * Google Chrome OS 21.0.1180.79 \n * Google Chrome OS 21.0.1180.8 \n * Google Chrome OS 21.0.1180.81 \n * Google Chrome OS 21.0.1180.9 \n * Google Chrome OS 21.0.1183.0 \n * Google Chrome OS 23.0.1271.94 \n * Google Chrome OS 25.0.1364.0 \n * Google Chrome OS 25.0.1364.1 \n * Google Chrome OS 25.0.1364.10 \n * Google Chrome OS 25.0.1364.108 \n * Google Chrome OS 25.0.1364.11 \n * Google Chrome OS 25.0.1364.110 \n * Google Chrome OS 25.0.1364.112 \n * Google Chrome OS 25.0.1364.113 \n * Google Chrome OS 25.0.1364.114 \n * Google Chrome OS 25.0.1364.115 \n * Google Chrome OS 25.0.1364.116 \n * Google Chrome OS 25.0.1364.117 \n * Google Chrome OS 25.0.1364.118 \n * Google Chrome OS 25.0.1364.119 \n * Google Chrome OS 25.0.1364.12 \n * Google Chrome OS 25.0.1364.120 \n * Google Chrome OS 25.0.1364.121 \n * Google Chrome OS 25.0.1364.122 \n * Google Chrome OS 25.0.1364.123 \n * Google Chrome OS 25.0.1364.124 \n * Google Chrome OS 25.0.1364.125 \n * Google Chrome OS 25.0.1364.126 \n * Google Chrome OS 25.0.1364.13 \n * Google Chrome OS 25.0.1364.14 \n * Google Chrome OS 25.0.1364.15 \n * Google Chrome OS 25.0.1364.152 \n * Google Chrome OS 25.0.1364.154 \n * Google Chrome OS 25.0.1364.155 \n * Google Chrome OS 25.0.1364.156 \n * Google Chrome OS 25.0.1364.159 \n * Google Chrome OS 25.0.1364.16 \n * Google Chrome OS 25.0.1364.160 \n * Google Chrome OS 25.0.1364.161 \n * Google Chrome OS 25.0.1364.168 \n * Google Chrome OS 25.0.1364.169 \n * Google Chrome OS 25.0.1364.17 \n * Google Chrome OS 25.0.1364.170 \n * Google Chrome OS 25.0.1364.171 \n * Google Chrome OS 25.0.1364.172 \n * Google Chrome OS 25.0.1364.173 \n * Google Chrome OS 25.0.1364.18 \n * Google Chrome OS 25.0.1364.19 \n * Google Chrome OS 25.0.1364.2 \n * Google Chrome OS 25.0.1364.20 \n * Google Chrome OS 25.0.1364.21 \n * Google Chrome OS 25.0.1364.22 \n * Google Chrome OS 25.0.1364.23 \n * Google Chrome OS 25.0.1364.24 \n * Google Chrome OS 25.0.1364.25 \n * Google Chrome OS 25.0.1364.26 \n * Google Chrome OS 25.0.1364.27 \n * Google Chrome OS 25.0.1364.28 \n * Google Chrome OS 25.0.1364.29 \n * Google Chrome OS 25.0.1364.3 \n * Google Chrome OS 25.0.1364.30 \n * Google Chrome OS 25.0.1364.31 \n * Google Chrome OS 25.0.1364.32 \n * Google Chrome OS 25.0.1364.33 \n * Google Chrome OS 25.0.1364.34 \n * Google Chrome OS 25.0.1364.35 \n * Google Chrome OS 25.0.1364.36 \n * Google Chrome OS 25.0.1364.37 \n * Google Chrome OS 25.0.1364.38 \n * Google Chrome OS 25.0.1364.39 \n * Google Chrome OS 25.0.1364.40 \n * Google Chrome OS 25.0.1364.41 \n * Google Chrome OS 25.0.1364.42 \n * Google Chrome OS 25.0.1364.43 \n * Google Chrome OS 25.0.1364.44 \n * Google Chrome OS 25.0.1364.45 \n * Google Chrome OS 25.0.1364.46 \n * Google Chrome OS 25.0.1364.47 \n * Google Chrome OS 25.0.1364.48 \n * Google Chrome OS 25.0.1364.49 \n * Google Chrome OS 25.0.1364.5 \n * Google Chrome OS 25.0.1364.50 \n * Google Chrome OS 25.0.1364.51 \n * Google Chrome OS 25.0.1364.52 \n * Google Chrome OS 25.0.1364.53 \n * Google Chrome OS 25.0.1364.54 \n * Google Chrome OS 25.0.1364.55 \n * Google Chrome OS 25.0.1364.56 \n * Google Chrome OS 25.0.1364.57 \n * Google Chrome OS 25.0.1364.58 \n * Google Chrome OS 25.0.1364.61 \n * Google Chrome OS 25.0.1364.62 \n * Google Chrome OS 25.0.1364.63 \n * Google Chrome OS 25.0.1364.65 \n * Google Chrome OS 25.0.1364.66 \n * Google Chrome OS 25.0.1364.67 \n * Google Chrome OS 25.0.1364.68 \n * Google Chrome OS 25.0.1364.7 \n * Google Chrome OS 25.0.1364.70 \n * Google Chrome OS 25.0.1364.72 \n * Google Chrome OS 25.0.1364.73 \n * Google Chrome OS 25.0.1364.74 \n * Google Chrome OS 25.0.1364.75 \n * Google Chrome OS 25.0.1364.76 \n * Google Chrome OS 25.0.1364.77 \n * Google Chrome OS 25.0.1364.78 \n * Google Chrome OS 25.0.1364.79 \n * Google Chrome OS 25.0.1364.8 \n * Google Chrome OS 25.0.1364.80 \n * Google Chrome OS 25.0.1364.81 \n * Google Chrome OS 25.0.1364.82 \n * Google Chrome OS 25.0.1364.84 \n * Google Chrome OS 25.0.1364.85 \n * Google Chrome OS 25.0.1364.86 \n * Google Chrome OS 25.0.1364.87 \n * Google Chrome OS 25.0.1364.88 \n * Google Chrome OS 25.0.1364.89 \n * Google Chrome OS 25.0.1364.9 \n * Google Chrome OS 25.0.1364.90 \n * Google Chrome OS 25.0.1364.91 \n * Google Chrome OS 25.0.1364.92 \n * Google Chrome OS 25.0.1364.93 \n * Google Chrome OS 25.0.1364.95 \n * Google Chrome OS 25.0.1364.98 \n * Google Chrome OS 25.0.1364.99 \n * Google Chrome OS 26.0.1410.0 \n * Google Chrome OS 26.0.1410.1 \n * Google Chrome OS 26.0.1410.10 \n * Google Chrome OS 26.0.1410.11 \n * Google Chrome OS 26.0.1410.12 \n * Google Chrome OS 26.0.1410.14 \n * Google Chrome OS 26.0.1410.15 \n * Google Chrome OS 26.0.1410.16 \n * Google Chrome OS 26.0.1410.17 \n * Google Chrome OS 26.0.1410.18 \n * Google Chrome OS 26.0.1410.19 \n * Google Chrome OS 26.0.1410.20 \n * Google Chrome OS 26.0.1410.21 \n * Google Chrome OS 26.0.1410.22 \n * Google Chrome OS 26.0.1410.23 \n * Google Chrome OS 26.0.1410.24 \n * Google Chrome OS 26.0.1410.25 \n * Google Chrome OS 26.0.1410.26 \n * Google Chrome OS 26.0.1410.27 \n * Google Chrome OS 26.0.1410.28 \n * Google Chrome OS 26.0.1410.29 \n * Google Chrome OS 26.0.1410.3 \n * Google Chrome OS 26.0.1410.30 \n * Google Chrome OS 26.0.1410.31 \n * Google Chrome OS 26.0.1410.32 \n * Google Chrome OS 26.0.1410.33 \n * Google Chrome OS 26.0.1410.34 \n * Google Chrome OS 26.0.1410.35 \n * Google Chrome OS 26.0.1410.36 \n * Google Chrome OS 26.0.1410.37 \n * Google Chrome OS 26.0.1410.38 \n * Google Chrome OS 26.0.1410.39 \n * Google Chrome OS 26.0.1410.4 \n * Google Chrome OS 26.0.1410.40 \n * Google Chrome OS 26.0.1410.41 \n * Google Chrome OS 26.0.1410.42 \n * Google Chrome OS 26.0.1410.43 \n * Google Chrome OS 26.0.1410.44 \n * Google Chrome OS 26.0.1410.45 \n * Google Chrome OS 26.0.1410.46 \n * Google Chrome OS 26.0.1410.47 \n * Google Chrome OS 26.0.1410.48 \n * Google Chrome OS 26.0.1410.49 \n * Google Chrome OS 26.0.1410.5 \n * Google Chrome OS 26.0.1410.50 \n * Google Chrome OS 26.0.1410.51 \n * Google Chrome OS 26.0.1410.52 \n * Google Chrome OS 26.0.1410.54 \n * Google Chrome OS 26.0.1410.55 \n * Google Chrome OS 26.0.1410.56 \n * Google Chrome OS 26.0.1410.57 \n * Google Chrome OS 26.0.1410.6 \n * Google Chrome OS 26.0.1410.7 \n * Google Chrome OS 26.0.1410.8 \n * Google Chrome OS 26.0.1410.9 \n * Google Chrome OS 28.0.1500.71 \n * Google Chrome OS 28.0.1500.95 \n * Google Chrome OS 32.0.1700.95 \n * Google Chrome OS 33.0.1750.152 \n * Google Chrome OS 35.0.1916.155 \n * Google Chrome OS 37.0.2062.119 \n * Google Chrome OS 40.0.2214.114 \n * Google Chrome OS 48.0.2564.116 \n * Google Chrome OS 48.0.2564.92 \n * Google Chrome OS 52.0.2743.85 \n * Google Chrome OS 53.0.2785.103 \n * Google Chrome OS 53.0.2785.144 \n * Google Chrome OS 54.0.2840.79 \n * Google Chrome OS 57.0.2987.137 \n * Google Chrome OS 58.0.3029.89 \n * Google Chrome OS 59.0.3071.91 \n * Google Chrome OS 59.0.3071.92 \n * Google Chrome OS 60.0.3112.114 \n * Google Chrome OS 61.0.3163.113 \n * Google Chrome OS 62.0.3202.97 \n * Google Chrome OS 8.0.552.342 \n * Google Chrome OS 8.0.552.343 \n * Google Chrome OS 8.0.552.344 \n * Google Nexus 5X \n * Google Nexus 6P \n * Google Pixel 2 XL \n * Google Pixel C \n * Google Pixel XL \n * Google V8 \n * HP ProLiant DL385 Gen10 Server 1.02 \n * IBM AIX 5.3 \n * IBM AIX 6.1 \n * IBM AIX 7.1 \n * IBM Aix 7.2 \n * IBM Vios 2.2.0 \n * Intel Xeon CPU E5-1650 v3 \n * Linux kernel 4.14.11 \n * Linux kernel 4.9.74 \n * Microsoft Edge \n * Microsoft Internet Explorer 11 \n * Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2008 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2014 for 32-bit Systems Service Pack 2 \n * Microsoft SQL Server 2014 for x64-based Systems Service Pack 2 \n * Microsoft SQL Server 2016 for x64-based Systems \n * Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 \n * Microsoft SQL Server 2017 for x64-based Systems \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Mozilla Firefox 0.1 \n * Mozilla Firefox 0.10.0 \n * Mozilla Firefox 0.10.1 \n * Mozilla Firefox 0.2 \n * Mozilla Firefox 0.3 \n * Mozilla Firefox 0.4 \n * Mozilla Firefox 0.5 \n * Mozilla Firefox 0.6 \n * Mozilla Firefox 0.6.1 \n * Mozilla Firefox 0.7 \n * Mozilla Firefox 0.7.1 \n * Mozilla Firefox 0.8.0 \n * Mozilla Firefox 0.9.0 \n * Mozilla Firefox 0.9.1 \n * Mozilla Firefox 0.9.2 \n * Mozilla Firefox 0.9.3 \n * Mozilla Firefox 1.0.0 \n * Mozilla Firefox 1.0.1 \n * Mozilla Firefox 1.0.2 \n * Mozilla Firefox 1.0.3 \n * Mozilla Firefox 1.0.4 \n * Mozilla Firefox 1.0.5 \n * Mozilla Firefox 1.0.6 \n * Mozilla Firefox 1.0.7 \n * Mozilla Firefox 1.0.8 \n * Mozilla Firefox 1.4.1 \n * Mozilla Firefox 1.5.0 12 \n * Mozilla Firefox 1.5.0 \n * Mozilla Firefox 1.5.0.1 \n * Mozilla Firefox 1.5.0.10 \n * Mozilla Firefox 1.5.0.11 \n * Mozilla Firefox 1.5.0.2 \n * Mozilla Firefox 1.5.0.3 \n * Mozilla Firefox 1.5.0.4 \n * Mozilla Firefox 1.5.0.5 \n * Mozilla Firefox 1.5.0.6 \n * Mozilla Firefox 1.5.0.7 \n * Mozilla Firefox 1.5.0.8 \n * Mozilla Firefox 1.5.0.9 \n * Mozilla Firefox 1.5.1 \n * Mozilla Firefox 1.5.2 \n * Mozilla Firefox 1.5.3 \n * Mozilla Firefox 1.5.4 \n * Mozilla Firefox 1.5.5 \n * Mozilla Firefox 1.5.6 \n * Mozilla Firefox 1.5.7 \n * Mozilla Firefox 1.5.8 \n * Mozilla Firefox 1.8 \n * Mozilla Firefox 10 \n * Mozilla Firefox 10.0 \n * Mozilla Firefox 10.0.1 \n * Mozilla Firefox 10.0.10 \n * Mozilla Firefox 10.0.11 \n * Mozilla Firefox 10.0.12 \n * Mozilla Firefox 10.0.2 \n * Mozilla Firefox 10.0.3 \n * Mozilla Firefox 10.0.4 \n * Mozilla Firefox 10.0.5 \n * Mozilla Firefox 10.0.6 \n * Mozilla Firefox 10.0.7 \n * Mozilla Firefox 10.0.8 \n * Mozilla Firefox 10.0.9 \n * Mozilla Firefox 11.0 \n * Mozilla Firefox 12.0 \n * Mozilla Firefox 13.0 \n * Mozilla Firefox 13.0.1 \n * Mozilla Firefox 14 \n * Mozilla Firefox 14.0 \n * Mozilla Firefox 14.0.1 \n * Mozilla Firefox 14.01 \n * Mozilla Firefox 15 \n * Mozilla Firefox 15.0 \n * Mozilla Firefox 15.0.1 \n * Mozilla Firefox 16 \n * Mozilla Firefox 16.0 \n * Mozilla Firefox 16.0.1 \n * Mozilla Firefox 16.0.2 \n * Mozilla Firefox 17.0 \n * Mozilla Firefox 17.0.1 \n * Mozilla Firefox 17.0.10 \n * Mozilla Firefox 17.0.11 \n * Mozilla Firefox 17.0.2 \n * Mozilla Firefox 17.0.3 \n * Mozilla Firefox 17.0.4 \n * Mozilla Firefox 17.0.5 \n * Mozilla Firefox 17.0.6 \n * Mozilla Firefox 17.0.7 \n * Mozilla Firefox 17.0.8 \n * Mozilla Firefox 17.0.9 \n * Mozilla Firefox 18.0 \n * Mozilla Firefox 18.0.1 \n * Mozilla Firefox 18.0.2 \n * Mozilla Firefox 19.0 \n * Mozilla Firefox 19.0.1 \n * Mozilla Firefox 19.0.2 \n * Mozilla Firefox 2.0 .1 \n * Mozilla Firefox 2.0 .10 \n * Mozilla Firefox 2.0 .4 \n * Mozilla Firefox 2.0 .5 \n * Mozilla Firefox 2.0 .6 \n * Mozilla Firefox 2.0 .7 \n * Mozilla Firefox 2.0 .9 \n * Mozilla Firefox 2.0 8 \n * Mozilla Firefox 2.0 \n * Mozilla Firefox 2.0.0 .19 \n * Mozilla Firefox 2.0.0 20 \n * Mozilla Firefox 2.0.0.1 \n * Mozilla Firefox 2.0.0.10 \n * Mozilla Firefox 2.0.0.11 \n * Mozilla Firefox 2.0.0.12 \n * Mozilla Firefox 2.0.0.13 \n * Mozilla Firefox 2.0.0.14 \n * Mozilla Firefox 2.0.0.15 \n * Mozilla Firefox 2.0.0.16 \n * Mozilla Firefox 2.0.0.17 \n * Mozilla Firefox 2.0.0.18 \n * Mozilla Firefox 2.0.0.19 \n * Mozilla Firefox 2.0.0.2 \n * Mozilla Firefox 2.0.0.21 \n * Mozilla Firefox 2.0.0.3 \n * Mozilla Firefox 2.0.0.4 \n * Mozilla Firefox 2.0.0.5 \n * Mozilla Firefox 2.0.0.6 \n * Mozilla Firefox 2.0.0.7 \n * Mozilla Firefox 2.0.0.8 \n * Mozilla Firefox 2.0.0.9 \n * Mozilla Firefox 20.0 \n * Mozilla Firefox 20.0.1 \n * Mozilla Firefox 21.0 \n * Mozilla Firefox 22.0 \n * Mozilla Firefox 22.0.0.4917 \n * Mozilla Firefox 23.0 \n * Mozilla Firefox 23.0.1 \n * Mozilla Firefox 24.0 \n * Mozilla Firefox 24.1 \n * Mozilla Firefox 24.1.1 \n * Mozilla Firefox 25.0 \n * Mozilla Firefox 25.0.1 \n * Mozilla Firefox 26 \n * Mozilla Firefox 26.0 \n * Mozilla Firefox 27 \n * Mozilla Firefox 27.0 \n * Mozilla Firefox 27.0.1 \n * Mozilla Firefox 28 \n * Mozilla Firefox 28.0 \n * Mozilla Firefox 28.0.1 \n * Mozilla Firefox 29 \n * Mozilla Firefox 29.0 \n * Mozilla Firefox 29.0.1 \n * Mozilla Firefox 3.0 \n * Mozilla Firefox 3.0.1 \n * Mozilla Firefox 3.0.10 \n * Mozilla Firefox 3.0.11 \n * Mozilla Firefox 3.0.12 \n * Mozilla Firefox 3.0.13 \n * Mozilla Firefox 3.0.14 \n * Mozilla Firefox 3.0.15 \n * Mozilla Firefox 3.0.16 \n * Mozilla Firefox 3.0.17 \n * Mozilla Firefox 3.0.18 \n * Mozilla Firefox 3.0.19 \n * Mozilla Firefox 3.0.2 \n * Mozilla Firefox 3.0.3 \n * Mozilla Firefox 3.0.4 \n * Mozilla Firefox 3.0.5 \n * Mozilla Firefox 3.0.6 \n * Mozilla Firefox 3.0.7 \n * Mozilla Firefox 3.0.8 \n * Mozilla Firefox 3.0.9 \n * Mozilla Firefox 3.1 \n * Mozilla Firefox 3.5.0 \n * Mozilla Firefox 3.5.1 \n * Mozilla Firefox 3.5.10 \n * Mozilla Firefox 3.5.11 \n * Mozilla Firefox 3.5.12 \n * Mozilla Firefox 3.5.13 \n * Mozilla Firefox 3.5.14 \n * Mozilla Firefox 3.5.15 \n * Mozilla Firefox 3.5.16 \n * Mozilla Firefox 3.5.17 \n * Mozilla Firefox 3.5.18 \n * Mozilla Firefox 3.5.19 \n * Mozilla Firefox 3.5.2 \n * Mozilla Firefox 3.5.3 \n * Mozilla Firefox 3.5.4 \n * Mozilla Firefox 3.5.5 \n * Mozilla Firefox 3.5.6 \n * Mozilla Firefox 3.5.7 \n * Mozilla Firefox 3.5.8 \n * Mozilla Firefox 3.5.9 \n * Mozilla Firefox 3.6 \n * Mozilla Firefox 3.6.1 \n * Mozilla Firefox 3.6.10 \n * Mozilla Firefox 3.6.11 \n * Mozilla Firefox 3.6.12 \n * Mozilla Firefox 3.6.13 \n * Mozilla Firefox 3.6.14 \n * Mozilla Firefox 3.6.15 \n * Mozilla Firefox 3.6.16 \n * Mozilla Firefox 3.6.17 \n * Mozilla Firefox 3.6.18 \n * Mozilla Firefox 3.6.19 \n * Mozilla Firefox 3.6.2 \n * Mozilla Firefox 3.6.20 \n * Mozilla Firefox 3.6.21 \n * Mozilla Firefox 3.6.22 \n * Mozilla Firefox 3.6.23 \n * Mozilla Firefox 3.6.24 \n * Mozilla Firefox 3.6.25 \n * Mozilla Firefox 3.6.26 \n * Mozilla Firefox 3.6.27 \n * Mozilla Firefox 3.6.28 \n * Mozilla Firefox 3.6.3 \n * Mozilla Firefox 3.6.4 \n * Mozilla Firefox 3.6.5 \n * Mozilla Firefox 3.6.6 \n * Mozilla Firefox 3.6.7 \n * Mozilla Firefox 3.6.8 \n * Mozilla Firefox 3.6.9 \n * Mozilla Firefox 30 \n * Mozilla Firefox 30.0 \n * Mozilla Firefox 31 \n * Mozilla Firefox 31.0 \n * Mozilla Firefox 31.1 \n * Mozilla Firefox 31.1.0 \n * Mozilla Firefox 31.6 \n * Mozilla Firefox 31.8 \n * Mozilla Firefox 31.8.0 \n * Mozilla Firefox 32 \n * Mozilla Firefox 32.0 \n * Mozilla Firefox 32.0.3 \n * Mozilla Firefox 33 \n * Mozilla Firefox 33.0 \n * Mozilla Firefox 34 \n * Mozilla Firefox 34.0.5 \n * Mozilla Firefox 35 \n * Mozilla Firefox 35.0.1 \n * Mozilla Firefox 36 \n * Mozilla Firefox 36.0.3 \n * Mozilla Firefox 36.0.4 \n * Mozilla Firefox 37 \n * Mozilla Firefox 37.0.1 \n * Mozilla Firefox 37.0.2 \n * Mozilla Firefox 38 \n * Mozilla Firefox 39 \n * Mozilla Firefox 39.0.3 \n * Mozilla Firefox 4.0 \n * Mozilla Firefox 4.0.1 \n * Mozilla Firefox 40 \n * Mozilla Firefox 40.0.3 \n * Mozilla Firefox 41 \n * Mozilla Firefox 41.0.2 \n * Mozilla Firefox 42 \n * Mozilla Firefox 43 \n * Mozilla Firefox 43.0.1 \n * Mozilla Firefox 43.0.2 \n * Mozilla Firefox 44 \n * Mozilla Firefox 44.0.2 \n * Mozilla Firefox 45 \n * Mozilla Firefox 45.0.2 \n * Mozilla Firefox 46 \n * Mozilla Firefox 46.0.1 \n * Mozilla Firefox 47 \n * Mozilla Firefox 48 \n * Mozilla Firefox 49 \n * Mozilla Firefox 49.0.1 \n * Mozilla Firefox 49.0.2 \n * Mozilla Firefox 5.0 \n * Mozilla Firefox 5.0.1 \n * Mozilla Firefox 50 \n * Mozilla Firefox 50.0.1 \n * Mozilla Firefox 50.0.2 \n * Mozilla Firefox 50.1 \n * Mozilla Firefox 51 \n * Mozilla Firefox 52 \n * Mozilla Firefox 52.0.1 \n * Mozilla Firefox 53 \n * Mozilla Firefox 53.0.2 \n * Mozilla Firefox 54 \n * Mozilla Firefox 55 \n * Mozilla Firefox 56 \n * Mozilla Firefox 57 \n * Mozilla Firefox 57.0.1 \n * Mozilla Firefox 57.0.2 \n * Mozilla Firefox 6 \n * Mozilla Firefox 6.0 \n * Mozilla Firefox 6.0.1 \n * Mozilla Firefox 6.0.2 \n * Mozilla Firefox 7 \n * Mozilla Firefox 7.0 \n * Mozilla Firefox 7.0.1 \n * Mozilla Firefox 8.0 \n * Mozilla Firefox 8.0.1 \n * Mozilla Firefox 9.0 \n * Mozilla Firefox 9.0.1 \n * Redhat Enterprise Linux 5 \n * Redhat Enterprise Linux 6 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux Desktop 6 \n * Redhat Enterprise Linux Desktop 7 \n * Redhat Enterprise Linux EUS Compute Node 6.7 \n * Redhat Enterprise Linux EUS Compute Node 7.3 \n * Redhat Enterprise Linux EUS Compute Node 7.4 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Upd 7.3 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.2 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - AUS 6.6 \n * Redhat Enterprise Linux Server - AUS 7.2 \n * Redhat Enterprise Linux Server - AUS 7.3 \n * Redhat Enterprise Linux Server - AUS 7.4 \n * Redhat Enterprise Linux Server - Extended Update Support 6.7 \n * Redhat Enterprise Linux Server - Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - TUS 6.6 \n * Redhat Enterprise Linux Server - TUS 7.2 \n * Redhat Enterprise Linux Server - TUS 7.3 \n * Redhat Enterprise Linux Server - TUS 7.4 \n * Redhat Enterprise Linux Server 6 \n * Redhat Enterprise Linux Server 7 \n * Redhat Enterprise Linux Workstation 6 \n * Redhat Enterprise Linux Workstation 7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 \n * Redhat Enterprise Linux for IBM z Systems 6 \n * Redhat Enterprise Linux for IBM z Systems 7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4 \n * Redhat Enterprise Linux for Power, big endian 6 \n * Redhat Enterprise Linux for Power, big endian 7 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4 \n * Redhat Enterprise Linux for Power, little endian 7 \n * Redhat Enterprise Linux for Real Time 7 \n * Redhat Enterprise Linux for Real Time for NFV 7 \n * Redhat Enterprise Linux for Scientific Computing 6 \n * Redhat Enterprise Linux for Scientific Computing 7 \n * Redhat Enterprise Mrg 2 \n * Redhat Virtualization Host 4 \n * VMWare ESXi 5.5 \n * VMWare Esxi 6.0 \n * VMWare Esxi 6.5 \n * VMWare Fusion 8.0 \n * VMWare Fusion 8.0.1 \n * VMWare Fusion 8.0.2 \n * VMWare Fusion 8.1.0 \n * VMWare Fusion 8.1.1 \n * VMWare Fusion 8.5 \n * VMWare Fusion 8.5.2 \n * VMWare Fusion 8.5.4 \n * VMWare Fusion 8.5.5 \n * VMWare Fusion 8.5.6 \n * VMWare Fusion 8.5.8 \n * VMWare Identity Manager 2.0 \n * VMWare Identity Manager 2.7 \n * VMWare Identity Manager 2.7.1 \n * VMWare Identity Manager 3.0 \n * VMWare Workstation 12.0 \n * VMWare Workstation 12.5.3 \n * VMWare Workstation 12.5.5 \n * VMWare Workstation 12.5.7 \n * VMWare vCenter Server 6.0 \n * VMWare vCenter Server 6.5 \n * VMWare vCloud Usage Meter 3.0 \n * VMWare vCloud Usage Meter 3.3 \n * VMWare vCloud Usage Meter 3.3.3 \n * VMWare vRealize Automation 6.0 \n * VMWare vRealize Automation 6.1 \n * VMWare vRealize Automation 6.2 \n * VMWare vRealize Automation 6.2.4 \n * VMWare vRealize Automation 6.2.4.1 \n * VMWare vRealize Automation 6.2.5 \n * VMWare vRealize Automation 7.0 \n * VMWare vRealize Automation 7.1 \n * VMWare vRealize Automation 7.2.0 \n * VMWare vRealize Automation 7.3.0 \n * VMWare vSphere Data Protection 6.0 \n * VMWare vSphere Data Protection 6.0.0 \n * VMWare vSphere Data Protection 6.0.5 \n * VMWare vSphere Data Protection 6.0.6 \n * VMWare vSphere Data Protection 6.0.7 \n * VMWare vSphere Data Protection 6.1 \n * VMWare vSphere Data Protection 6.1.0 \n * VMWare vSphere Data Protection 6.1.4 \n * VMWare vSphere Data Protection 6.1.5 \n * VMWare vSphere Data Protection 6.1.6 \n * VMWare vSphere Integrated Containers 1.0 \n * VMWare vSphere Integrated Containers 1.1 \n * VMWare vSphere Integrated Containers 1.2 \n * VMWare vSphere Integrated Containers 1.3 \n * Xen Xen \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nGiven the local nature of this issue, grant only trusted and accountable individuals access to affected computers. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2018-01-03T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/102371", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-11T18:48:52"}, {"id": "SMNTC-102378", "type": "symantec", "title": "Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability", "description": "### Description\n\nMultiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Apple Mac Os X 10.11.6 \n * Apple iOS 11.2 \n * Apple macOS 10.12.6 \n * Apple macOS 10.13.2 \n * Apple tvOS 11.2 \n * BD Accuri C6 Plus \n * BD Assurity Linc \n * BD BACTEC 9120/9240 \n * BD BACTEC FX \n * BD BACTEC FX40 \n * BD Data Innovations \n * BD EpiCenter \n * BD FACSAria Fusion \n * BD FACSAria I/II/III \n * BD FACSCalibur \n * BD FACSCanto 10-color \n * BD FACSCanto 10-color clinical \n * BD FACSCanto II \n * BD FACSCanto II clinical \n * BD FACSCelesta \n * BD FACSCount \n * BD FACSDuet Sample Prep (ASaP) \n * BD FACSJazz \n * BD FACSLink Interface \n * BD FACSLyric \n * BD FACSMelody \n * BD FACSSample Prep Assistant III \n * BD FACSVerse \n * BD FACSVia \n * BD GenCell CliC \n * BD Influx \n * BD Kiestra TLA/WCA \n * BD LSR II \n * BD LSRFortessa \n * BD LSRFortessa X-20 \n * BD Lyse Wash Assistant \n * BD MAX \n * BD Panel Designer \n * BD Phoenix 100 \n * BD Phoenix M50 \n * BD Pyxis Anesthesia ES \n * BD Pyxis Anesthesia System 3500 \n * BD Pyxis CIISafe -Workstation \n * BD Pyxis CUBIE Replenishment Station \n * BD Pyxis CathRack \n * BD Pyxis DuoStation \n * BD Pyxis EcoStation System \n * BD Pyxis Infant Care Verification \n * BD Pyxis MedStation 3500 \n * BD Pyxis MedStation 4000 \n * BD Pyxis MedStation ES \n * BD Pyxis Medication Administration \n * BD Pyxis Nursing Data Collection \n * BD Pyxis ParAssist System \n * BD Pyxis Parx \n * BD Pyxis Parx handheld \n * BD Pyxis ProcedureStation \n * BD Pyxis ScrubStation System \n * BD Pyxis Specimen Collection Verification \n * BD Pyxis StockStation System \n * BD Pyxis Supply Roller \n * BD Pyxis SupplyStation \n * BD Pyxis Transfusion Verification \n * BD Rowa Dose \n * BD Rowa Smart \n * BD Rowa Vmax System \n * BD Totalys SlidePrep \n * BD Viper LT \n * BD Viper XTR \n * Bluecoat Content Analysis 2.1 \n * Bluecoat Content Analysis 2.2 \n * Bluecoat Malware Analysis Appliance 4.2 \n * Bluecoat Security Analytics 7.1 \n * Bluecoat Security Analytics 7.2 \n * Bluecoat Security Analytics 7.3 \n * Bluecoat X-Series XOS 10.0 \n * Bluecoat X-Series XOS 11.0 \n * Bluecoat X-Series XOS 9.7 \n * Cisco Carrier Routing System 6.6.0.BASE \n * Cisco Unified Computing System 2.2 \n * Cisco Unified Computing System 3.1 \n * Cisco Unified Computing System 3.2 \n * Google Android \n * Google Chrome 0.1.38.1 \n * Google Chrome 0.1.38.2 \n * Google Chrome 0.1.38.4 \n * Google Chrome 0.1.40.1 \n * Google Chrome 0.1.42.2 \n * Google Chrome 0.1.42.3 \n * Google Chrome 0.2.149.27 \n * Google Chrome 0.2.149.29 \n * Google Chrome 0.2.149.30 \n * Google Chrome 0.2.152.1 \n * Google Chrome 0.2.153.1 \n * Google Chrome 0.3.154 9 \n * Google Chrome 0.3.154.0 \n * Google Chrome 0.3.154.3 \n * Google Chrome 0.4.154.18 \n * Google Chrome 0.4.154.22 \n * Google Chrome 0.4.154.31 \n * Google Chrome 0.4.154.33 \n * Google Chrome 1.0.154.36 \n * Google Chrome 1.0.154.39 \n * Google Chrome 1.0.154.42 \n * Google Chrome 1.0.154.43 \n * Google Chrome 1.0.154.46 \n * Google Chrome 1.0.154.48 \n * Google Chrome 1.0.154.52 \n * Google Chrome 1.0.154.53 \n * Google Chrome 1.0.154.55 \n * Google Chrome 1.0.154.59 \n * Google Chrome 1.0.154.61 \n * Google Chrome 1.0.154.64 \n * Google Chrome 1.0.154.65 \n * Google Chrome 10 \n * Google Chrome 10.0.601.0 \n * Google Chrome 10.0.602.0 \n * Google Chrome 10.0.603.0 \n * Google Chrome 10.0.603.2 \n * Google Chrome 10.0.603.3 \n * Google Chrome 10.0.604.0 \n * Google Chrome 10.0.605.0 \n * Google Chrome 10.0.606.0 \n * Google Chrome 10.0.607.0 \n * Google Chrome 10.0.608.0 \n * Google Chrome 10.0.609.0 \n * Google Chrome 10.0.610.0 \n * Google Chrome 10.0.611.0 \n * Google Chrome 10.0.611.1 \n * Google Chrome 10.0.612.0 \n * Google Chrome 10.0.612.1 \n * Google Chrome 10.0.612.2 \n * Google Chrome 10.0.612.3 \n * Google Chrome 10.0.613.0 \n * Google Chrome 10.0.614.0 \n * Google Chrome 10.0.615.0 \n * Google Chrome 10.0.616.0 \n * Google Chrome 10.0.617.0 \n * Google Chrome 10.0.618.0 \n * Google Chrome 10.0.619.0 \n * Google Chrome 10.0.620.0 \n * Google Chrome 10.0.621.0 \n * Google Chrome 10.0.622.0 \n * Google Chrome 10.0.622.1 \n * Google Chrome 10.0.623.0 \n * Google Chrome 10.0.624.0 \n * Google Chrome 10.0.625.0 \n * Google Chrome 10.0.626.0 \n * Google Chrome 10.0.627.0 \n * Google Chrome 10.0.628.0 \n * Google Chrome 10.0.629.0 \n * Google Chrome 10.0.630.0 \n * Google Chrome 10.0.631.0 \n * Google Chrome 10.0.632.0 \n * Google Chrome 10.0.633.0 \n * Google Chrome 10.0.634.0 \n * Google Chrome 10.0.634.1 \n * Google Chrome 10.0.635.0 \n * Google Chrome 10.0.636.0 \n * Google Chrome 10.0.638.0 \n * Google Chrome 10.0.638.1 \n * Google Chrome 10.0.639.0 \n * Google Chrome 10.0.640.0 \n * Google Chrome 10.0.642.0 \n * Google Chrome 10.0.642.1 \n * Google Chrome 10.0.642.2 \n * Google Chrome 10.0.643.0 \n * Google Chrome 10.0.644.0 \n * Google Chrome 10.0.645.0 \n * Google Chrome 10.0.646.0 \n * Google Chrome 10.0.647.0 \n * Google Chrome 10.0.648.0 \n * Google Chrome 10.0.648.1 \n * Google Chrome 10.0.648.10 \n * Google Chrome 10.0.648.101 \n * Google Chrome 10.0.648.103 \n * Google Chrome 10.0.648.105 \n * Google Chrome 10.0.648.107 \n * Google Chrome 10.0.648.11 \n * Google Chrome 10.0.648.114 \n * Google Chrome 10.0.648.116 \n * Google Chrome 10.0.648.118 \n * Google Chrome 10.0.648.119 \n * Google Chrome 10.0.648.12 \n * Google Chrome 10.0.648.120 \n * Google Chrome 10.0.648.121 \n * Google Chrome 10.0.648.122 \n * Google Chrome 10.0.648.123 \n * Google Chrome 10.0.648.124 \n * Google Chrome 10.0.648.125 \n * Google Chrome 10.0.648.126 \n * Google Chrome 10.0.648.127 \n * Google Chrome 10.0.648.128 \n * Google Chrome 10.0.648.129 \n * Google Chrome 10.0.648.13 \n * Google Chrome 10.0.648.130 \n * Google Chrome 10.0.648.131 \n * Google Chrome 10.0.648.132 \n * Google Chrome 10.0.648.133 \n * Google Chrome 10.0.648.134 \n * Google Chrome 10.0.648.135 \n * Google Chrome 10.0.648.151 \n * Google Chrome 10.0.648.18 \n * Google Chrome 10.0.648.2 \n * Google Chrome 10.0.648.201 \n * Google Chrome 10.0.648.203 \n * Google Chrome 10.0.648.204 \n * Google Chrome 10.0.648.205 \n * Google Chrome 10.0.648.23 \n * Google Chrome 10.0.648.26 \n * Google Chrome 10.0.648.28 \n * Google Chrome 10.0.648.3 \n * Google Chrome 10.0.648.32 \n * Google Chrome 10.0.648.35 \n * Google Chrome 10.0.648.38 \n * Google Chrome 10.0.648.4 \n * Google Chrome 10.0.648.42 \n * Google Chrome 10.0.648.45 \n * Google Chrome 10.0.648.49 \n * Google Chrome 10.0.648.5 \n * Google Chrome 10.0.648.54 \n * Google Chrome 10.0.648.56 \n * Google Chrome 10.0.648.59 \n * Google Chrome 10.0.648.6 \n * Google Chrome 10.0.648.62 \n * Google Chrome 10.0.648.66 \n * Google Chrome 10.0.648.68 \n * Google Chrome 10.0.648.7 \n * Google Chrome 10.0.648.70 \n * Google Chrome 10.0.648.72 \n * Google Chrome 10.0.648.76 \n * Google Chrome 10.0.648.79 \n * Google Chrome 10.0.648.8 \n * Google Chrome 10.0.648.82 \n * Google Chrome 10.0.648.84 \n * Google Chrome 10.0.648.87 \n * Google Chrome 10.0.648.9 \n * Google Chrome 10.0.648.90 \n * Google Chrome 10.0.649.0 \n * Google Chrome 10.0.650.0 \n * Google Chrome 10.0.651.0 \n * Google Chrome 11 \n * Google Chrome 11.0.652.0 \n * Google Chrome 11.0.653.0 \n * Google Chrome 11.0.654.0 \n * Google Chrome 11.0.655.0 \n * Google Chrome 11.0.656.0 \n * Google Chrome 11.0.657.0 \n * Google Chrome 11.0.658.0 \n * Google Chrome 11.0.658.1 \n * Google Chrome 11.0.659.0 \n * Google Chrome 11.0.660.0 \n * Google Chrome 11.0.661.0 \n * Google Chrome 11.0.662.0 \n * Google Chrome 11.0.663.0 \n * Google Chrome 11.0.664.1 \n * Google Chrome 11.0.665.0 \n * Google Chrome 11.0.666.0 \n * Google Chrome 11.0.667.0 \n * Google Chrome 11.0.667.2 \n * Google Chrome 11.0.667.3 \n * Google Chrome 11.0.667.4 \n * Google Chrome 11.0.668.0 \n * Google Chrome 11.0.669.0 \n * Google Chrome 11.0.670.0 \n * Google Chrome 11.0.671.0 \n * Google Chrome 11.0.672.0 \n * Google Chrome 11.0.672.1 \n * Google Chrome 11.0.672.2 \n * Google Chrome 11.0.673.0 \n * Google Chrome 11.0.674.0 \n * Google Chrome 11.0.675.0 \n * Google Chrome 11.0.676.0 \n * Google Chrome 11.0.677.0 \n * Google Chrome 11.0.678.0 \n * Google Chrome 11.0.679.0 \n * Google Chrome 11.0.680.0 \n * Google Chrome 11.0.681.0 \n * Google Chrome 11.0.682.0 \n * Google Chrome 11.0.683.0 \n * Google Chrome 11.0.684.0 \n * Google Chrome 11.0.685.0 \n * Google Chrome 11.0.686.0 \n * Google Chrome 11.0.686.1 \n * Google Chrome 11.0.686.2 \n * Google Chrome 11.0.686.3 \n * Google Chrome 11.0.687.0 \n * Google Chrome 11.0.687.1 \n * Google Chrome 11.0.688.0 \n * Google Chrome 11.0.689.0 \n * Google Chrome 11.0.690.0 \n * Google Chrome 11.0.690.1 \n * Google Chrome 11.0.691.0 \n * Google Chrome 11.0.692.0 \n * Google Chrome 11.0.693.0 \n * Google Chrome 11.0.694.0 \n * Google Chrome 11.0.695.0 \n * Google Chrome 11.0.696.0 \n * Google Chrome 11.0.696.1 \n * Google Chrome 11.0.696.10 \n * Google Chrome 11.0.696.11 \n * Google Chrome 11.0.696.12 \n * Google Chrome 11.0.696.13 \n * Google Chrome 11.0.696.14 \n * Google Chrome 11.0.696.15 \n * Google Chrome 11.0.696.16 \n * Google Chrome 11.0.696.17 \n * Google Chrome 11.0.696.18 \n * Google Chrome 11.0.696.19 \n * Google Chrome 11.0.696.2 \n * Google Chrome 11.0.696.20 \n * Google Chrome 11.0.696.21 \n * Google Chrome 11.0.696.22 \n * Google Chrome 11.0.696.23 \n * Google Chrome 11.0.696.24 \n * Google Chrome 11.0.696.25 \n * Google Chrome 11.0.696.26 \n * Google Chrome 11.0.696.27 \n * Google Chrome 11.0.696.28 \n * Google Chrome 11.0.696.29 \n * Google Chrome 11.0.696.3 \n * Google Chrome 11.0.696.30 \n * Google Chrome 11.0.696.31 \n * Google Chrome 11.0.696.32 \n * Google Chrome 11.0.696.33 \n * Google Chrome 11.0.696.34 \n * Google Chrome 11.0.696.35 \n * Google Chrome 11.0.696.36 \n * Google Chrome 11.0.696.37 \n * Google Chrome 11.0.696.38 \n * Google Chrome 11.0.696.39 \n * Google Chrome 11.0.696.4 \n * Google Chrome 11.0.696.40 \n * Google Chrome 11.0.696.41 \n * Google Chrome 11.0.696.42 \n * Google Chrome 11.0.696.43 \n * Google Chrome 11.0.696.44 \n * Google Chrome 11.0.696.45 \n * Google Chrome 11.0.696.46 \n * Google Chrome 11.0.696.47 \n * Google Chrome 11.0.696.48 \n * Google Chrome 11.0.696.49 \n * Google Chrome 11.0.696.5 \n * Google Chrome 11.0.696.50 \n * Google Chrome 11.0.696.51 \n * Google Chrome 11.0.696.52 \n * Google Chrome 11.0.696.53 \n * Google Chrome 11.0.696.54 \n * Google Chrome 11.0.696.55 \n * Google Chrome 11.0.696.56 \n * Google Chrome 11.0.696.57 \n * Google Chrome 11.0.696.58 \n * Google Chrome 11.0.696.59 \n * Google Chrome 11.0.696.60 \n * Google Chrome 11.0.696.61 \n * Google Chrome 11.0.696.62 \n * Google Chrome 11.0.696.63 \n * Google Chrome 11.0.696.64 \n * Google Chrome 11.0.696.65 \n * Google Chrome 11.0.696.66 \n * Google Chrome 11.0.696.67 \n * Google Chrome 11.0.696.68 \n * Google Chrome 11.0.696.69 \n * Google Chrome 11.0.696.7 \n * Google Chrome 11.0.696.70 \n * Google Chrome 11.0.696.71 \n * Google Chrome 11.0.696.72 \n * Google Chrome 11.0.696.77 \n * Google Chrome 11.0.696.8 \n * Google Chrome 11.0.696.9 \n * Google Chrome 11.0.697.0 \n * Google Chrome 11.0.698.0 \n * Google Chrome 11.0.699.0 \n * Google Chrome 12 \n * Google Chrome 12.0.700.0 \n * Google Chrome 12.0.701.0 \n * Google Chrome 12.0.702.0 \n * Google Chrome 12.0.702.1 \n * Google Chrome 12.0.702.2 \n * Google Chrome 12.0.703.0 \n * Google Chrome 12.0.704.0 \n * Google Chrome 12.0.705.0 \n * Google Chrome 12.0.706.0 \n * Google Chrome 12.0.707.0 \n * Google Chrome 12.0.708.0 \n * Google Chrome 12.0.709.0 \n * Google Chrome 12.0.710.0 \n * Google Chrome 12.0.711.0 \n * Google Chrome 12.0.712.0 \n * Google Chrome 12.0.713.0 \n * Google Chrome 12.0.714.0 \n * Google Chrome 12.0.715.0 \n * Google Chrome 12.0.716.0 \n * Google Chrome 12.0.717.0 \n * Google Chrome 12.0.718.0 \n * Google Chrome 12.0.719.0 \n * Google Chrome 12.0.719.1 \n * Google Chrome 12.0.720.0 \n * Google Chrome 12.0.721.0 \n * Google Chrome 12.0.721.1 \n * Google Chrome 12.0.722.0 \n * Google Chrome 12.0.723.0 \n * Google Chrome 12.0.723.1 \n * Google Chrome 12.0.724.0 \n * Google Chrome 12.0.725.0 \n * Google Chrome 12.0.726.0 \n * Google Chrome 12.0.727.0 \n * Google Chrome 12.0.728.0 \n * Google Chrome 12.0.729.0 \n * Google Chrome 12.0.730.0 \n * Google Chrome 12.0.731.0 \n * Google Chrome 12.0.732.0 \n * Google Chrome 12.0.733.0 \n * Google Chrome 12.0.734.0 \n * Google Chrome 12.0.735.0 \n * Google Chrome 12.0.736.0 \n * Google Chrome 12.0.737.0 \n * Google Chrome 12.0.738.0 \n * Google Chrome 12.0.739.0 \n * Google Chrome 12.0.740.0 \n * Google Chrome 12.0.741.0 \n * Google Chrome 12.0.742.0 \n * Google Chrome 12.0.742.1 \n * Google Chrome 12.0.742.10 \n * Google Chrome 12.0.742.100 \n * Google Chrome 12.0.742.105 \n * Google Chrome 12.0.742.11 \n * Google Chrome 12.0.742.111 \n * Google Chrome 12.0.742.112 \n * Google Chrome 12.0.742.113 \n * Google Chrome 12.0.742.114 \n * Google Chrome 12.0.742.115 \n * Google Chrome 12.0.742.12 \n * Google Chrome 12.0.742.120 \n * Google Chrome 12.0.742.121 \n * Google Chrome 12.0.742.122 \n * Google Chrome 12.0.742.123 \n * Google Chrome 12.0.742.124 \n * Google Chrome 12.0.742.13 \n * Google Chrome 12.0.742.14 \n * Google Chrome 12.0.742.15 \n * Google Chrome 12.0.742.16 \n * Google Chrome 12.0.742.17 \n * Google Chrome 12.0.742.18 \n * Google Chrome 12.0.742.19 \n * Google Chrome 12.0.742.2 \n * Google Chrome 12.0.742.20 \n * Google Chrome 12.0.742.21 \n * Google Chrome 12.0.742.22 \n * Google Chrome 12.0.742.3 \n * Google Chrome 12.0.742.30 \n * Google Chrome 12.0.742.4 \n * Google Chrome 12.0.742.41 \n * Google Chrome 12.0.742.42 \n * Google Chrome 12.0.742.43 \n * Google Chrome 12.0.742.44 \n * Google Chrome 12.0.742.45 \n * Google Chrome 12.0.742.46 \n * Google Chrome 12.0.742.47 \n * Google Chrome 12.0.742.48 \n * Google Chrome 12.0.742.49 \n * Google Chrome 12.0.742.5 \n * Google Chrome 12.0.742.50 \n * Google Chrome 12.0.742.51 \n * Google Chrome 12.0.742.52 \n * Google Chrome 12.0.742.53 \n * Google Chrome 12.0.742.54 \n * Google Chrome 12.0.742.55 \n * Google Chrome 12.0.742.56 \n * Google Chrome 12.0.742.57 \n * Google Chrome 12.0.742.58 \n * Google Chrome 12.0.742.59 \n * Google Chrome 12.0.742.6 \n * Google Chrome 12.0.742.60 \n * Google Chrome 12.0.742.61 \n * Google Chrome 12.0.742.63 \n * Google Chrome 12.0.742.64 \n * Google Chrome 12.0.742.65 \n * Google Chrome 12.0.742.66 \n * Google Chrome 12.0.742.67 \n * Google Chrome 12.0.742.68 \n * Google Chrome 12.0.742.69 \n * Google Chrome 12.0.742.70 \n * Google Chrome 12.0.742.71 \n * Google Chrome 12.0.742.72 \n * Google Chrome 12.0.742.73 \n * Google Chrome 12.0.742.74 \n * Google Chrome 12.0.742.75 \n * Google Chrome 12.0.742.77 \n * Google Chrome 12.0.742.8 \n * Google Chrome 12.0.742.82 \n * Google Chrome 12.0.742.9 \n * Google Chrome 12.0.742.91 \n * Google Chrome 12.0.742.92 \n * Google Chrome 12.0.742.93 \n * Google Chrome 12.0.742.94 \n * Google Chrome 12.0.743.0 \n * Google Chrome 12.0.744.0 \n * Google Chrome 12.0.745.0 \n * Google Chrome 12.0.746.0 \n * Google Chrome 12.0.747.0 \n * Google Chrome 13 \n * Google Chrome 13.0.748.0 \n * Google Chrome 13.0.749.0 \n * Google Chrome 13.0.750.0 \n * Google Chrome 13.0.751.0 \n * Google Chrome 13.0.752.0 \n * Google Chrome 13.0.753.0 \n * Google Chrome 13.0.754.0 \n * Google Chrome 13.0.755.0 \n * Google Chrome 13.0.756.0 \n * Google Chrome 13.0.757.0 \n * Google Chrome 13.0.758.0 \n * Google Chrome 13.0.759.0 \n * Google Chrome 13.0.760.0 \n * Google Chrome 13.0.761.0 \n * Google Chrome 13.0.761.1 \n * Google Chrome 13.0.762.0 \n * Google Chrome 13.0.762.1 \n * Google Chrome 13.0.763.0 \n * Google Chrome 13.0.764.0 \n * Google Chrome 13.0.765.0 \n * Google Chrome 13.0.766.0 \n * Google Chrome 13.0.767.0 \n * Google Chrome 13.0.767.1 \n * Google Chrome 13.0.768.0 \n * Google Chrome 13.0.769.0 \n * Google Chrome 13.0.770.0 \n * Google Chrome 13.0.771.0 \n * Google Chrome 13.0.772.0 \n * Google Chrome 13.0.773.0 \n * Google Chrome 13.0.774.0 \n * Google Chrome 13.0.775.0 \n * Google Chrome 13.0.775.1 \n * Google Chrome 13.0.775.2 \n * Google Chrome 13.0.775.4 \n * Google Chrome 13.0.776.0 \n * Google Chrome 13.0.776.1 \n * Google Chrome 13.0.777.0 \n * Google Chrome 13.0.777.1 \n * Google Chrome 13.0.777.2 \n * Google Chrome 13.0.777.3 \n * Google Chrome 13.0.777.4 \n * Google Chrome 13.0.777.5 \n * Google Chrome 13.0.777.6 \n * Google Chrome 13.0.778.0 \n * Google Chrome 13.0.779.0 \n * Google Chrome 13.0.780.0 \n * Google Chrome 13.0.781.0 \n * Google Chrome 13.0.782.0 \n * Google Chrome 13.0.782.1 \n * Google Chrome 13.0.782.10 \n * Google Chrome 13.0.782.100 \n * Google Chrome 13.0.782.101 \n * Google Chrome 13.0.782.102 \n * Google Chrome 13.0.782.103 \n * Google Chrome 13.0.782.104 \n * Google Chrome 13.0.782.105 \n * Google Chrome 13.0.782.106 \n * Google Chrome 13.0.782.107 \n * Google Chrome 13.0.782.108 \n * Google Chrome 13.0.782.109 \n * Google Chrome 13.0.782.11 \n * Google Chrome 13.0.782.112 \n * Google Chrome 13.0.782.12 \n * Google Chrome 13.0.782.13 \n * Google Chrome 13.0.782.14 \n * Google Chrome 13.0.782.15 \n * Google Chrome 13.0.782.16 \n * Google Chrome 13.0.782.17 \n * Google Chrome 13.0.782.18 \n * Google Chrome 13.0.782.19 \n * Google Chrome 13.0.782.20 \n * Google Chrome 13.0.782.21 \n * Google Chrome 13.0.782.210 \n * Google Chrome 13.0.782.211 \n * Google Chrome 13.0.782.212 \n * Google Chrome 13.0.782.213 \n * Google Chrome 13.0.782.214 \n * Google Chrome 13.0.782.215 \n * Google Chrome 13.0.782.216 \n * Google Chrome 13.0.782.217 \n * Google Chrome 13.0.782.218 \n * Google Chrome 13.0.782.219 \n * Google Chrome 13.0.782.220 \n * Google Chrome 13.0.782.23 \n * Google Chrome 13.0.782.237 \n * Google Chrome 13.0.782.238 \n * Google Chrome 13.0.782.24 \n * Google Chrome 13.0.782.25 \n * Google Chrome 13.0.782.26 \n * Google Chrome 13.0.782.27 \n * Google Chrome 13.0.782.28 \n * Google Chrome 13.0.782.29 \n * Google Chrome 13.0.782.3 \n * Google Chrome 13.0.782.30 \n * Google Chrome 13.0.782.31 \n * Google Chrome 13.0.782.32 \n * Google Chrome 13.0.782.33 \n * Google Chrome 13.0.782.34 \n * Google Chrome 13.0.782.35 \n * Google Chrome 13.0.782.36 \n * Google Chrome 13.0.782.37 \n * Google Chrome 13.0.782.38 \n * Google Chrome 13.0.782.39 \n * Google Chrome 13.0.782.4 \n * Google Chrome 13.0.782.40 \n * Google Chrome 13.0.782.41 \n * Google Chrome 13.0.782.42 \n * Google Chrome 13.0.782.43 \n * Google Chrome 13.0.782.44 \n * Google Chrome 13.0.782.45 \n * Google Chrome 13.0.782.46 \n * Google Chrome 13.0.782.47 \n * Google Chrome 13.0.782.48 \n * Google Chrome 13.0.782.49 \n * Google Chrome 13.0.782.50 \n * Google Chrome 13.0.782.51 \n * Google Chrome 13.0.782.52 \n * Google Chrome 13.0.782.53 \n * Google Chrome 13.0.782.55 \n * Google Chrome 13.0.782.56 \n * Google Chrome 13.0.782.6 \n * Google Chrome 13.0.782.7 \n * Google Chrome 13.0.782.81 \n * Google Chrome 13.0.782.82 \n * Google Chrome 13.0.782.83 \n * Google Chrome 13.0.782.84 \n * Google Chrome 13.0.782.85 \n * Google Chrome 13.0.782.86 \n * Google Chrome 13.0.782.87 \n * Google Chrome 13.0.782.88 \n * Google Chrome 13.0.782.89 \n * Google Chrome 13.0.782.90 \n * Google Chrome 13.0.782.91 \n * Google Chrome 13.0.782.92 \n * Google Chrome 13.0.782.93 \n * Google Chrome 13.0.782.94 \n * Google Chrome 13.0.782.95 \n * Google Chrome 13.0.782.96 \n * Google Chrome 13.0.782.97 \n * Google Chrome 13.0.782.98 \n * Google Chrome 13.0.782.99 \n * Google Chrome 14 \n * Google Chrome 14.0.783.0 \n * Google Chrome 14.0.784.0 \n * Google Chrome 14.0.785.0 \n * Google Chrome 14.0.786.0 \n * Google Chrome 14.0.787.0 \n * Google Chrome 14.0.788.0 \n * Google Chrome 14.0.789.0 \n * Google Chrome 14.0.790.0 \n * Google Chrome 14.0.791.0 \n * Google Chrome 14.0.792.0 \n * Google Chrome 14.0.793.0 \n * Google Chrome 14.0.794.0 \n * Google Chrome 14.0.795.0 \n * Google Chrome 14.0.796.0 \n * Google Chrome 14.0.797.0 \n * Google Chrome 14.0.798.0 \n * Google Chrome 14.0.799.0 \n * Google Chrome 14.0.800.0 \n * Google Chrome 14.0.801.0 \n * Google Chrome 14.0.802.0 \n * Google Chrome 14.0.803.0 \n * Google Chrome 14.0.804.0 \n * Google Chrome 14.0.805.0 \n * Google Chrome 14.0.806.0 \n * Google Chrome 14.0.807.0 \n * Google Chrome 14.0.808.0 \n * Google Chrome 14.0.809.0 \n * Google Chrome 14.0.810.0 \n * Google Chrome 14.0.811.0 \n * Google Chrome 14.0.812.0 \n * Google Chrome 14.0.813.0 \n * Google Chrome 14.0.814.0 \n * Google Chrome 14.0.815.0 \n * Google Chrome 14.0.816.0 \n * Google Chrome 14.0.818.0 \n * Google Chrome 14.0.819.0 \n * Google Chrome 14.0.820.0 \n * Google Chrome 14.0.821.0 \n * Google Chrome 14.0.822.0 \n * Google Chrome 14.0.823.0 \n * Google Chrome 14.0.824.0 \n * Google Chrome 14.0.825.0 \n * Google Chrome 14.0.826.0 \n * Google Chrome 14.0.827.0 \n * Google Chrome 14.0.827.10 \n * Google Chrome 14.0.827.12 \n * Google Chrome 14.0.829.1 \n * Google Chrome 14.0.830.0 \n * Google Chrome 14.0.831.0 \n * Google Chrome 14.0.832.0 \n * Google Chrome 14.0.833.0 \n * Google Chrome 14.0.834.0 \n * Google Chrome 14.0.835.0 \n * Google Chrome 14.0.835.1 \n * Google Chrome 14.0.835.100 \n * Google Chrome 14.0.835.101 \n * Google Chrome 14.0.835.102 \n * Google Chrome 14.0.835.103 \n * Google Chrome 14.0.835.104 \n * Google Chrome 14.0.835.105 \n * Google Chrome 14.0.835.106 \n * Google Chrome 14.0.835.107 \n * Google Chrome 14.0.835.108 \n * Google Chrome 14.0.835.109 \n * Google Chrome 14.0.835.11 \n * Google Chrome 14.0.835.110 \n * Google Chrome 14.0.835.111 \n * Google Chrome 14.0.835.112 \n * Google Chrome 14.0.835.113 \n * Google Chrome 14.0.835.114 \n * Google Chrome 14.0.835.115 \n * Google Chrome 14.0.835.116 \n * Google Chrome 14.0.835.117 \n * Google Chrome 14.0.835.118 \n * Google Chrome 14.0.835.119 \n * Google Chrome 14.0.835.120 \n * Google Chrome 14.0.835.121 \n * Google Chrome 14.0.835.122 \n * Google Chrome 14.0.835.123 \n * Google Chrome 14.0.835.124 \n * Google Chrome 14.0.835.125 \n * Google Chrome 14.0.835.126 \n * Google Chrome 14.0.835.127 \n * Google Chrome 14.0.835.128 \n * Google Chrome 14.0.835.13 \n * Google Chrome 14.0.835.14 \n * Google Chrome 14.0.835.149 \n * Google Chrome 14.0.835.15 \n * Google Chrome 14.0.835.150 \n * Google Chrome 14.0.835.151 \n * Google Chrome 14.0.835.152 \n * Google Chrome 14.0.835.153 \n * Google Chrome 14.0.835.154 \n * Google Chrome 14.0.835.155 \n * Google Chrome 14.0.835.156 \n * Google Chrome 14.0.835.157 \n * Google Chrome 14.0.835.158 \n * Google Chrome 14.0.835.159 \n * Google Chrome 14.0.835.16 \n * Google Chrome 14.0.835.160 \n * Google Chrome 14.0.835.161 \n * Google Chrome 14.0.835.162 \n * Google Chrome 14.0.835.163 \n * Google Chrome 14.0.835.18 \n * Google Chrome 14.0.835.184 \n * Google Chrome 14.0.835.186 \n * Google Chrome 14.0.835.187 \n * Google Chrome 14.0.835.2 \n * Google Chrome 14.0.835.20 \n * Google Chrome 14.0.835.202 \n * Google Chrome 14.0.835.203 \n * Google Chrome 14.0.835.204 \n * Google Chrome 14.0.835.21 \n * Google Chrome 14.0.835.22 \n * Google Chrome 14.0.835.23 \n * Google Chrome 14.0.835.24 \n * Google Chrome 14.0.835.25 \n * Google Chrome 14.0.835.26 \n * Google Chrome 14.0.835.27 \n * Google Chrome 14.0.835.28 \n * Google Chrome 14.0.835.29 \n * Google Chrome 14.0.835.30 \n * Google Chrome 14.0.835.31 \n * Google Chrome 14.0.835.32 \n * Google Chrome 14.0.835.33 \n * Google Chrome 14.0.835.34 \n * Google Chrome 14.0.835.35 \n * Google Chrome 14.0.835.4 \n * Google Chrome 14.0.835.8 \n * Google Chrome 14.0.835.86 \n * Google Chrome 14.0.835.87 \n * Google Chrome 14.0.835.88 \n * Google Chrome 14.0.835.89 \n * Google Chrome 14.0.835.9 \n * Google Chrome 14.0.835.90 \n * Google Chrome 14.0.835.91 \n * Google Chrome 14.0.835.92 \n * Google Chrome 14.0.835.93 \n * Google Chrome 14.0.835.94 \n * Google Chrome 14.0.835.95 \n * Google Chrome 14.0.835.96 \n * Google Chrome 14.0.835.97 \n * Google Chrome 14.0.835.98 \n * Google Chrome 14.0.835.99 \n * Google Chrome 14.0.836.0 \n * Google Chrome 14.0.837.0 \n * Google Chrome 14.0.838.0 \n * Google Chrome 14.0.839.0 \n * Google Chrome 15 \n * Google Chrome 15.0.859.0 \n * Google Chrome 15.0.860.0 \n * Google Chrome 15.0.861.0 \n * Google Chrome 15.0.862.0 \n * Google Chrome 15.0.862.1 \n * Google Chrome 15.0.863.0 \n * Google Chrome 15.0.864.0 \n * Google Chrome 15.0.865.0 \n * Google Chrome 15.0.866.0 \n * Google Chrome 15.0.867.0 \n * Google Chrome 15.0.868.0 \n * Google Chrome 15.0.868.1 \n * Google Chrome 15.0.869.0 \n * Google Chrome 15.0.870.0 \n * Google Chrome 15.0.871.0 \n * Google Chrome 15.0.871.1 \n * Google Chrome 15.0.872.0 \n * Google Chrome 15.0.873.0 \n * Google Chrome 15.0.874 102 \n * Google Chrome 15.0.874.0 \n * Google Chrome 15.0.874.1 \n * Google Chrome 15.0.874.10 \n * Google Chrome 15.0.874.101 \n * Google Chrome 15.0.874.102 \n * Google Chrome 15.0.874.103 \n * Google Chrome 15.0.874.104 \n * Google Chrome 15.0.874.106 \n * Google Chrome 15.0.874.11 \n * Google Chrome 15.0.874.116 \n * Google Chrome 15.0.874.117 \n * Google Chrome 15.0.874.119 \n * Google Chrome 15.0.874.12 \n * Google Chrome 15.0.874.120 \n * Google Chrome 15.0.874.121 \n * Google Chrome 15.0.874.13 \n * Google Chrome 15.0.874.14 \n * Google Chrome 15.0.874.15 \n * Google Chrome 15.0.874.16 \n * Google Chrome 15.0.874.17 \n * Google Chrome 15.0.874.18 \n * Google Chrome 15.0.874.19 \n * Google Chrome 15.0.874.2 \n * Google Chrome 15.0.874.20 \n * Google Chrome 15.0.874.21 \n * Google Chrome 15.0.874.22 \n * Google Chrome 15.0.874.23 \n * Google Chrome 15.0.874.24 \n * Google Chrome 15.0.874.3 \n * Google Chrome 15.0.874.4 \n * Google Chrome 15.0.874.44 \n * Google Chrome 15.0.874.45 \n * Google Chrome 15.0.874.46 \n * Google Chrome 15.0.874.47 \n * Google Chrome 15.0.874.48 \n * Google Chrome 15.0.874.49 \n * Google Chrome 15.0.874.5 \n * Google Chrome 15.0.874.6 \n * Google Chrome 15.0.874.7 \n * Google Chrome 15.0.874.8 \n * Google Chrome 15.0.874.9 \n * Google Chrome 16 \n * Google Chrome 16.0.877.0 \n * Google Chrome 16.0.878.0 \n * Google Chrome 16.0.879.0 \n * Google Chrome 16.0.880.0 \n * Google Chrome 16.0.881.0 \n * Google Chrome 16.0.882.0 \n * Google Chrome 16.0.883.0 \n * Google Chrome 16.0.884.0 \n * Google Chrome 16.0.885.0 \n * Google Chrome 16.0.886.0 \n * Google Chrome 16.0.886.1 \n * Google Chrome 16.0.887.0 \n * Google Chrome 16.0.888.0 \n * Google Chrome 16.0.889.0 \n * Google Chrome 16.0.889.2 \n * Google Chrome 16.0.889.3 \n * Google Chrome 16.0.890.0 \n * Google Chrome 16.0.890.1 \n * Google Chrome 16.0.891.0 \n * Google Chrome 16.0.891.1 \n * Google Chrome 16.0.892.0 \n * Google Chrome 16.0.893.0 \n * Google Chrome 16.0.893.1 \n * Google Chrome 16.0.894.0 \n * Google Chrome 16.0.895.0 \n * Google Chrome 16.0.896.0 \n * Google Chrome 16.0.897.0 \n * Google Chrome 16.0.898.0 \n * Google Chrome 16.0.899.0 \n * Google Chrome 16.0.900.0 \n * Google Chrome 16.0.901.0 \n * Google Chrome 16.0.902.0 \n * Google Chrome 16.0.903.0 \n * Google Chrome 16.0.904.0 \n * Google Chrome 16.0.905.0 \n * Google Chrome 16.0.906.0 \n * Google Chrome 16.0.906.1 \n * Google Chrome 16.0.907.0 \n * Google Chrome 16.0.908.0 \n * Google Chrome 16.0.909.0 \n * Google Chrome 16.0.910.0 \n * Google Chrome 16.0.911.0 \n * Google Chrome 16.0.911.1 \n * Google Chrome 16.0.911.2 \n * Google Chrome 16.0.912.0 \n * Google Chrome 16.0.912.1 \n * Google Chrome 16.0.912.10 \n * Google Chrome 16.0.912.11 \n * Google Chrome 16.0.912.12 \n * Google Chrome 16.0.912.13 \n * Google Chrome 16.0.912.14 \n * Google Chrome 16.0.912.15 \n * Google Chrome 16.0.912.19 \n * Google Chrome 16.0.912.2 \n * Google Chrome 16.0.912.20 \n * Google Chrome 16.0.912.21 \n * Google Chrome 16.0.912.22 \n * Google Chrome 16.0.912.23 \n * Google Chrome 16.0.912.24 \n * Google Chrome 16.0.912.25 \n * Google Chrome 16.0.912.26 \n * Google Chrome 16.0.912.27 \n * Google Chrome 16.0.912.28 \n * Google Chrome 16.0.912.29 \n * Google Chrome 16.0.912.3 \n * Google Chrome 16.0.912.30 \n * Google Chrome 16.0.912.31 \n * Google Chrome 16.0.912.32 \n * Google Chrome 16.0.912.33 \n * Google Chrome 16.0.912.34 \n * Google Chrome 16.0.912.35 \n * Google Chrome 16.0.912.36 \n * Google Chrome 16.0.912.37 \n * Google Chrome 16.0.912.38 \n * Google Chrome 16.0.912.39 \n * Google Chrome 16.0.912.4 \n * Google Chrome 16.0.912.40 \n * Google Chrome 16.0.912.41 \n * Google Chrome 16.0.912.42 \n * Google Chrome 16.0.912.43 \n * Google Chrome 16.0.912.5 \n * Google Chrome 16.0.912.6 \n * Google Chrome 16.0.912.62 \n * Google Chrome 16.0.912.63 \n * Google Chrome 16.0.912.66 \n * Google Chrome 16.0.912.7 \n * Google Chrome 16.0.912.74 \n * Google Chrome 16.0.912.75 \n * Google Chrome 16.0.912.76 \n * Google Chrome 16.0.912.77 \n * Google Chrome 16.0.912.8 \n * Google Chrome 16.0.912.9 \n * Google Chrome 17 \n * Google Chrome 17.0.921.3 \n * Google Chrome 17.0.922.0 \n * Google Chrome 17.0.923.0 \n * Google Chrome 17.0.923.1 \n * Google Chrome 17.0.924.0 \n * Google Chrome 17.0.925.0 \n * Google Chrome 17.0.926.0 \n * Google Chrome 17.0.927.0 \n * Google Chrome 17.0.928.0 \n * Google Chrome 17.0.928.1 \n * Google Chrome 17.0.928.2 \n * Google Chrome 17.0.928.3 \n * Google Chrome 17.0.929.0 \n * Google Chrome 17.0.930.0 \n * Google Chrome 17.0.931.0 \n * Google Chrome 17.0.932.0 \n * Google Chrome 17.0.933.0 \n * Google Chrome 17.0.933.1 \n * Google Chrome 17.0.934.0 \n * Google Chrome 17.0.935.0 \n * Google Chrome 17.0.935.1 \n * Google Chrome 17.0.936.0 \n * Google Chrome 17.0.936.1 \n * Google Chrome 17.0.937.0 \n * Google Chrome 17.0.938.0 \n * Google Chrome 17.0.939.0 \n * Google Chrome 17.0.939.1 \n * Google Chrome 17.0.940.0 \n * Google Chrome 17.0.941.0 \n * Google Chrome 17.0.942.0 \n * Google Chrome 17.0.943.0 \n * Google Chrome 17.0.944.0 \n * Google Chrome 17.0.945.0 \n * Google Chrome 17.0.946.0 \n * Google Chrome 17.0.947.0 \n * Google Chrome 17.0.948.0 \n * Google Chrome 17.0.949.0 \n * Google Chrome 17.0.950.0 \n * Google Chrome 17.0.951.0 \n * Google Chrome 17.0.952.0 \n * Google Chrome 17.0.953.0 \n * Google Chrome 17.0.954.0 \n * Google Chrome 17.0.954.1 \n * Google Chrome 17.0.954.2 \n * Google Chrome 17.0.954.3 \n * Google Chrome 17.0.955.0 \n * Google Chrome 17.0.956.0 \n * Google Chrome 17.0.957.0 \n * Google Chrome 17.0.958.0 \n * Google Chrome 17.0.958.1 \n * Google Chrome 17.0.959.0 \n * Google Chrome 17.0.960.0 \n * Google Chrome 17.0.961.0 \n * Google Chrome 17.0.962.0 \n * Google Chrome 17.0.963.0 \n * Google Chrome 17.0.963.1 \n * Google Chrome 17.0.963.10 \n * Google Chrome 17.0.963.11 \n * Google Chrome 17.0.963.12 \n * Google Chrome 17.0.963.13 \n * Google Chrome 17.0.963.14 \n * Google Chrome 17.0.963.15 \n * Google Chrome 17.0.963.16 \n * Google Chrome 17.0.963.17 \n * Google Chrome 17.0.963.18 \n * Google Chrome 17.0.963.19 \n * Google Chrome 17.0.963.2 \n * Google Chrome 17.0.963.20 \n * Google Chrome 17.0.963.21 \n * Google Chrome 17.0.963.22 \n * Google Chrome 17.0.963.23 \n * Google Chrome 17.0.963.24 \n * Google Chrome 17.0.963.25 \n * Google Chrome 17.0.963.26 \n * Google Chrome 17.0.963.27 \n * Google Chrome 17.0.963.28 \n * Google Chrome 17.0.963.29 \n * Google Chrome 17.0.963.3 \n * Google Chrome 17.0.963.30 \n * Google Chrome 17.0.963.31 \n * Google Chrome 17.0.963.32 \n * Google Chrome 17.0.963.33 \n * Google Chrome 17.0.963.34 \n * Google Chrome 17.0.963.35 \n * Google Chrome 17.0.963.36 \n * Google Chrome 17.0.963.37 \n * Google Chrome 17.0.963.38 \n * Google Chrome 17.0.963.39 \n * Google Chrome 17.0.963.4 \n * Google Chrome 17.0.963.40 \n * Google Chrome 17.0.963.41 \n * Google Chrome 17.0.963.42 \n * Google Chrome 17.0.963.43 \n * Google Chrome 17.0.963.44 \n * Google Chrome 17.0.963.45 \n * Google Chrome 17.0.963.46 \n * Google Chrome 17.0.963.47 \n * Google Chrome 17.0.963.48 \n * Google Chrome 17.0.963.49 \n * Google Chrome 17.0.963.5 \n * Google Chrome 17.0.963.50 \n * Google Chrome 17.0.963.51 \n * Google Chrome 17.0.963.52 \n * Google Chrome 17.0.963.53 \n * Google Chrome 17.0.963.54 \n * Google Chrome 17.0.963.55 \n * Google Chrome 17.0.963.56 \n * Google Chrome 17.0.963.57 \n * Google Chrome 17.0.963.59 \n * Google Chrome 17.0.963.6 \n * Google Chrome 17.0.963.60 \n * Google Chrome 17.0.963.61 \n * Google Chrome 17.0.963.62 \n * Google Chrome 17.0.963.63 \n * Google Chrome 17.0.963.64 \n * Google Chrome 17.0.963.65 \n * Google Chrome 17.0.963.66 \n * Google Chrome 17.0.963.67 \n * Google Chrome 17.0.963.69 \n * Google Chrome 17.0.963.7 \n * Google Chrome 17.0.963.70 \n * Google Chrome 17.0.963.74 \n * Google Chrome 17.0.963.75 \n * Google Chrome 17.0.963.76 \n * Google Chrome 17.0.963.77 \n * Google Chrome 17.0.963.78 \n * Google Chrome 17.0.963.79 \n * Google Chrome 17.0.963.8 \n * Google Chrome 17.0.963.80 \n * Google Chrome 17.0.963.81 \n * Google Chrome 17.0.963.82 \n * Google Chrome 17.0.963.83 \n * Google Chrome 17.0.963.84 \n * Google Chrome 17.0.963.9 \n * Google Chrome 18 \n * Google Chrome 18.0.1000.0 \n * Google Chrome 18.0.1001.0 \n * Google Chrome 18.0.1001.1 \n * Google Chrome 18.0.1002.0 \n * Google Chrome 18.0.1003.0 \n * Google Chrome 18.0.1003.1 \n * Google Chrome 18.0.1004.0 \n * Google Chrome 18.0.1005.0 \n * Google Chrome 18.0.1006.0 \n * Google Chrome 18.0.1007.0 \n * Google Chrome 18.0.1008.0 \n * Google Chrome 18.0.1009.0 \n * Google Chrome 18.0.1010.0 \n * Google Chrome 18.0.1010.1 \n * Google Chrome 18.0.1010.2 \n * Google Chrome 18.0.1011.1 \n * Google Chrome 18.0.1012.0 \n * Google Chrome 18.0.1012.1 \n * Google Chrome 18.0.1012.2 \n * Google Chrome 18.0.1013.0 \n * Google Chrome 18.0.1014.0 \n * Google Chrome 18.0.1015.0 \n * Google Chrome 18.0.1016.0 \n * Google Chrome 18.0.1017.0 \n * Google Chrome 18.0.1017.1 \n * Google Chrome 18.0.1017.2 \n * Google Chrome 18.0.1017.3 \n * Google Chrome 18.0.1018.0 \n * Google Chrome 18.0.1019.0 \n * Google Chrome 18.0.1019.1 \n * Google Chrome 18.0.1020.0 \n * Google Chrome 18.0.1021.0 \n * Google Chrome 18.0.1022.0 \n * Google Chrome 18.0.1023.0 \n * Google Chrome 18.0.1024.0 \n * Google Chrome 18.0.1025.0 \n * Google Chrome 18.0.1025.1 \n * Google Chrome 18.0.1025.10 \n * Google Chrome 18.0.1025.100 \n * Google Chrome 18.0.1025.102 \n * Google Chrome 18.0.1025.107 \n * Google Chrome 18.0.1025.108 \n * Google Chrome 18.0.1025.109 \n * Google Chrome 18.0.1025.110 \n * Google Chrome 18.0.1025.111 \n * Google Chrome 18.0.1025.112 \n * Google Chrome 18.0.1025.113 \n * Google Chrome 18.0.1025.114 \n * Google Chrome 18.0.1025.116 \n * Google Chrome 18.0.1025.117 \n * Google Chrome 18.0.1025.118 \n * Google Chrome 18.0.1025.120 \n * Google Chrome 18.0.1025.129 \n * Google Chrome 18.0.1025.130 \n * Google Chrome 18.0.1025.131 \n * Google Chrome 18.0.1025.132 \n * Google Chrome 18.0.1025.133 \n * Google Chrome 18.0.1025.134 \n * Google Chrome 18.0.1025.135 \n * Google Chrome 18.0.1025.136 \n * Google Chrome 18.0.1025.137 \n * Google Chrome 18.0.1025.139 \n * Google Chrome 18.0.1025.140 \n * Google Chrome 18.0.1025.142 \n * Google Chrome 18.0.1025.145 \n * Google Chrome 18.0.1025.146 \n * Google Chrome 18.0.1025.147 \n * Google Chrome 18.0.1025.148 \n * Google Chrome 18.0.1025.149 \n * Google Chrome 18.0.1025.150 \n * Google Chrome 18.0.1025.151 \n * Google Chrome 18.0.1025.162 \n * Google Chrome 18.0.1025.168 \n * Google Chrome 18.0.1025.2 \n * Google Chrome 18.0.1025.29 \n * Google Chrome 18.0.1025.3 \n * Google Chrome 18.0.1025.30 \n * Google Chrome 18.0.1025.31 \n * Google Chrome 18.0.1025.32 \n * Google Chrome 18.0.1025.33 \n * Google Chrome 18.0.1025.35 \n * Google Chrome 18.0.1025.36 \n * Google Chrome 18.0.1025.37 \n * Google Chrome 18.0.1025.38 \n * Google Chrome 18.0.1025.39 \n * Google Chrome 18.0.1025.4 \n * Google Chrome 18.0.1025.40 \n * Google Chrome 18.0.1025.41 \n * Google Chrome 18.0.1025.42 \n * Google Chrome 18.0.1025.43 \n * Google Chrome 18.0.1025.44 \n * Google Chrome 18.0.1025.45 \n * Google Chrome 18.0.1025.46 \n * Google Chrome 18.0.1025.47 \n * Google Chrome 18.0.1025.48 \n * Google Chrome 18.0.1025.49 \n * Google Chrome 18.0.1025.5 \n * Google Chrome 18.0.1025.50 \n * Google Chrome 18.0.1025.51 \n * Google Chrome 18.0.1025.52 \n * Google Chrome 18.0.1025.54 \n * Google Chrome 18.0.1025.55 \n * Google Chrome 18.0.1025.56 \n * Google Chrome 18.0.1025.57 \n * Google Chrome 18.0.1025.58 \n * Google Chrome 18.0.1025.6 \n * Google Chrome 18.0.1025.60 \n * Google Chrome 18.0.1025.7 \n * Google Chrome 18.0.1025.73 \n * Google Chrome 18.0.1025.74 \n * Google Chrome 18.0.1025.8 \n * Google Chrome 18.0.1025.9 \n * Google Chrome 18.0.1025.95 \n * Google Chrome 18.0.1025.96 \n * Google Chrome 18.0.1025.97 \n * Google Chrome 18.0.1025.98 \n * Google Chrome 18.0.1025.99 \n * Google Chrome 19 \n * Google Chrome 19.0.1028.0 \n * Google Chrome 19.0.1029.0 \n * Google Chrome 19.0.1030.0 \n * Google Chrome 19.0.1031.0 \n * Google Chrome 19.0.1032.0 \n * Google Chrome 19.0.1033.0 \n * Google Chrome 19.0.1034.0 \n * Google Chrome 19.0.1035.0 \n * Google Chrome 19.0.1036.0 \n * Google Chrome 19.0.1036.2 \n * Google Chrome 19.0.1036.3 \n * Google Chrome 19.0.1036.4 \n * Google Chrome 19.0.1036.6 \n * Google Chrome 19.0.1036.7 \n * Google Chrome 19.0.1037.0 \n * Google Chrome 19.0.1038.0 \n * Google Chrome 19.0.1039.0 \n * Google Chrome 19.0.1040.0 \n * Google Chrome 19.0.1041.0 \n * Google Chrome 19.0.1042.0 \n * Google Chrome 19.0.1043.0 \n * Google Chrome 19.0.1044.0 \n * Google Chrome 19.0.1045.0 \n * Google Chrome 19.0.1046.0 \n * Google Chrome 19.0.1047.0 \n * Google Chrome 19.0.1048.0 \n * Google Chrome 19.0.1049.0 \n * Google Chrome 19.0.1049.1 \n * Google Chrome 19.0.1049.2 \n * Google Chrome 19.0.1049.3 \n * Google Chrome 19.0.1050.0 \n * Google Chrome 19.0.1051.0 \n * Google Chrome 19.0.1052.0 \n * Google Chrome 19.0.1053.0 \n * Google Chrome 19.0.1054.0 \n * Google Chrome 19.0.1055.0 \n * Google Chrome 19.0.1055.1 \n * Google Chrome 19.0.1055.2 \n * Google Chrome 19.0.1055.3 \n * Google Chrome 19.0.1056.0 \n * Google Chrome 19.0.1056.1 \n * Google Chrome 19.0.1057.0 \n * Google Chrome 19.0.1057.1 \n * Google Chrome 19.0.1057.3 \n * Google Chrome 19.0.1058.0 \n * Google Chrome 19.0.1058.1 \n * Google Chrome 19.0.1059.0 \n * Google Chrome 19.0.1060.0 \n * Google Chrome 19.0.1060.1 \n * Google Chrome 19.0.1061.0 \n * Google Chrome 19.0.1061.1 \n * Google Chrome 19.0.1062.0 \n * Google Chrome 19.0.1062.1 \n * Google Chrome 19.0.1063.0 \n * Google Chrome 19.0.1063.1 \n * Google Chrome 19.0.1064.0 \n * Google Chrome 19.0.1065.0 \n * Google Chrome 19.0.1066.0 \n * Google Chrome 19.0.1067.0 \n * Google Chrome 19.0.1068.0 \n * Google Chrome 19.0.1068.1 \n * Google Chrome 19.0.1069.0 \n * Google Chrome 19.0.1070.0 \n * Google Chrome 19.0.1071.0 \n * Google Chrome 19.0.1072.0 \n * Google Chrome 19.0.1073.0 \n * Google Chrome 19.0.1074.0 \n * Google Chrome 19.0.1075.0 \n * Google Chrome 19.0.1076.0 \n * Google Chrome 19.0.1076.1 \n * Google Chrome 19.0.1077.0 \n * Google Chrome 19.0.1077.1 \n * Google Chrome 19.0.1077.2 \n * Google Chrome 19.0.1077.3 \n * Google Chrome 19.0.1078.0 \n * Google Chrome 19.0.1079.0 \n * Google Chrome 19.0.1080.0 \n * Google Chrome 19.0.1081.0 \n * Google Chrome 19.0.1081.2 \n * Google Chrome 19.0.1082.0 \n * Google Chrome 19.0.1082.1 \n * Google Chrome 19.0.1083.0 \n * Google Chrome 19.0.1084.0 \n * Google Chrome 19.0.1084.1 \n * Google Chrome 19.0.1084.10 \n * Google Chrome 19.0.1084.11 \n * Google Chrome 19.0.1084.12 \n * Google Chrome 19.0.1084.13 \n * Google Chrome 19.0.1084.14 \n * Google Chrome 19.0.1084.15 \n * Google Chrome 19.0.1084.16 \n * Google Chrome 19.0.1084.17 \n * Google Chrome 19.0.1084.18 \n * Google Chrome 19.0.1084.19 \n * Google Chrome 19.0.1084.2 \n * Google Chrome 19.0.1084.20 \n * Google Chrome 19.0.1084.21 \n * Google Chrome 19.0.1084.22 \n * Google Chrome 19.0.1084.23 \n * Google Chrome 19.0.1084.24 \n * Google Chrome 19.0.1084.25 \n * Google Chrome 19.0.1084.26 \n * Google Chrome 19.0.1084.27 \n * Google Chrome 19.0.1084.28 \n * Google Chrome 19.0.1084.29 \n * Google Chrome 19.0.1084.3 \n * Google Chrome 19.0.1084.30 \n * Google Chrome 19.0.1084.31 \n * Google Chrome 19.0.1084.32 \n * Google Chrome 19.0.1084.33 \n * Google Chrome 19.0.1084.35 \n * Google Chrome 19.0.1084.36 \n * Google Chrome 19.0.1084.37 \n * Google Chrome 19.0.1084.38 \n * Google Chrome 19.0.1084.39 \n * Google Chrome 19.0.1084.4 \n * Google Chrome 19.0.1084.40 \n * Google Chrome 19.0.1084.41 \n * Google Chrome 19.0.1084.42 \n * Google Chrome 19.0.1084.43 \n * Google Chrome 19.0.1084.44 \n * Google Chrome 19.0.1084.45 \n * Google Chrome 19.0.1084.46 \n * Google Chrome 19.0.1084.47 \n * Google Chrome 19.0.1084.48 \n * Google Chrome 19.0.1084.5 \n * Google Chrome 19.0.1084.50 \n * Google Chrome 19.0.1084.51 \n * Google Chrome 19.0.1084.52 \n * Google Chrome 19.0.1084.6 \n * Google Chrome 19.0.1084.7 \n * Google Chrome 19.0.1084.8 \n * Google Chrome 19.0.1084.9 \n * Google Chrome 19.0.1085.0 \n * Google Chrome 2.0.156.1 \n * Google Chrome 2.0.157.0 \n * Google Chrome 2.0.157.2 \n * Google Chrome 2.0.158.0 \n * Google Chrome 2.0.159.0 \n * Google Chrome 2.0.169.0 \n * Google Chrome 2.0.169.1 \n * Google Chrome 2.0.170.0 \n * Google Chrome 2.0.172 \n * Google Chrome 2.0.172.2 \n * Google Chrome 2.0.172.27 \n * Google Chrome 2.0.172.28 \n * Google Chrome 2.0.172.30 \n * Google Chrome 2.0.172.31 \n * Google Chrome 2.0.172.33 \n * Google Chrome 2.0.172.37 \n * Google Chrome 2.0.172.38 \n * Google Chrome 2.0.172.43 \n * Google Chrome 2.0.172.8 \n * Google Chrome 20 \n * Google Chrome 20.0.1132.0 \n * Google Chrome 20.0.1132.1 \n * Google Chrome 20.0.1132.10 \n * Google Chrome 20.0.1132.11 \n * Google Chrome 20.0.1132.12 \n * Google Chrome 20.0.1132.13 \n * Google Chrome 20.0.1132.14 \n * Google Chrome 20.0.1132.15 \n * Google Chrome 20.0.1132.16 \n * Google Chrome 20.0.1132.17 \n * Google Chrome 20.0.1132.18 \n * Google Chrome 20.0.1132.19 \n * Google Chrome 20.0.1132.2 \n * Google Chrome 20.0.1132.20 \n * Google Chrome 20.0.1132.21 \n * Google Chrome 20.0.1132.22 \n * Google Chrome 20.0.1132.23 \n * Google Chrome 20.0.1132.24 \n * Google Chrome 20.0.1132.25 \n * Google Chrome 20.0.1132.26 \n * Google Chrome 20.0.1132.27 \n * Google Chrome 20.0.1132.28 \n * Google Chrome 20.0.1132.29 \n * Google Chrome 20.0.1132.3 \n * Google Chrome 20.0.1132.30 \n * Google Chrome 20.0.1132.31 \n * Google Chrome 20.0.1132.32 \n * Google Chrome 20.0.1132.33 \n * Google Chrome 20.0.1132.34 \n * Google Chrome 20.0.1132.35 \n * Google Chrome 20.0.1132.36 \n * Google Chrome 20.0.1132.37 \n * Google Chrome 20.0.1132.38 \n * Google Chrome 20.0.1132.39 \n * Google Chrome 20.0.1132.4 \n * Google Chrome 20.0.1132.40 \n * Google Chrome 20.0.1132.41 \n * Google Chrome 20.0.1132.42 \n * Google Chrome 20.0.1132.43 \n * Google Chrome 20.0.1132.45 \n * Google Chrome 20.0.1132.46 \n * Google Chrome 20.0.1132.47 \n * Google Chrome 20.0.1132.5 \n * Google Chrome 20.0.1132.54 \n * Google Chrome 20.0.1132.55 \n * Google Chrome 20.0.1132.56 \n * Google Chrome 20.0.1132.57 \n * Google Chrome 20.0.1132.6 \n * Google Chrome 20.0.1132.7 \n * Google Chrome 20.0.1132.8 \n * Google Chrome 20.0.1132.9 \n * Google Chrome 21 \n * Google Chrome 21.0.1180.0 \n * Google Chrome 21.0.1180.1 \n * Google Chrome 21.0.1180.2 \n * Google Chrome 21.0.1180.31 \n * Google Chrome 21.0.1180.32 \n * Google Chrome 21.0.1180.33 \n * Google Chrome 21.0.1180.34 \n * Google Chrome 21.0.1180.35 \n * Google Chrome 21.0.1180.36 \n * Google Chrome 21.0.1180.37 \n * Google Chrome 21.0.1180.38 \n * Google Chrome 21.0.1180.39 \n * Google Chrome 21.0.1180.41 \n * Google Chrome 21.0.1180.46 \n * Google Chrome 21.0.1180.47 \n * Google Chrome 21.0.1180.48 \n * Google Chrome 21.0.1180.49 \n * Google Chrome 21.0.1180.50 \n * Google Chrome 21.0.1180.51 \n * Google Chrome 21.0.1180.52 \n * Google Chrome 21.0.1180.53 \n * Google Chrome 21.0.1180.54 \n * Google Chrome 21.0.1180.55 \n * Google Chrome 21.0.1180.56 \n * Google Chrome 21.0.1180.57 \n * Google Chrome 21.0.1180.59 \n * Google Chrome 21.0.1180.60 \n * Google Chrome 21.0.1180.61 \n * Google Chrome 21.0.1180.62 \n * Google Chrome 21.0.1180.63 \n * Google Chrome 21.0.1180.64 \n * Google Chrome 21.0.1180.68 \n * Google Chrome 21.0.1180.69 \n * Google Chrome 21.0.1180.70 \n * Google Chrome 21.0.1180.71 \n * Google Chrome 21.0.1180.72 \n * Google Chrome 21.0.1180.73 \n * Google Chrome 21.0.1180.74 \n * Google Chrome 21.0.1180.75 \n * Google Chrome 21.0.1180.76 \n * Google Chrome 21.0.1180.77 \n * Google Chrome 21.0.1180.78 \n * Google Chrome 21.0.1180.79 \n * Google Chrome 21.0.1180.80 \n * Google Chrome 21.0.1180.81 \n * Google Chrome 21.0.1180.82 \n * Google Chrome 21.0.1180.83 \n * Google Chrome 21.0.1180.84 \n * Google Chrome 21.0.1180.85 \n * Google Chrome 21.0.1180.86 \n * Google Chrome 21.0.1180.87 \n * Google Chrome 21.0.1180.88 \n * Google Chrome 21.0.1180.89 \n * Google Chrome 22 \n * Google Chrome 22.0.1229.0 \n * Google Chrome 22.0.1229.1 \n * Google Chrome 22.0.1229.10 \n * Google Chrome 22.0.1229.11 \n * Google Chrome 22.0.1229.12 \n * Google Chrome 22.0.1229.14 \n * Google Chrome 22.0.1229.16 \n * Google Chrome 22.0.1229.17 \n * Google Chrome 22.0.1229.18 \n * Google Chrome 22.0.1229.2 \n * Google Chrome 22.0.1229.20 \n * Google Chrome 22.0.1229.21 \n * Google Chrome 22.0.1229.22 \n * Google Chrome 22.0.1229.23 \n * Google Chrome 22.0.1229.24 \n * Google Chrome 22.0.1229.25 \n * Google Chrome 22.0.1229.26 \n * Google Chrome 22.0.1229.27 \n * Google Chrome 22.0.1229.28 \n * Google Chrome 22.0.1229.29 \n * Google Chrome 22.0.1229.3 \n * Google Chrome 22.0.1229.31 \n * Google Chrome 22.0.1229.32 \n * Google Chrome 22.0.1229.33 \n * Google Chrome 22.0.1229.35 \n * Google Chrome 22.0.1229.36 \n * Google Chrome 22.0.1229.37 \n * Google Chrome 22.0.1229.39 \n * Google Chrome 22.0.1229.4 \n * Google Chrome 22.0.1229.48 \n * Google Chrome 22.0.1229.49 \n * Google Chrome 22.0.1229.50 \n * Google Chrome 22.0.1229.51 \n * Google Chrome 22.0.1229.52 \n * Google Chrome 22.0.1229.53 \n * Google Chrome 22.0.1229.54 \n * Google Chrome 22.0.1229.55 \n * Google Chrome 22.0.1229.56 \n * Google Chrome 22.0.1229.57 \n * Google Chrome 22.0.1229.58 \n * Google Chrome 22.0.1229.59 \n * Google Chrome 22.0.1229.6 \n * Google Chrome 22.0.1229.60 \n * Google Chrome 22.0.1229.62 \n * Google Chrome 22.0.1229.63 \n * Google Chrome 22.0.1229.64 \n * Google Chrome 22.0.1229.65 \n * Google Chrome 22.0.1229.67 \n * Google Chrome 22.0.1229.7 \n * Google Chrome 22.0.1229.76 \n * Google Chrome 22.0.1229.78 \n * Google Chrome 22.0.1229.79 \n * Google Chrome 22.0.1229.8 \n * Google Chrome 22.0.1229.89 \n * Google Chrome 22.0.1229.9 \n * Google Chrome 22.0.1229.91 \n * Google Chrome 22.0.1229.92 \n * Google Chrome 22.0.1229.94 \n * Google Chrome 22.0.1229.95 \n * Google Chrome 22.0.1229.96 \n * Google Chrome 23.0.1271.0 \n * Google Chrome 23.0.1271.1 \n * Google Chrome 23.0.1271.10 \n * Google Chrome 23.0.1271.11 \n * Google Chrome 23.0.1271.12 \n * Google Chrome 23.0.1271.13 \n * Google Chrome 23.0.1271.14 \n * Google Chrome 23.0.1271.15 \n * Google Chrome 23.0.1271.16 \n * Google Chrome 23.0.1271.17 \n * Google Chrome 23.0.1271.18 \n * Google Chrome 23.0.1271.19 \n * Google Chrome 23.0.1271.2 \n * Google Chrome 23.0.1271.20 \n * Google Chrome 23.0.1271.21 \n * Google Chrome 23.0.1271.22 \n * Google Chrome 23.0.1271.23 \n * Google Chrome 23.0.1271.24 \n * Google Chrome 23.0.1271.26 \n * Google Chrome 23.0.1271.3 \n * Google Chrome 23.0.1271.30 \n * Google Chrome 23.0.1271.31 \n * Google Chrome 23.0.1271.32 \n * Google Chrome 23.0.1271.33 \n * Google Chrome 23.0.1271.35 \n * Google Chrome 23.0.1271.36 \n * Google Chrome 23.0.1271.37 \n * Google Chrome 23.0.1271.38 \n * Google Chrome 23.0.1271.39 \n * Google Chrome 23.0.1271.4 \n * Google Chrome 23.0.1271.40 \n * Google Chrome 23.0.1271.41 \n * Google Chrome 23.0.1271.44 \n * Google Chrome 23.0.1271.45 \n * Google Chrome 23.0.1271.46 \n * Google Chrome 23.0.1271.49 \n * Google Chrome 23.0.1271.5 \n * Google Chrome 23.0.1271.50 \n * Google Chrome 23.0.1271.51 \n * Google Chrome 23.0.1271.52 \n * Google Chrome 23.0.1271.53 \n * Google Chrome 23.0.1271.54 \n * Google Chrome 23.0.1271.55 \n * Google Chrome 23.0.1271.56 \n * Google Chrome 23.0.1271.57 \n * Google Chrome 23.0.1271.58 \n * Google Chrome 23.0.1271.59 \n * Google Chrome 23.0.1271.6 \n * Google Chrome 23.0.1271.60 \n * Google Chrome 23.0.1271.61 \n * Google Chrome 23.0.1271.62 \n * Google Chrome 23.0.1271.64 \n * Google Chrome 23.0.1271.7 \n * Google Chrome 23.0.1271.8 \n * Google Chrome 23.0.1271.83 \n * Google Chrome 23.0.1271.84 \n * Google Chrome 23.0.1271.85 \n * Google Chrome 23.0.1271.86 \n * Google Chrome 23.0.1271.87 \n * Google Chrome 23.0.1271.88 \n * Google Chrome 23.0.1271.89 \n * Google Chrome 23.0.1271.9 \n * Google Chrome 23.0.1271.91 \n * Google Chrome 23.0.1271.95 \n * Google Chrome 23.0.1271.96 \n * Google Chrome 23.0.1271.97 \n * Google Chrome 24.0.1272.0 \n * Google Chrome 24.0.1272.1 \n * Google Chrome 24.0.1273.0 \n * Google Chrome 24.0.1274.0 \n * Google Chrome 24.0.1275.0 \n * Google Chrome 24.0.1276.0 \n * Google Chrome 24.0.1276.1 \n * Google Chrome 24.0.1277.0 \n * Google Chrome 24.0.1278.0 \n * Google Chrome 24.0.1279.0 \n * Google Chrome 24.0.1280.0 \n * Google Chrome 24.0.1281.0 \n * Google Chrome 24.0.1281.1 \n * Google Chrome 24.0.1281.2 \n * Google Chrome 24.0.1281.3 \n * Google Chrome 24.0.1282.0 \n * Google Chrome 24.0.1283.0 \n * Google Chrome 24.0.1284.0 \n * Google Chrome 24.0.1284.1 \n * Google Chrome 24.0.1284.2 \n * Google Chrome 24.0.1285.0 \n * Google Chrome 24.0.1285.1 \n * Google Chrome 24.0.1285.2 \n * Google Chrome 24.0.1286.0 \n * Google Chrome 24.0.1286.1 \n * Google Chrome 24.0.1287.0 \n * Google Chrome 24.0.1287.1 \n * Google Chrome 24.0.1288.0 \n * Google Chrome 24.0.1288.1 \n * Google Chrome 24.0.1289.0 \n * Google Chrome 24.0.1289.1 \n * Google Chrome 24.0.1290.0 \n * Google Chrome 24.0.1291.0 \n * Google Chrome 24.0.1292.0 \n * Google Chrome 24.0.1293.0 \n * Google Chrome 24.0.1294.0 \n * Google Chrome 24.0.1295.0 \n * Google Chrome 24.0.1296.0 \n * Google Chrome 24.0.1297.0 \n * Google Chrome 24.0.1298.0 \n * Google Chrome 24.0.1299.0 \n * Google Chrome 24.0.1300.0 \n * Google Chrome 24.0.1301.0 \n * Google Chrome 24.0.1301.2 \n * Google Chrome 24.0.1302.0 \n * Google Chrome 24.0.1303.0 \n * Google Chrome 24.0.1304.0 \n * Google Chrome 24.0.1304.1 \n * Google Chrome 24.0.1305.0 \n * Google Chrome 24.0.1305.1 \n * Google Chrome 24.0.1305.2 \n * Google Chrome 24.0.1305.3 \n * Google Chrome 24.0.1305.4 \n * Google Chrome 24.0.1306.0 \n * Google Chrome 24.0.1306.1 \n * Google Chrome 24.0.1307.0 \n * Google Chrome 24.0.1307.1 \n * Google Chrome 24.0.1308.0 \n * Google Chrome 24.0.1309.0 \n * Google Chrome 24.0.1310.0 \n * Google Chrome 24.0.1311.0 \n * Google Chrome 24.0.1311.1 \n * Google Chrome 24.0.1312.0 \n * Google Chrome 24.0.1312.1 \n * Google Chrome 24.0.1312.10 \n * Google Chrome 24.0.1312.11 \n * Google Chrome 24.0.1312.12 \n * Google Chrome 24.0.1312.13 \n * Google Chrome 24.0.1312.14 \n * Google Chrome 24.0.1312.15 \n * Google Chrome 24.0.1312.16 \n * Google Chrome 24.0.1312.17 \n * Google Chrome 24.0.1312.18 \n * Google Chrome 24.0.1312.19 \n * Google Chrome 24.0.1312.20 \n * Google Chrome 24.0.1312.21 \n * Google Chrome 24.0.1312.22 \n * Google Chrome 24.0.1312.23 \n * Google Chrome 24.0.1312.24 \n * Google Chrome 24.0.1312.25 \n * Google Chrome 24.0.1312.26 \n * Google Chrome 24.0.1312.27 \n * Google Chrome 24.0.1312.28 \n * Google Chrome 24.0.1312.29 \n * Google Chrome 24.0.1312.30 \n * Google Chrome 24.0.1312.31 \n * Google Chrome 24.0.1312.32 \n * Google Chrome 24.0.1312.33 \n * Google Chrome 24.0.1312.34 \n * Google Chrome 24.0.1312.35 \n * Google Chrome 24.0.1312.36 \n * Google Chrome 24.0.1312.37 \n * Google Chrome 24.0.1312.38 \n * Google Chrome 24.0.1312.39 \n * Google Chrome 24.0.1312.4 \n * Google Chrome 24.0.1312.40 \n * Google Chrome 24.0.1312.41 \n * Google Chrome 24.0.1312.42 \n * Google Chrome 24.0.1312.43 \n * Google Chrome 24.0.1312.44 \n * Google Chrome 24.0.1312.45 \n * Google Chrome 24.0.1312.46 \n * Google Chrome 24.0.1312.47 \n * Google Chrome 24.0.1312.48 \n * Google Chrome 24.0.1312.49 \n * Google Chrome 24.0.1312.5 \n * Google Chrome 24.0.1312.50 \n * Google Chrome 24.0.1312.51 \n * Google Chrome 24.0.1312.52 \n * Google Chrome 24.0.1312.53 \n * Google Chrome 24.0.1312.54 \n * Google Chrome 24.0.1312.55 \n * Google Chrome 24.0.1312.56 \n * Google Chrome 24.0.1312.57 \n * Google Chrome 24.0.1312.6 \n * Google Chrome 24.0.1312.7 \n * Google Chrome 24.0.1312.70 \n * Google Chrome 24.0.1312.8 \n * Google Chrome 24.0.1312.9 \n * Google Chrome 25 \n * Google Chrome 25.0.1364.0 \n * Google Chrome 25.0.1364.1 \n * Google Chrome 25.0.1364.10 \n * Google Chrome 25.0.1364.108 \n * Google Chrome 25.0.1364.11 \n * Google Chrome 25.0.1364.110 \n * Google Chrome 25.0.1364.112 \n * Google Chrome 25.0.1364.113 \n * Google Chrome 25.0.1364.114 \n * Google Chrome 25.0.1364.115 \n * Google Chrome 25.0.1364.116 \n * Google Chrome 25.0.1364.117 \n * Google Chrome 25.0.1364.118 \n * Google Chrome 25.0.1364.119 \n * Google Chrome 25.0.1364.12 \n * Google Chrome 25.0.1364.120 \n * Google Chrome 25.0.1364.121 \n * Google Chrome 25.0.1364.122 \n * Google Chrome 25.0.1364.123 \n * Google Chrome 25.0.1364.124 \n * Google Chrome 25.0.1364.125 \n * Google Chrome 25.0.1364.126 \n * Google Chrome 25.0.1364.13 \n * Google Chrome 25.0.1364.14 \n * Google Chrome 25.0.1364.15 \n * Google Chrome 25.0.1364.152 \n * Google Chrome 25.0.1364.16 \n * Google Chrome 25.0.1364.160 \n * Google Chrome 25.0.1364.17 \n * Google Chrome 25.0.1364.172 \n * Google Chrome 25.0.1364.18 \n * Google Chrome 25.0.1364.19 \n * Google Chrome 25.0.1364.2 \n * Google Chrome 25.0.1364.20 \n * Google Chrome 25.0.1364.21 \n * Google Chrome 25.0.1364.22 \n * Google Chrome 25.0.1364.23 \n * Google Chrome 25.0.1364.24 \n * Google Chrome 25.0.1364.25 \n * Google Chrome 25.0.1364.26 \n * Google Chrome 25.0.1364.27 \n * Google Chrome 25.0.1364.28 \n * Google Chrome 25.0.1364.29 \n * Google Chrome 25.0.1364.3 \n * Google Chrome 25.0.1364.30 \n * Google Chrome 25.0.1364.31 \n * Google Chrome 25.0.1364.32 \n * Google Chrome 25.0.1364.33 \n * Google Chrome 25.0.1364.34 \n * Google Chrome 25.0.1364.35 \n * Google Chrome 25.0.1364.36 \n * Google Chrome 25.0.1364.37 \n * Google Chrome 25.0.1364.38 \n * Google Chrome 25.0.1364.39 \n * Google Chrome 25.0.1364.40 \n * Google Chrome 25.0.1364.41 \n * Google Chrome 25.0.1364.42 \n * Google Chrome 25.0.1364.43 \n * Google Chrome 25.0.1364.44 \n * Google Chrome 25.0.1364.45 \n * Google Chrome 25.0.1364.46 \n * Google Chrome 25.0.1364.47 \n * Google Chrome 25.0.1364.48 \n * Google Chrome 25.0.1364.49 \n * Google Chrome 25.0.1364.5 \n * Google Chrome 25.0.1364.50 \n * Google Chrome 25.0.1364.51 \n * Google Chrome 25.0.1364.52 \n * Google Chrome 25.0.1364.53 \n * Google Chrome 25.0.1364.54 \n * Google Chrome 25.0.1364.55 \n * Google Chrome 25.0.1364.56 \n * Google Chrome 25.0.1364.57 \n * Google Chrome 25.0.1364.58 \n * Google Chrome 25.0.1364.61 \n * Google Chrome 25.0.1364.62 \n * Google Chrome 25.0.1364.63 \n * Google Chrome 25.0.1364.65 \n * Google Chrome 25.0.1364.66 \n * Google Chrome 25.0.1364.67 \n * Google Chrome 25.0.1364.68 \n * Google Chrome 25.0.1364.7 \n * Google Chrome 25.0.1364.70 \n * Google Chrome 25.0.1364.72 \n * Google Chrome 25.0.1364.73 \n * Google Chrome 25.0.1364.74 \n * Google Chrome 25.0.1364.75 \n * Google Chrome 25.0.1364.76 \n * Google Chrome 25.0.1364.77 \n * Google Chrome 25.0.1364.78 \n * Google Chrome 25.0.1364.79 \n * Google Chrome 25.0.1364.8 \n * Google Chrome 25.0.1364.80 \n * Google Chrome 25.0.1364.81 \n * Google Chrome 25.0.1364.82 \n * Google Chrome 25.0.1364.84 \n * Google Chrome 25.0.1364.85 \n * Google Chrome 25.0.1364.86 \n * Google Chrome 25.0.1364.87 \n * Google Chrome 25.0.1364.88 \n * Google Chrome 25.0.1364.89 \n * Google Chrome 25.0.1364.9 \n * Google Chrome 25.0.1364.90 \n * Google Chrome 25.0.1364.91 \n * Google Chrome 25.0.1364.92 \n * Google Chrome 25.0.1364.93 \n * Google Chrome 25.0.1364.95 \n * Google Chrome 25.0.1364.97 \n * Google Chrome 25.0.1364.98 \n * Google Chrome 25.0.1364.99 \n * Google Chrome 26.0.1410.28 \n * Google Chrome 26.0.1410.43 \n * Google Chrome 26.0.1410.46 \n * Google Chrome 26.0.1410.53 \n * Google Chrome 26.0.1410.63 \n * Google Chrome 26.0.1410.64 \n * Google Chrome 27.0.1444.0 \n * Google Chrome 27.0.1444.3 \n * Google Chrome 27.0.1453.0 \n * Google Chrome 27.0.1453.1 \n * Google Chrome 27.0.1453.10 \n * Google Chrome 27.0.1453.102 \n * Google Chrome 27.0.1453.103 \n * Google Chrome 27.0.1453.104 \n * Google Chrome 27.0.1453.105 \n * Google Chrome 27.0.1453.106 \n * Google Chrome 27.0.1453.107 \n * Google Chrome 27.0.1453.108 \n * Google Chrome 27.0.1453.109 \n * Google Chrome 27.0.1453.11 \n * Google Chrome 27.0.1453.110 \n * Google Chrome 27.0.1453.111 \n * Google Chrome 27.0.1453.112 \n * Google Chrome 27.0.1453.113 \n * Google Chrome 27.0.1453.114 \n * Google Chrome 27.0.1453.115 \n * Google Chrome 27.0.1453.116 \n * Google Chrome 27.0.1453.12 \n * Google Chrome 27.0.1453.13 \n * Google Chrome 27.0.1453.15 \n * Google Chrome 27.0.1453.2 \n * Google Chrome 27.0.1453.3 \n * Google Chrome 27.0.1453.34 \n * Google Chrome 27.0.1453.35 \n * Google Chrome 27.0.1453.36 \n * Google Chrome 27.0.1453.37 \n * Google Chrome 27.0.1453.38 \n * Google Chrome 27.0.1453.39 \n * Google Chrome 27.0.1453.4 \n * Google Chrome 27.0.1453.40 \n * Google Chrome 27.0.1453.41 \n * Google Chrome 27.0.1453.42 \n * Google Chrome 27.0.1453.43 \n * Google Chrome 27.0.1453.44 \n * Google Chrome 27.0.1453.45 \n * Google Chrome 27.0.1453.46 \n * Google Chrome 27.0.1453.47 \n * Google Chrome 27.0.1453.49 \n * Google Chrome 27.0.1453.5 \n * Google Chrome 27.0.1453.50 \n * Google Chrome 27.0.1453.51 \n * Google Chrome 27.0.1453.52 \n * Google Chrome 27.0.1453.54 \n * Google Chrome 27.0.1453.55 \n * Google Chrome 27.0.1453.56 \n * Google Chrome 27.0.1453.57 \n * Google Chrome 27.0.1453.58 \n * Google Chrome 27.0.1453.59 \n * Google Chrome 27.0.1453.6 \n * Google Chrome 27.0.1453.60 \n * Google Chrome 27.0.1453.61 \n * Google Chrome 27.0.1453.62 \n * Google Chrome 27.0.1453.63 \n * Google Chrome 27.0.1453.64 \n * Google Chrome 27.0.1453.65 \n * Google Chrome 27.0.1453.66 \n * Google Chrome 27.0.1453.67 \n * Google Chrome 27.0.1453.68 \n * Google Chrome 27.0.1453.69 \n * Google Chrome 27.0.1453.7 \n * Google Chrome 27.0.1453.70 \n * Google Chrome 27.0.1453.71 \n * Google Chrome 27.0.1453.72 \n * Google Chrome 27.0.1453.73 \n * Google Chrome 27.0.1453.74 \n * Google Chrome 27.0.1453.75 \n * Google Chrome 27.0.1453.76 \n * Google Chrome 27.0.1453.77 \n * Google Chrome 27.0.1453.78 \n * Google Chrome 27.0.1453.79 \n * Google Chrome 27.0.1453.8 \n * Google Chrome 27.0.1453.80 \n * Google Chrome 27.0.1453.81 \n * Google Chrome 27.0.1453.82 \n * Google Chrome 27.0.1453.83 \n * Google Chrome 27.0.1453.84 \n * Google Chrome 27.0.1453.85 \n * Google Chrome 27.0.1453.86 \n * Google Chrome 27.0.1453.87 \n * Google Chrome 27.0.1453.88 \n * Google Chrome 27.0.1453.89 \n * Google Chrome 27.0.1453.9 \n * Google Chrome 27.0.1453.90 \n * Google Chrome 27.0.1453.91 \n * Google Chrome 27.0.1453.93 \n * Google Chrome 27.0.1453.94 \n * Google Chrome 28.0.1498.0 \n * Google Chrome 28.0.1500.0 \n * Google Chrome 28.0.1500.10 \n * Google Chrome 28.0.1500.11 \n * Google Chrome 28.0.1500.12 \n * Google Chrome 28.0.1500.13 \n * Google Chrome 28.0.1500.14 \n * Google Chrome 28.0.1500.15 \n * Google Chrome 28.0.1500.16 \n * Google Chrome 28.0.1500.17 \n * Google Chrome 28.0.1500.18 \n * Google Chrome 28.0.1500.19 \n * Google Chrome 28.0.1500.2 \n * Google Chrome 28.0.1500.20 \n * Google Chrome 28.0.1500.21 \n * Google Chrome 28.0.1500.22 \n * Google Chrome 28.0.1500.23 \n * Google Chrome 28.0.1500.24 \n * Google Chrome 28.0.1500.25 \n * Google Chrome 28.0.1500.26 \n * Google Chrome 28.0.1500.27 \n * Google Chrome 28.0.1500.28 \n * Google Chrome 28.0.1500.29 \n * Google Chrome 28.0.1500.3 \n * Google Chrome 28.0.1500.31 \n * Google Chrome 28.0.1500.32 \n * Google Chrome 28.0.1500.33 \n * Google Chrome 28.0.1500.34 \n * Google Chrome 28.0.1500.35 \n * Google Chrome 28.0.1500.36 \n * Google Chrome 28.0.1500.37 \n * Google Chrome 28.0.1500.38 \n * Google Chrome 28.0.1500.39 \n * Google Chrome 28.0.1500.4 \n * Google Chrome 28.0.1500.40 \n * Google Chrome 28.0.1500.41 \n * Google Chrome 28.0.1500.42 \n * Google Chrome 28.0.1500.43 \n * Google Chrome 28.0.1500.44 \n * Google Chrome 28.0.1500.45 \n * Google Chrome 28.0.1500.46 \n * Google Chrome 28.0.1500.47 \n * Google Chrome 28.0.1500.48 \n * Google Chrome 28.0.1500.49 \n * Google Chrome 28.0.1500.5 \n * Google Chrome 28.0.1500.50 \n * Google Chrome 28.0.1500.51 \n * Google Chrome 28.0.1500.52 \n * Google Chrome 28.0.1500.53 \n * Google Chrome 28.0.1500.54 \n * Google Chrome 28.0.1500.56 \n * Google Chrome 28.0.1500.58 \n * Google Chrome 28.0.1500.59 \n * Google Chrome 28.0.1500.6 \n * Google Chrome 28.0.1500.60 \n * Google Chrome 28.0.1500.61 \n * Google Chrome 28.0.1500.62 \n * Google Chrome 28.0.1500.63 \n * Google Chrome 28.0.1500.64 \n * Google Chrome 28.0.1500.66 \n * Google Chrome 28.0.1500.68 \n * Google Chrome 28.0.1500.70 \n * Google Chrome 28.0.1500.71 \n * Google Chrome 28.0.1500.72 \n * Google Chrome 28.0.1500.8 \n * Google Chrome 28.0.1500.89 \n * Google Chrome 28.0.1500.9 \n * Google Chrome 28.0.1500.91 \n * Google Chrome 28.0.1500.93 \n * Google Chrome 28.0.1500.94 \n * Google Chrome 28.0.1500.95 \n * Google Chrome 29.0.1547.0 \n * Google Chrome 29.0.1547.10 \n * Google Chrome 29.0.1547.12 \n * Google Chrome 29.0.1547.14 \n * Google Chrome 29.0.1547.16 \n * Google Chrome 29.0.1547.18 \n * Google Chrome 29.0.1547.2 \n * Google Chrome 29.0.1547.21 \n * Google Chrome 29.0.1547.23 \n * Google Chrome 29.0.1547.28 \n * Google Chrome 29.0.1547.3 \n * Google Chrome 29.0.1547.31 \n * Google Chrome 29.0.1547.33 \n * Google Chrome 29.0.1547.35 \n * Google Chrome 29.0.1547.37 \n * Google Chrome 29.0.1547.39 \n * Google Chrome 29.0.1547.40 \n * Google Chrome 29.0.1547.42 \n * Google Chrome 29.0.1547.46 \n * Google Chrome 29.0.1547.48 \n * Google Chrome 29.0.1547.5 \n * Google Chrome 29.0.1547.51 \n * Google Chrome 29.0.1547.53 \n * Google Chrome 29.0.1547.55 \n * Google Chrome 29.0.1547.57 \n * Google Chrome 29.0.1547.7 \n * Google Chrome 29.0.1547.76 \n * Google Chrome 29.0.1547.9 \n * Google Chrome 3 \n * Google Chrome 3.0 Beta \n * Google Chrome 3.0.182.2 \n * Google Chrome 3.0.190.2 \n * Google Chrome 3.0.193.2 Beta \n * Google Chrome 3.0.195.2 \n * Google Chrome 3.0.195.21 \n * Google Chrome 3.0.195.24 \n * Google Chrome 3.0.195.25 \n * Google Chrome 3.0.195.27 \n * Google Chrome 3.0.195.32 \n * Google Chrome 3.0.195.33 \n * Google Chrome 3.0.195.36 \n * Google Chrome 3.0.195.37 \n * Google Chrome 3.0.195.38 \n * Google Chrome 30.0.1599.0 \n * Google Chrome 30.0.1599.10 \n * Google Chrome 30.0.1599.100 \n * Google Chrome 30.0.1599.101 \n * Google Chrome 30.0.1599.12 \n * Google Chrome 30.0.1599.14 \n * Google Chrome 30.0.1599.16 \n * Google Chrome 30.0.1599.18 \n * Google Chrome 30.0.1599.2 \n * Google Chrome 30.0.1599.21 \n * Google Chrome 30.0.1599.23 \n * Google Chrome 30.0.1599.25 \n * Google Chrome 30.0.1599.27 \n * Google Chrome 30.0.1599.29 \n * Google Chrome 30.0.1599.31 \n * Google Chrome 30.0.1599.33 \n * Google Chrome 30.0.1599.35 \n * Google Chrome 30.0.1599.37 \n * Google Chrome 30.0.1599.39 \n * Google Chrome 30.0.1599.40 \n * Google Chrome 30.0.1599.42 \n * Google Chrome 30.0.1599.44 \n * Google Chrome 30.0.1599.48 \n * Google Chrome 30.0.1599.5 \n * Google Chrome 30.0.1599.51 \n * Google Chrome 30.0.1599.53 \n * Google Chrome 30.0.1599.57 \n * Google Chrome 30.0.1599.59 \n * Google Chrome 30.0.1599.60 \n * Google Chrome 30.0.1599.64 \n * Google Chrome 30.0.1599.66 \n * Google Chrome 30.0.1599.67 \n * Google Chrome 30.0.1599.68 \n * Google Chrome 30.0.1599.69 \n * Google Chrome 30.0.1599.7 \n * Google Chrome 30.0.1599.79 \n * Google Chrome 30.0.1599.80 \n * Google Chrome 30.0.1599.81 \n * Google Chrome 30.0.1599.82 \n * Google Chrome 30.0.1599.84 \n * Google Chrome 30.0.1599.85 \n * Google Chrome 30.0.1599.86 \n * Google Chrome 30.0.1599.87 \n * Google Chrome 30.0.1599.88 \n * Google Chrome 30.0.1599.9 \n * Google Chrome 30.0.1599.90 \n * Google Chrome 31.0.1650.0 \n * Google Chrome 31.0.1650.10 \n * Google Chrome 31.0.1650.11 \n * Google Chrome 31.0.1650.12 \n * Google Chrome 31.0.1650.13 \n * Google Chrome 31.0.1650.14 \n * Google Chrome 31.0.1650.15 \n * Google Chrome 31.0.1650.16 \n * Google Chrome 31.0.1650.17 \n * Google Chrome 31.0.1650.18 \n * Google Chrome 31.0.1650.19 \n * Google Chrome 31.0.1650.2 \n * Google Chrome 31.0.1650.20 \n * Google Chrome 31.0.1650.22 \n * Google Chrome 31.0.1650.23 \n * Google Chrome 31.0.1650.25 \n * Google Chrome 31.0.1650.26 \n * Google Chrome 31.0.1650.27 \n * Google Chrome 31.0.1650.28 \n * Google Chrome 31.0.1650.29 \n * Google Chrome 31.0.1650.3 \n * Google Chrome 31.0.1650.30 \n * Google Chrome 31.0.1650.31 \n * Google Chrome 31.0.1650.32 \n * Google Chrome 31.0.1650.33 \n * Google Chrome 31.0.1650.34 \n * Google Chrome 31.0.1650.35 \n * Google Chrome 31.0.1650.36 \n * Google Chrome 31.0.1650.37 \n * Google Chrome 31.0.1650.38 \n * Google Chrome 31.0.1650.39 \n * Google Chrome 31.0.1650.4 \n * Google Chrome 31.0.1650.41 \n * Google Chrome 31.0.1650.42 \n * Google Chrome 31.0.1650.43 \n * Google Chrome 31.0.1650.44 \n * Google Chrome 31.0.1650.45 \n * Google Chrome 31.0.1650.46 \n * Google Chrome 31.0.1650.47 \n * Google Chrome 31.0.1650.48 \n * Google Chrome 31.0.1650.49 \n * Google Chrome 31.0.1650.5 \n * Google Chrome 31.0.1650.50 \n * Google Chrome 31.0.1650.52 \n * Google Chrome 31.0.1650.54 \n * Google Chrome 31.0.1650.57 \n * Google Chrome 31.0.1650.58 \n * Google Chrome 31.0.1650.6 \n * Google Chrome 31.0.1650.60 \n * Google Chrome 31.0.1650.61 \n * Google Chrome 31.0.1650.62 \n * Google Chrome 31.0.1650.63 \n * Google Chrome 31.0.1650.7 \n * Google Chrome 31.0.1650.8 \n * Google Chrome 31.0.1650.9 \n * Google Chrome 32.0.1651.2 \n * Google Chrome 32.0.1652.1 \n * Google Chrome 32.0.1653.1 \n * Google Chrome 32.0.1654.0 \n * Google Chrome 32.0.1654.3 \n * Google Chrome 32.0.1655.1 \n * Google Chrome 32.0.1656.1 \n * Google Chrome 32.0.1657.0 \n * Google Chrome 32.0.1658.0 \n * Google Chrome 32.0.1658.2 \n * Google Chrome 32.0.1659.1 \n * Google Chrome 32.0.1659.3 \n * Google Chrome 32.0.1660.1 \n * Google Chrome 32.0.1661.0 \n * Google Chrome 32.0.1662.0 \n * Google Chrome 32.0.1662.2 \n * Google Chrome 32.0.1663.1 \n * Google Chrome 32.0.1663.3 \n * Google Chrome 32.0.1664.1 \n * Google Chrome 32.0.1664.3 \n * Google Chrome 32.0.1666.0 \n * Google Chrome 32.0.1667.0 \n * Google Chrome 32.0.1668.0 \n * Google Chrome 32.0.1668.2 \n * Google Chrome 32.0.1668.4 \n * Google Chrome 32.0.1668.6 \n * Google Chrome 32.0.1669.1 \n * Google Chrome 32.0.1669.3 \n * Google Chrome 32.0.1670.1 \n * Google Chrome 32.0.1670.3 \n * Google Chrome 32.0.1670.5 \n * Google Chrome 32.0.1671.2 \n * Google Chrome 32.0.1671.4 \n * Google Chrome 32.0.1671.8 \n * Google Chrome 32.0.1672.2 \n * Google Chrome 32.0.1673.2 \n * Google Chrome 32.0.1673.4 \n * Google Chrome 32.0.1674.1 \n * Google Chrome 32.0.1675.0 \n * Google Chrome 32.0.1675.2 \n * Google Chrome 32.0.1676.0 \n * Google Chrome 32.0.1676.2 \n * Google Chrome 32.0.1677.1 \n * Google Chrome 32.0.1678.1 \n * Google Chrome 32.0.1679.0 \n * Google Chrome 32.0.1680.0 \n * Google Chrome 32.0.1681.0 \n * Google Chrome 32.0.1681.3 \n * Google Chrome 32.0.1682.3 \n * Google Chrome 32.0.1682.5 \n * Google Chrome 32.0.1683.1 \n * Google Chrome 32.0.1684.0 \n * Google Chrome 32.0.1684.2 \n * Google Chrome 32.0.1685.0 \n * Google Chrome 32.0.1685.2 \n * Google Chrome 32.0.1686.0 \n * Google Chrome 32.0.1687.0 \n * Google Chrome 32.0.1688.0 \n * Google Chrome 32.0.1689.0 \n * Google Chrome 32.0.1689.2 \n * Google Chrome 32.0.1690.0 \n * Google Chrome 32.0.1700.0 \n * Google Chrome 32.0.1700.100 \n * Google Chrome 32.0.1700.102 \n * Google Chrome 32.0.1700.103 \n * Google Chrome 32.0.1700.107 \n * Google Chrome 32.0.1700.11 \n * Google Chrome 32.0.1700.13 \n * Google Chrome 32.0.1700.15 \n * Google Chrome 32.0.1700.17 \n * Google Chrome 32.0.1700.19 \n * Google Chrome 32.0.1700.21 \n * Google Chrome 32.0.1700.23 \n * Google Chrome 32.0.1700.26 \n * Google Chrome 32.0.1700.28 \n * Google Chrome 32.0.1700.3 \n * Google Chrome 32.0.1700.31 \n * Google Chrome 32.0.1700.33 \n * Google Chrome 32.0.1700.35 \n * Google Chrome 32.0.1700.39 \n * Google Chrome 32.0.1700.41 \n * Google Chrome 32.0.1700.50 \n * Google Chrome 32.0.1700.52 \n * Google Chrome 32.0.1700.54 \n * Google Chrome 32.0.1700.56 \n * Google Chrome 32.0.1700.58 \n * Google Chrome 32.0.1700.6 \n * Google Chrome 32.0.1700.63 \n * Google Chrome 32.0.1700.65 \n * Google Chrome 32.0.1700.67 \n * Google Chrome 32.0.1700.69 \n * Google Chrome 32.0.1700.70 \n * Google Chrome 32.0.1700.74 \n * Google Chrome 32.0.1700.76 \n * Google Chrome 32.0.1700.77 \n * Google Chrome 32.0.1700.9 \n * Google Chrome 32.0.1700.95 \n * Google Chrome 32.0.1700.97 \n * Google Chrome 32.0.1700.98 \n * Google Chrome 33.0.1750.0 \n * Google Chrome 33.0.1750.10 \n * Google Chrome 33.0.1750.106 \n * Google Chrome 33.0.1750.108 \n * Google Chrome 33.0.1750.11 \n * Google Chrome 33.0.1750.111 \n * Google Chrome 33.0.1750.113 \n * Google Chrome 33.0.1750.116 \n * Google Chrome 33.0.1750.117 \n * Google Chrome 33.0.1750.124 \n * Google Chrome 33.0.1750.125 \n * Google Chrome 33.0.1750.13 \n * Google Chrome 33.0.1750.132 \n * Google Chrome 33.0.1750.135 \n * Google Chrome 33.0.1750.14 \n * Google Chrome 33.0.1750.144 \n * Google Chrome 33.0.1750.146 \n * Google Chrome 33.0.1750.149 \n * Google Chrome 33.0.1750.151 \n * Google Chrome 33.0.1750.152 \n * Google Chrome 33.0.1750.154 \n * Google Chrome 33.0.1750.16 \n * Google Chrome 33.0.1750.166 \n * Google Chrome 33.0.1750.168 \n * Google Chrome 33.0.1750.19 \n * Google Chrome 33.0.1750.20 \n * Google Chrome 33.0.1750.22 \n * Google Chrome 33.0.1750.24 \n * Google Chrome 33.0.1750.26 \n * Google Chrome 33.0.1750.28 \n * Google Chrome 33.0.1750.3 \n * Google Chrome 33.0.1750.31 \n * Google Chrome 33.0.1750.35 \n * Google Chrome 33.0.1750.37 \n * Google Chrome 33.0.1750.39 \n * Google Chrome 33.0.1750.40 \n * Google Chrome 33.0.1750.42 \n * Google Chrome 33.0.1750.44 \n * Google Chrome 33.0.1750.46 \n * Google Chrome 33.0.1750.48 \n * Google Chrome 33.0.1750.5 \n * Google Chrome 33.0.1750.51 \n * Google Chrome 33.0.1750.53 \n * Google Chrome 33.0.1750.55 \n * Google Chrome 33.0.1750.57 \n * Google Chrome 33.0.1750.59 \n * Google Chrome 33.0.1750.60 \n * Google Chrome 33.0.1750.62 \n * Google Chrome 33.0.1750.64 \n * Google Chrome 33.0.1750.66 \n * Google Chrome 33.0.1750.68 \n * Google Chrome 33.0.1750.7 \n * Google Chrome 33.0.1750.71 \n * Google Chrome 33.0.1750.74 \n * Google Chrome 33.0.1750.76 \n * Google Chrome 33.0.1750.79 \n * Google Chrome 33.0.1750.80 \n * Google Chrome 33.0.1750.82 \n * Google Chrome 33.0.1750.85 \n * Google Chrome 33.0.1750.89 \n * Google Chrome 33.0.1750.90 \n * Google Chrome 33.0.1750.92 \n * Google Chrome 34.0.1847.0 \n * Google Chrome 34.0.1847.10 \n * Google Chrome 34.0.1847.101 \n * Google Chrome 34.0.1847.103 \n * Google Chrome 34.0.1847.109 \n * Google Chrome 34.0.1847.112 \n * Google Chrome 34.0.1847.114 \n * Google Chrome 34.0.1847.116 \n * Google Chrome 34.0.1847.118 \n * Google Chrome 34.0.1847.120 \n * Google Chrome 34.0.1847.130 \n * Google Chrome 34.0.1847.131 \n * Google Chrome 34.0.1847.132 \n * Google Chrome 34.0.1847.134 \n * Google Chrome 34.0.1847.136 \n * Google Chrome 34.0.1847.137 \n * Google Chrome 34.0.1847.15 \n * Google Chrome 34.0.1847.23 \n * Google Chrome 34.0.1847.25 \n * Google Chrome 34.0.1847.36 \n * Google Chrome 34.0.1847.38 \n * Google Chrome 34.0.1847.4 \n * Google Chrome 34.0.1847.42 \n * Google Chrome 34.0.1847.44 \n * Google Chrome 34.0.1847.46 \n * Google Chrome 34.0.1847.48 \n * Google Chrome 34.0.1847.5 \n * Google Chrome 34.0.1847.51 \n * Google Chrome 34.0.1847.53 \n * Google Chrome 34.0.1847.55 \n * Google Chrome 34.0.1847.57 \n * Google Chrome 34.0.1847.59 \n * Google Chrome 34.0.1847.60 \n * Google Chrome 34.0.1847.62 \n * Google Chrome 34.0.1847.64 \n * Google Chrome 34.0.1847.66 \n * Google Chrome 34.0.1847.68 \n * Google Chrome 34.0.1847.7 \n * Google Chrome 34.0.1847.72 \n * Google Chrome 34.0.1847.74 \n * Google Chrome 34.0.1847.76 \n * Google Chrome 34.0.1847.78 \n * Google Chrome 34.0.1847.8 \n * Google Chrome 34.0.1847.81 \n * Google Chrome 34.0.1847.83 \n * Google Chrome 34.0.1847.86 \n * Google Chrome 34.0.1847.9 \n * Google Chrome 34.0.1847.92 \n * Google Chrome 34.0.1847.97 \n * Google Chrome 34.0.1847.99 \n * Google Chrome 35.0.1916.0 \n * Google Chrome 35.0.1916.10 \n * Google Chrome 35.0.1916.103 \n * Google Chrome 35.0.1916.105 \n * Google Chrome 35.0.1916.107 \n * Google Chrome 35.0.1916.109 \n * Google Chrome 35.0.1916.110 \n * Google Chrome 35.0.1916.112 \n * Google Chrome 35.0.1916.114 \n * Google Chrome 35.0.1916.13 \n * Google Chrome 35.0.1916.15 \n * Google Chrome 35.0.1916.153 \n * Google Chrome 35.0.1916.18 \n * Google Chrome 35.0.1916.2 \n * Google Chrome 35.0.1916.21 \n * Google Chrome 35.0.1916.23 \n * Google Chrome 35.0.1916.3 \n * Google Chrome 35.0.1916.32 \n * Google Chrome 35.0.1916.34 \n * Google Chrome 35.0.1916.36 \n * Google Chrome 35.0.1916.38 \n * Google Chrome 35.0.1916.4 \n * Google Chrome 35.0.1916.41 \n * Google Chrome 35.0.1916.43 \n * Google Chrome 35.0.1916.45 \n * Google Chrome 35.0.1916.47 \n * Google Chrome 35.0.1916.49 \n * Google Chrome 35.0.1916.51 \n * Google Chrome 35.0.1916.54 \n * Google Chrome 35.0.1916.57 \n * Google Chrome 35.0.1916.6 \n * Google Chrome 35.0.1916.68 \n * Google Chrome 35.0.1916.7 \n * Google Chrome 35.0.1916.72 \n * Google Chrome 35.0.1916.77 \n * Google Chrome 35.0.1916.80 \n * Google Chrome 35.0.1916.84 \n * Google Chrome 35.0.1916.86 \n * Google Chrome 35.0.1916.9 \n * Google Chrome 35.0.1916.92 \n * Google Chrome 35.0.1916.95 \n * Google Chrome 35.0.1916.98 \n * Google Chrome 36.0.1985.122 \n * Google Chrome 36.0.1985.143 \n * Google Chrome 37.0.2062.0 \n * Google Chrome 37.0.2062.10 \n * Google Chrome 37.0.2062.12 \n * Google Chrome 37.0.2062.120 \n * Google Chrome 37.0.2062.124 \n * Google Chrome 37.0.2062.14 \n * Google Chrome 37.0.2062.16 \n * Google Chrome 37.0.2062.18 \n * Google Chrome 37.0.2062.2 \n * Google Chrome 37.0.2062.21 \n * Google Chrome 37.0.2062.23 \n * Google Chrome 37.0.2062.25 \n * Google Chrome 37.0.2062.27 \n * Google Chrome 37.0.2062.29 \n * Google Chrome 37.0.2062.30 \n * Google Chrome 37.0.2062.32 \n * Google Chrome 37.0.2062.34 \n * Google Chrome 37.0.2062.36 \n * Google Chrome 37.0.2062.39 \n * Google Chrome 37.0.2062.43 \n * Google Chrome 37.0.2062.45 \n * Google Chrome 37.0.2062.47 \n * Google Chrome 37.0.2062.49 \n * Google Chrome 37.0.2062.50 \n * Google Chrome 37.0.2062.52 \n * Google Chrome 37.0.2062.54 \n * Google Chrome 37.0.2062.56 \n * Google Chrome 37.0.2062.58 \n * Google Chrome 37.0.2062.6 \n * Google Chrome 37.0.2062.61 \n * Google Chrome 37.0.2062.63 \n * Google Chrome 37.0.2062.65 \n * Google Chrome 37.0.2062.67 \n * Google Chrome 37.0.2062.69 \n * Google Chrome 37.0.2062.70 \n * Google Chrome 37.0.2062.72 \n * Google Chrome 37.0.2062.74 \n * Google Chrome 37.0.2062.76 \n * Google Chrome 37.0.2062.78 \n * Google Chrome 37.0.2062.80 \n * Google Chrome 37.0.2062.89 \n * Google Chrome 37.0.2062.90 \n * Google Chrome 37.0.2062.92 \n * Google Chrome 37.0.2062.94 \n * Google Chrome 37.0.2062.95 \n * Google Chrome 37.0.2062.97 \n * Google Chrome 38.0.2125.101 \n * Google Chrome 38.0.2125.101 ~~~Android~~ \n * Google Chrome 38.0.2125.122 \n * Google Chrome 39.0.2171.63 \n * Google Chrome 39.0.2171.65 \n * Google Chrome 4 \n * Google Chrome 4.0.211.0 \n * Google Chrome 4.0.212.0 \n * Google Chrome 4.0.212.1 \n * Google Chrome 4.0.221.8 \n * Google Chrome 4.0.222.0 \n * Google Chrome 4.0.222.1 \n * Google Chrome 4.0.222.12 \n * Google Chrome 4.0.222.5 \n * Google Chrome 4.0.223.0 \n * Google Chrome 4.0.223.1 \n * Google Chrome 4.0.223.2 \n * Google Chrome 4.0.223.4 \n * Google Chrome 4.0.223.5 \n * Google Chrome 4.0.223.7 \n * Google Chrome 4.0.223.8 \n * Google Chrome 4.0.224.0 \n * Google Chrome 4.0.229.1 \n * Google Chrome 4.0.235.0 \n * Google Chrome 4.0.236.0 \n * Google Chrome 4.0.237.0 \n * Google Chrome 4.0.237.1 \n * Google Chrome 4.0.239.0 \n * Google Chrome 4.0.240.0 \n * Google Chrome 4.0.241.0 \n * Google Chrome 4.0.242.0 \n * Google Chrome 4.0.243.0 \n * Google Chrome 4.0.244.0 \n * Google Chrome 4.0.245.0 \n * Google Chrome 4.0.246.0 \n * Google Chrome 4.0.247.0 \n * Google Chrome 4.0.248.0 \n * Google Chrome 4.0.249.0 \n * Google Chrome 4.0.249.1 \n * Google Chrome 4.0.249.10 \n * Google Chrome 4.0.249.11 \n * Google Chrome 4.0.249.12 \n * Google Chrome 4.0.249.14 \n * Google Chrome 4.0.249.16 \n * Google Chrome 4.0.249.17 \n * Google Chrome 4.0.249.18 \n * Google Chrome 4.0.249.19 \n * Google Chrome 4.0.249.2 \n * Google Chrome 4.0.249.20 \n * Google Chrome 4.0.249.21 \n * Google Chrome 4.0.249.22 \n * Google Chrome 4.0.249.23 \n * Google Chrome 4.0.249.24 \n * Google Chrome 4.0.249.25 \n * Google Chrome 4.0.249.26 \n * Google Chrome 4.0.249.27 \n * Google Chrome 4.0.249.28 \n * Google Chrome 4.0.249.29 \n * Google Chrome 4.0.249.3 \n * Google Chrome 4.0.249.30 \n * Google Chrome 4.0.249.31 \n * Google Chrome 4.0.249.32 \n * Google Chrome 4.0.249.33 \n * Google Chrome 4.0.249.34 \n * Google Chrome 4.0.249.35 \n * Google Chrome 4.0.249.36 \n * Google Chrome 4.0.249.37 \n * Google Chrome 4.0.249.38 \n * Google Chrome 4.0.249.39 \n * Google Chrome 4.0.249.4 \n * Google Chrome 4.0.249.40 \n * Google Chrome 4.0.249.41 \n * Google Chrome 4.0.249.42 \n * Google Chrome 4.0.249.43 \n * Google Chrome 4.0.249.44 \n * Google Chrome 4.0.249.45 \n * Google Chrome 4.0.249.46 \n * Google Chrome 4.0.249.47 \n * Google Chrome 4.0.249.48 \n * Google Chrome 4.0.249.49 \n * Google Chrome 4.0.249.5 \n * Google Chrome 4.0.249.50 \n * Google Chrome 4.0.249.51 \n * Google Chrome 4.0.249.52 \n * Google Chrome 4.0.249.53 \n * Google Chrome 4.0.249.54 \n * Google Chrome 4.0.249.55 \n * Google Chrome 4.0.249.56 \n * Google Chrome 4.0.249.57 \n * Google Chrome 4.0.249.58 \n * Google Chrome 4.0.249.59 \n * Google Chrome 4.0.249.6 \n * Google Chrome 4.0.249.60 \n * Google Chrome 4.0.249.61 \n * Google Chrome 4.0.249.62 \n * Google Chrome 4.0.249.63 \n * Google Chrome 4.0.249.64 \n * Google Chrome 4.0.249.65 \n * Google Chrome 4.0.249.66 \n * Google Chrome 4.0.249.67 \n * Google Chrome 4.0.249.68 \n * Google Chrome 4.0.249.69 \n * Google Chrome 4.0.249.7 \n * Google Chrome 4.0.249.70 \n * Google Chrome 4.0.249.71 \n * Google Chrome 4.0.249.72 \n * Google Chrome 4.0.249.73 \n * Google Chrome 4.0.249.74 \n * Google Chrome 4.0.249.75 \n * Google Chrome 4.0.249.76 \n * Google Chrome 4.0.249.77 \n * Google Chrome 4.0.249.78 \n * Google Chrome 4.0.249.78 Beta \n * Google Chrome 4.0.249.79 \n * Google Chrome 4.0.249.8 \n * Google Chrome 4.0.249.80 \n * Google Chrome 4.0.249.81 \n * Google Chrome 4.0.249.82 \n * Google Chrome 4.0.249.89 \n * Google Chrome 4.0.249.9 \n * Google Chrome 4.0.250.0 \n * Google Chrome 4.0.250.2 \n * Google Chrome 4.0.251.0 \n * Google Chrome 4.0.252.0 \n * Google Chrome 4.0.254.0 \n * Google Chrome 4.0.255.0 \n * Google Chrome 4.0.256.0 \n * Google Chrome 4.0.257.0 \n * Google Chrome 4.0.258.0 \n * Google Chrome 4.0.259.0 \n * Google Chrome 4.0.260.0 \n * Google Chrome 4.0.261.0 \n * Google Chrome 4.0.262.0 \n * Google Chrome 4.0.263.0 \n * Google Chrome 4.0.264.0 \n * Google Chrome 4.0.265.0 \n * Google Chrome 4.0.266.0 \n * Google Chrome 4.0.267.0 \n * Google Chrome 4.0.268.0 \n * Google Chrome 4.0.269.0 \n * Google Chrome 4.0.271.0 \n * Google Chrome 4.0.272.0 \n * Google Chrome 4.0.275.0 \n * Google Chrome 4.0.275.1 \n * Google Chrome 4.0.276.0 \n * Google Chrome 4.0.277.0 \n * Google Chrome 4.0.278.0 \n * Google Chrome 4.0.286.0 \n * Google Chrome 4.0.287.0 \n * Google Chrome 4.0.288.0 \n * Google Chrome 4.0.288.1 \n * Google Chrome 4.0.289.0 \n * Google Chrome 4.0.290.0 \n * Google Chrome 4.0.292.0 \n * Google Chrome 4.0.294.0 \n * Google Chrome 4.0.295.0 \n * Google Chrome 4.0.296.0 \n * Google Chrome 4.0.299.0 \n * Google Chrome 4.0.300.0 \n * Google Chrome 4.0.301.0 \n * Google Chrome 4.0.302.0 \n * Google Chrome 4.0.302.1 \n * Google Chrome 4.0.302.2 \n * Google Chrome 4.0.302.3 \n * Google Chrome 4.0.303.0 \n * Google Chrome 4.0.304.0 \n * Google Chrome 4.0.305.0 \n * Google Chrome 4.1 Beta \n * Google Chrome 4.1.249.0 \n * Google Chrome 4.1.249.1001 \n * Google Chrome 4.1.249.1004 \n * Google Chrome 4.1.249.1006 \n * Google Chrome 4.1.249.1007 \n * Google Chrome 4.1.249.1008 \n * Google Chrome 4.1.249.1009 \n * Google Chrome 4.1.249.1010 \n * Google Chrome 4.1.249.1011 \n * Google Chrome 4.1.249.1012 \n * Google Chrome 4.1.249.1013 \n * Google Chrome 4.1.249.1014 \n * Google Chrome 4.1.249.1015 \n * Google Chrome 4.1.249.1016 \n * Google Chrome 4.1.249.1017 \n * Google Chrome 4.1.249.1018 \n * Google Chrome 4.1.249.1019 \n * Google Chrome 4.1.249.1020 \n * Google Chrome 4.1.249.1021 \n * Google Chrome 4.1.249.1022 \n * Google Chrome 4.1.249.1023 \n * Google Chrome 4.1.249.1024 \n * Google Chrome 4.1.249.1025 \n * Google Chrome 4.1.249.1026 \n * Google Chrome 4.1.249.1027 \n * Google Chrome 4.1.249.1028 \n * Google Chrome 4.1.249.1029 \n * Google Chrome 4.1.249.1030 \n * Google Chrome 4.1.249.1031 \n * Google Chrome 4.1.249.1032 \n * Google Chrome 4.1.249.1033 \n * Google Chrome 4.1.249.1034 \n * Google Chrome 4.1.249.1035 \n * Google Chrome 4.1.249.1036 \n * Google Chrome 4.1.249.1037 \n * Google Chrome 4.1.249.1038 \n * Google Chrome 4.1.249.1039 \n * Google Chrome 4.1.249.1040 \n * Google Chrome 4.1.249.1041 \n * Google Chrome 4.1.249.1042 \n * Google Chrome 4.1.249.1043 \n * Google Chrome 4.1.249.1044 \n * Google Chrome 4.1.249.1045 \n * Google Chrome 4.1.249.1046 \n * Google Chrome 4.1.249.1047 \n * Google Chrome 4.1.249.1048 \n * Google Chrome 4.1.249.1049 \n * Google Chrome 4.1.249.1050 \n * Google Chrome 4.1.249.1051 \n * Google Chrome 4.1.249.1052 \n * Google Chrome 4.1.249.1053 \n * Google Chrome 4.1.249.1054 \n * Google Chrome 4.1.249.1055 \n * Google Chrome 4.1.249.1056 \n * Google Chrome 4.1.249.1057 \n * Google Chrome 4.1.249.1058 \n * Google Chrome 4.1.249.1059 \n * Google Chrome 4.1.249.1060 \n * Google Chrome 4.1.249.1061 \n * Google Chrome 4.1.249.1062 \n * Google Chrome 4.1.249.1063 \n * Google Chrome 4.1.249.1064 \n * Google Chrome 40.0.2214.111 \n * Google Chrome 40.0.2214.115 \n * Google Chrome 40.0.2214.85 \n * Google Chrome 40.0.2214.89 ~~~Android~~ \n * Google Chrome 40.0.2214.91 \n * Google Chrome 41.0.2272 \n * Google Chrome 41.0.2272.118 \n * Google Chrome 41.0.2272.76 \n * Google Chrome 42.0.2311 \n * Google Chrome 42.0.2311.135 \n * Google Chrome 42.0.2311.90 \n * Google Chrome 43.0.2357 \n * Google Chrome 43.0.2357.130 \n * Google Chrome 43.0.2357.65 \n * Google Chrome 44.0.2403 \n * Google Chrome 44.0.2403.157 \n * Google Chrome 44.0.2403.89 \n * Google Chrome 45.0.2454 \n * Google Chrome 45.0.2454.101 \n * Google Chrome 45.0.2454.85 \n * Google Chrome 46.0.2490 \n * Google Chrome 46.0.2490.71 \n * Google Chrome 46.0.2490.76 \n * Google Chrome 46.0.2490.86 \n * Google Chrome 47.0 \n * Google Chrome 47.0.2526.106 \n * Google Chrome 47.0.2526.73 \n * Google Chrome 47.0.2526.80 \n * Google Chrome 48.0.2564.109 \n * Google Chrome 48.0.2564.116 \n * Google Chrome 48.0.2564.82 \n * Google Chrome 49.0.2566.0 \n * Google Chrome 49.0.2623.108 \n * Google Chrome 49.0.2623.75 \n * Google Chrome 49.0.2623.87 \n * Google Chrome 5.0.306.0 \n * Google Chrome 5.0.306.1 \n * Google Chrome 5.0.307.1 \n * Google Chrome 5.0.307.10 \n * Google Chrome 5.0.307.11 \n * Google Chrome 5.0.307.3 \n * Google Chrome 5.0.307.4 \n * Google Chrome 5.0.307.5 \n * Google Chrome 5.0.307.6 \n * Google Chrome 5.0.307.7 \n * Google Chrome 5.0.307.8 \n * Google Chrome 5.0.307.9 \n * Google Chrome 5.0.308.0 \n * Google Chrome 5.0.309.0 \n * Google Chrome 5.0.313.0 \n * Google Chrome 5.0.314.0 \n * Google Chrome 5.0.314.1 \n * Google Chrome 5.0.315.0 \n * Google Chrome 5.0.316.0 \n * Google Chrome 5.0.317.0 \n * Google Chrome 5.0.317.1 \n * Google Chrome 5.0.317.2 \n * Google Chrome 5.0.318.0 \n * Google Chrome 5.0.319.0 \n * Google Chrome 5.0.320.0 \n * Google Chrome 5.0.321.0 \n * Google Chrome 5.0.322.0 \n * Google Chrome 5.0.322.1 \n * Google Chrome 5.0.322.2 \n * Google Chrome 5.0.323.0 \n * Google Chrome 5.0.324.0 \n * Google Chrome 5.0.325.0 \n * Google Chrome 5.0.326.0 \n * Google Chrome 5.0.327.0 \n * Google Chrome 5.0.328.0 \n * Google Chrome 5.0.329.0 \n * Google Chrome 5.0.330.0 \n * Google Chrome 5.0.332.0 \n * Google Chrome 5.0.333.0 \n * Google Chrome 5.0.334.0 \n * Google Chrome 5.0.335.0 \n * Google Chrome 5.0.335.1 \n * Google Chrome 5.0.335.2 \n * Google Chrome 5.0.335.3 \n * Google Chrome 5.0.335.4 \n * Google Chrome 5.0.336.0 \n * Google Chrome 5.0.337.0 \n * Google Chrome 5.0.338.0 \n * Google Chrome 5.0.339.0 \n * Google Chrome 5.0.340.0 \n * Google Chrome 5.0.341.0 \n * Google Chrome 5.0.342.0 \n * Google Chrome 5.0.342.1 \n * Google Chrome 5.0.342.2 \n * Google Chrome 5.0.342.3 \n * Google Chrome 5.0.342.4 \n * Google Chrome 5.0.342.5 \n * Google Chrome 5.0.342.6 \n * Google Chrome 5.0.342.7 \n * Google Chrome 5.0.342.7 Beta Mac \n * Google Chrome 5.0.342.8 \n * Google Chrome 5.0.342.9 \n * Google Chrome 5.0.343.0 \n * Google Chrome 5.0.344.0 \n * Google Chrome 5.0.345.0 \n * Google Chrome 5.0.346.0 \n * Google Chrome 5.0.347.0 \n * Google Chrome 5.0.348.0 \n * Google Chrome 5.0.349.0 \n * Google Chrome 5.0.350.0 \n * Google Chrome 5.0.350.1 \n * Google Chrome 5.0.351.0 \n * Google Chrome 5.0.353.0 \n * Google Chrome 5.0.354.0 \n * Google Chrome 5.0.354.1 \n * Google Chrome 5.0.355.0 \n * Google Chrome 5.0.356.0 \n * Google Chrome 5.0.356.1 \n * Google Chrome 5.0.356.2 \n * Google Chrome 5.0.357.0 \n * Google Chrome 5.0.358.0 \n * Google Chrome 5.0.359.0 \n * Google Chrome 5.0.360.0 \n * Google Chrome 5.0.360.3 \n * Google Chrome 5.0.360.4 \n * Google Chrome 5.0.360.5 \n * Google Chrome 5.0.361.0 \n * Google Chrome 5.0.362.0 \n * Google Chrome 5.0.363.0 \n * Google Chrome 5.0.364.0 \n * Google Chrome 5.0.365.0 \n * Google Chrome 5.0.366.0 \n * Google Chrome 5.0.366.1 \n * Google Chrome 5.0.366.2 \n * Google Chrome 5.0.366.3 \n * Google Chrome 5.0.366.4 \n * Google Chrome 5.0.367.0 \n * Google Chrome 5.0.368.0 \n * Google Chrome 5.0.369.0 \n * Google Chrome 5.0.369.1 \n * Google Chrome 5.0.369.2 \n * Google Chrome 5.0.370.0 \n * Google Chrome 5.0.371.0 \n * Google Chrome 5.0.372.0 \n * Google Chrome 5.0.373.0 \n * Google Chrome 5.0.374.0 \n * Google Chrome 5.0.375.0 \n * Google Chrome 5.0.375.1 \n * Google Chrome 5.0.375.10 \n * Google Chrome 5.0.375.11 \n * Google Chrome 5.0.375.12 \n * Google Chrome 5.0.375.125 \n * Google Chrome 5.0.375.126 \n * Google Chrome 5.0.375.127 \n * Google Chrome 5.0.375.13 \n * Google Chrome 5.0.375.14 \n * Google Chrome 5.0.375.15 \n * Google Chrome 5.0.375.16 \n * Google Chrome 5.0.375.17 \n * Google Chrome 5.0.375.18 \n * Google Chrome 5.0.375.19 \n * Google Chrome 5.0.375.2 \n * Google Chrome 5.0.375.20 \n * Google Chrome 5.0.375.21 \n * Google Chrome 5.0.375.22 \n * Google Chrome 5.0.375.23 \n * Google Chrome 5.0.375.25 \n * Google Chrome 5.0.375.26 \n * Google Chrome 5.0.375.27 \n * Google Chrome 5.0.375.28 \n * Google Chrome 5.0.375.29 \n * Google Chrome 5.0.375.3 \n * Google Chrome 5.0.375.30 \n * Google Chrome 5.0.375.31 \n * Google Chrome 5.0.375.32 \n * Google Chrome 5.0.375.33 \n * Google Chrome 5.0.375.34 \n * Google Chrome 5.0.375.35 \n * Google Chrome 5.0.375.36 \n * Google Chrome 5.0.375.37 \n * Google Chrome 5.0.375.38 \n * Google Chrome 5.0.375.39 \n * Google Chrome 5.0.375.4 \n * Google Chrome 5.0.375.40 \n * Google Chrome 5.0.375.41 \n * Google Chrome 5.0.375.42 \n * Google Chrome 5.0.375.43 \n * Google Chrome 5.0.375.44 \n * Google Chrome 5.0.375.45 \n * Google Chrome 5.0.375.46 \n * Google Chrome 5.0.375.47 \n * Google Chrome 5.0.375.48 \n * Google Chrome 5.0.375.49 \n * Google Chrome 5.0.375.5 \n * Google Chrome 5.0.375.50 \n * Google Chrome 5.0.375.51 \n * Google Chrome 5.0.375.52 \n * Google Chrome 5.0.375.53 \n * Google Chrome 5.0.375.54 \n * Google Chrome 5.0.375.55 \n * Google Chrome 5.0.375.56 \n * Google Chrome 5.0.375.57 \n * Google Chrome 5.0.375.58 \n * Google Chrome 5.0.375.59 \n * Google Chrome 5.0.375.6 \n * Google Chrome 5.0.375.60 \n * Google Chrome 5.0.375.61 \n * Google Chrome 5.0.375.62 \n * Google Chrome 5.0.375.63 \n * Google Chrome 5.0.375.64 \n * Google Chrome 5.0.375.65 \n * Google Chrome 5.0.375.66 \n * Google Chrome 5.0.375.67 \n * Google Chrome 5.0.375.68 \n * Google Chrome 5.0.375.69 \n * Google Chrome 5.0.375.7 \n * Google Chrome 5.0.375.70 \n * Google Chrome 5.0.375.71 \n * Google Chrome 5.0.375.72 \n * Google Chrome 5.0.375.73 \n * Google Chrome 5.0.375.74 \n * Google Chrome 5.0.375.75 \n * Google Chrome 5.0.375.76 \n * Google Chrome 5.0.375.77 \n * Google Chrome 5.0.375.78 \n * Google Chrome 5.0.375.79 \n * Google Chrome 5.0.375.8 \n * Google Chrome 5.0.375.80 \n * Google Chrome 5.0.375.81 \n * Google Chrome 5.0.375.82 \n * Google Chrome 5.0.375.83 \n * Google Chrome 5.0.375.84 \n * Google Chrome 5.0.375.85 \n * Google Chrome 5.0.375.86 \n * Google Chrome 5.0.375.87 \n * Google Chrome 5.0.375.88 \n * Google Chrome 5.0.375.89 \n * Google Chrome 5.0.375.9 \n * Google Chrome 5.0.375.90 \n * Google Chrome 5.0.375.91 \n * Google Chrome 5.0.375.92 \n * Google Chrome 5.0.375.93 \n * Google Chrome 5.0.375.94 \n * Google Chrome 5.0.375.95 \n * Google Chrome 5.0.375.96 \n * Google Chrome 5.0.375.97 \n * Google Chrome 5.0.375.98 \n * Google Chrome 5.0.375.99 \n * Google Chrome 5.0.376.0 \n * Google Chrome 5.0.378.0 \n * Google Chrome 5.0.379.0 \n * Google Chrome 5.0.380.0 \n * Google Chrome 5.0.381.0 \n * Google Chrome 5.0.382.0 \n * Google Chrome 5.0.382.3 \n * Google Chrome 5.0.383.0 \n * Google Chrome 5.0.384.0 \n * Google Chrome 5.0.385.0 \n * Google Chrome 5.0.386.0 \n * Google Chrome 5.0.387.0 \n * Google Chrome 5.0.390.0 \n * Google Chrome 5.0.391.0 \n * Google Chrome 5.0.392.0 \n * Google Chrome 5.0.393.0 \n * Google Chrome 5.0.394.0 \n * Google Chrome 5.0.395.0 \n * Google Chrome 5.0.396.0 \n * Google Chrome 50.0.2661.102 \n * Google Chrome 50.0.2661.75 \n * Google Chrome 50.0.2661.94 \n * Google Chrome 51.0.2704.103 \n * Google Chrome 51.0.2704.63 \n * Google Chrome 51.0.2704.79 \n * Google Chrome 52.0.2743.116 \n * Google Chrome 52.0.2743.82 \n * Google Chrome 53.0.2785.113 \n * Google Chrome 53.0.2785.143 \n * Google Chrome 53.0.2785.89 \n * Google Chrome 54.0.2840.59 \n * Google Chrome 54.0.2840.85 \n * Google Chrome 54.0.2840.87 \n * Google Chrome 54.0.2840.90 \n * Google Chrome 54.0.2840.98 \n * Google Chrome 54.0.2840.99 \n * Google Chrome 55.0.2883.75 \n * Google Chrome 56.0.2924.76 \n * Google Chrome 57.0.2987.133 \n * Google Chrome 57.0.2987.98 \n * Google Chrome 58.0.3029.81 \n * Google Chrome 58.0.3029.96 \n * Google Chrome 59.0.3071.104 \n * Google Chrome 59.0.3071.115 \n * Google Chrome 59.0.3071.86 \n * Google Chrome 6.0.397.0 \n * Google Chrome 6.0.398.0 \n * Google Chrome 6.0.399.0 \n * Google Chrome 6.0.400.0 \n * Google Chrome 6.0.401.0 \n * Google Chrome 6.0.401.1 \n * Google Chrome 6.0.403.0 \n * Google Chrome 6.0.404.0 \n * Google Chrome 6.0.404.1 \n * Google Chrome 6.0.404.2 \n * Google Chrome 6.0.405.0 \n * Google Chrome 6.0.406.0 \n * Google Chrome 6.0.407.0 \n * Google Chrome 6.0.408.0 \n * Google Chrome 6.0.408.1 \n * Google Chrome 6.0.408.10 \n * Google Chrome 6.0.408.2 \n * Google Chrome 6.0.408.3 \n * Google Chrome 6.0.408.4 \n * Google Chrome 6.0.408.5 \n * Google Chrome 6.0.408.6 \n * Google Chrome 6.0.408.7 \n * Google Chrome 6.0.408.8 \n * Google Chrome 6.0.408.9 \n * Google Chrome 6.0.409.0 \n * Google Chrome 6.0.410.0 \n * Google Chrome 6.0.411.0 \n * Google Chrome 6.0.412.0 \n * Google Chrome 6.0.413.0 \n * Google Chrome 6.0.414.0 \n * Google Chrome 6.0.415.0 \n * Google Chrome 6.0.415.1 \n * Google Chrome 6.0.416.0 \n * Google Chrome 6.0.416.1 \n * Google Chrome 6.0.417.0 \n * Google Chrome 6.0.418.0 \n * Google Chrome 6.0.418.1 \n * Google Chrome 6.0.418.2 \n * Google Chrome 6.0.418.3 \n * Google Chrome 6.0.418.4 \n * Google Chrome 6.0.418.5 \n * Google Chrome 6.0.418.6 \n * Google Chrome 6.0.418.7 \n * Google Chrome 6.0.418.8 \n * Google Chrome 6.0.418.9 \n * Google Chrome 6.0.419.0 \n * Google Chrome 6.0.421.0 \n * Google Chrome 6.0.422.0 \n * Google Chrome 6.0.423.0 \n * Google Chrome 6.0.424.0 \n * Google Chrome 6.0.425.0 \n * Google Chrome 6.0.426.0 \n * Google Chrome 6.0.427.0 \n * Google Chrome 6.0.428.0 \n * Google Chrome 6.0.430.0 \n * Google Chrome 6.0.431.0 \n * Google Chrome 6.0.432.0 \n * Google Chrome 6.0.433.0 \n * Google Chrome 6.0.434.0 \n * Google Chrome 6.0.435.0 \n * Google Chrome 6.0.436.0 \n * Google Chrome 6.0.437.0 \n * Google Chrome 6.0.437.1 \n * Google Chrome 6.0.437.2 \n * Google Chrome 6.0.437.3 \n * Google Chrome 6.0.438.0 \n * Google Chrome 6.0.440.0 \n * Google Chrome 6.0.441.0 \n * Google Chrome 6.0.443.0 \n * Google Chrome 6.0.444.0 \n * Google Chrome 6.0.445.0 \n * Google Chrome 6.0.445.1 \n * Google Chrome 6.0.446.0 \n * Google Chrome 6.0.447.0 \n * Google Chrome 6.0.447.1 \n * Google Chrome 6.0.447.2 \n * Google Chrome 6.0.449.0 \n * Google Chrome 6.0.450.0 \n * Google Chrome 6.0.450.1 \n * Google Chrome 6.0.450.2 \n * Google Chrome 6.0.450.3 \n * Google Chrome 6.0.450.4 \n * Google Chrome 6.0.451.0 \n * Google Chrome 6.0.452.0 \n * Google Chrome 6.0.452.1 \n * Google Chrome 6.0.453.0 \n * Google Chrome 6.0.453.1 \n * Google Chrome 6.0.454.0 \n * Google Chrome 6.0.455.0 \n * Google Chrome 6.0.456.0 \n * Google Chrome 6.0.457.0 \n * Google Chrome 6.0.458.0 \n * Google Chrome 6.0.458.1 \n * Google Chrome 6.0.458.2 \n * Google Chrome 6.0.459.0 \n * Google Chrome 6.0.460.0 \n * Google Chrome 6.0.461.0 \n * Google Chrome 6.0.462.0 \n * Google Chrome 6.0.464.1 \n * Google Chrome 6.0.465.1 \n * Google Chrome 6.0.465.2 \n * Google Chrome 6.0.466.0 \n * Google Chrome 6.0.466.1 \n * Google Chrome 6.0.466.2 \n * Google Chrome 6.0.466.3 \n * Google Chrome 6.0.466.4 \n * Google Chrome 6.0.466.5 \n * Google Chrome 6.0.466.6 \n * Google Chrome 6.0.467.0 \n * Google Chrome 6.0.469.0 \n * Google Chrome 6.0.470.0 \n * Google Chrome 6.0.471.0 \n * Google Chrome 6.0.472.0 \n * Google Chrome 6.0.472.1 \n * Google Chrome 6.0.472.10 \n * Google Chrome 6.0.472.11 \n * Google Chrome 6.0.472.12 \n * Google Chrome 6.0.472.13 \n * Google Chrome 6.0.472.14 \n * Google Chrome 6.0.472.15 \n * Google Chrome 6.0.472.16 \n * Google Chrome 6.0.472.17 \n * Google Chrome 6.0.472.18 \n * Google Chrome 6.0.472.19 \n * Google Chrome 6.0.472.2 \n * Google Chrome 6.0.472.20 \n * Google Chrome 6.0.472.21 \n * Google Chrome 6.0.472.22 \n * Google Chrome 6.0.472.23 \n * Google Chrome 6.0.472.24 \n * Google Chrome 6.0.472.25 \n * Google Chrome 6.0.472.26 \n * Google Chrome 6.0.472.27 \n * Google Chrome 6.0.472.28 \n * Google Chrome 6.0.472.29 \n * Google Chrome 6.0.472.3 \n * Google Chrome 6.0.472.30 \n * Google Chrome 6.0.472.31 \n * Google Chrome 6.0.472.32 \n * Google Chrome 6.0.472.33 \n * Google Chrome 6.0.472.34 \n * Google Chrome 6.0.472.35 \n * Google Chrome 6.0.472.36 \n * Google Chrome 6.0.472.37 \n * Google Chrome 6.0.472.38 \n * Google Chrome 6.0.472.39 \n * Google Chrome 6.0.472.4 \n * Google Chrome 6.0.472.40 \n * Google Chrome 6.0.472.41 \n * Google Chrome 6.0.472.42 \n * Google Chrome 6.0.472.43 \n * Google Chrome 6.0.472.44 \n * Google Chrome 6.0.472.45 \n * Google Chrome 6.0.472.46 \n * Google Chrome 6.0.472.47 \n * Google Chrome 6.0.472.48 \n * Google Chrome 6.0.472.49 \n * Google Chrome 6.0.472.5 \n * Google Chrome 6.0.472.50 \n * Google Chrome 6.0.472.51 \n * Google Chrome 6.0.472.52 \n * Google Chrome 6.0.472.53 \n * Google Chrome 6.0.472.54 \n * Google Chrome 6.0.472.55 \n * Google Chrome 6.0.472.56 \n * Google Chrome 6.0.472.57 \n * Google Chrome 6.0.472.58 \n * Google Chrome 6.0.472.59 \n * Google Chrome 6.0.472.6 \n * Google Chrome 6.0.472.60 \n * Google Chrome 6.0.472.61 \n * Google Chrome 6.0.472.62 \n * Google Chrome 6.0.472.63 \n * Google Chrome 6.0.472.7 \n * Google Chrome 6.0.472.8 \n * Google Chrome 6.0.472.9 \n * Google Chrome 6.0.473.0 \n * Google Chrome 6.0.474.0 \n * Google Chrome 6.0.475.0 \n * Google Chrome 6.0.476.0 \n * Google Chrome 6.0.477.0 \n * Google Chrome 6.0.478.0 \n * Google Chrome 6.0.479.0 \n * Google Chrome 6.0.480.0 \n * Google Chrome 6.0.481.0 \n * Google Chrome 6.0.482.0 \n * Google Chrome 6.0.483.0 \n * Google Chrome 6.0.484.0 \n * Google Chrome 6.0.485.0 \n * Google Chrome 6.0.486.0 \n * Google Chrome 6.0.487.0 \n * Google Chrome 6.0.488.0 \n * Google Chrome 6.0.489.0 \n * Google Chrome 6.0.490.0 \n * Google Chrome 6.0.490.1 \n * Google Chrome 6.0.491.0 \n * Google Chrome 6.0.492.0 \n * Google Chrome 6.0.493.0 \n * Google Chrome 6.0.494.0 \n * Google Chrome 6.0.495.0 \n * Google Chrome 6.0.495.1 \n * Google Chrome 6.0.496.0 \n * Google Chrome 60.0.3080.5 \n * Google Chrome 60.0.3112.78 \n * Google Chrome 60.0.3112.80 \n * Google Chrome 61.0.3163.100 \n * Google Chrome 61.0.3163.79 \n * Google Chrome 62.0.3202.62 \n * Google Chrome 62.0.3202.75 \n * Google Chrome 62.0.3202.89 \n * Google Chrome 64 \n * Google Chrome 65 \n * Google Chrome 65.72 \n * Google Chrome 7.0.497.0 \n * Google Chrome 7.0.498.0 \n * Google Chrome 7.0.499.0 \n * Google Chrome 7.0.499.1 \n * Google Chrome 7.0.500.0 \n * Google Chrome 7.0.500.1 \n * Google Chrome 7.0.503.0 \n * Google Chrome 7.0.503.1 \n * Google Chrome 7.0.504.0 \n * Google Chrome 7.0.505.0 \n * Google Chrome 7.0.506.0 \n * Google Chrome 7.0.507.0 \n * Google Chrome 7.0.507.1 \n * Google Chrome 7.0.507.2 \n * Google Chrome 7.0.507.3 \n * Google Chrome 7.0.509.0 \n * Google Chrome 7.0.510.0 \n * Google Chrome 7.0.511.1 \n * Google Chrome 7.0.511.2 \n * Google Chrome 7.0.511.4 \n * Google Chrome 7.0.512.0 \n * Google Chrome 7.0.513.0 \n * Google Chrome 7.0.514.0 \n * Google Chrome 7.0.514.1 \n * Google Chrome 7.0.515.0 \n * Google Chrome 7.0.516.0 \n * Google Chrome 7.0.517.0 \n * Google Chrome 7.0.517.10 \n * Google Chrome 7.0.517.11 \n * Google Chrome 7.0.517.12 \n * Google Chrome 7.0.517.13 \n * Google Chrome 7.0.517.14 \n * Google Chrome 7.0.517.16 \n * Google Chrome 7.0.517.17 \n * Google Chrome 7.0.517.18 \n * Google Chrome 7.0.517.19 \n * Google Chrome 7.0.517.2 \n * Google Chrome 7.0.517.20 \n * Google Chrome 7.0.517.21 \n * Google Chrome 7.0.517.22 \n * Google Chrome 7.0.517.23 \n * Google Chrome 7.0.517.24 \n * Google Chrome 7.0.517.25 \n * Google Chrome 7.0.517.26 \n * Google Chrome 7.0.517.27 \n * Google Chrome 7.0.517.28 \n * Google Chrome 7.0.517.29 \n * Google Chrome 7.0.517.30 \n * Google Chrome 7.0.517.31 \n * Google Chrome 7.0.517.32 \n * Google Chrome 7.0.517.33 \n * Google Chrome 7.0.517.34 \n * Google Chrome 7.0.517.35 \n * Google Chrome 7.0.517.36 \n * Google Chrome 7.0.517.37 \n * Google Chrome 7.0.517.38 \n * Google Chrome 7.0.517.39 \n * Google Chrome 7.0.517.4 \n * Google Chrome 7.0.517.40 \n * Google Chrome 7.0.517.41 \n * Google Chrome 7.0.517.42 \n * Google Chrome 7.0.517.43 \n * Google Chrome 7.0.517.44 \n * Google Chrome 7.0.517.5 \n * Google Chrome 7.0.517.6 \n * Google Chrome 7.0.517.7 \n * Google Chrome 7.0.517.8 \n * Google Chrome 7.0.517.9 \n * Google Chrome 7.0.518.0 \n * Google Chrome 7.0.519.0 \n * Google Chrome 7.0.520.0 \n * Google Chrome 7.0.521.0 \n * Google Chrome 7.0.522.0 \n * Google Chrome 7.0.524.0 \n * Google Chrome 7.0.525.0 \n * Google Chrome 7.0.526.0 \n * Google Chrome 7.0.528.0 \n * Google Chrome 7.0.529.0 \n * Google Chrome 7.0.529.1 \n * Google Chrome 7.0.529.2 \n * Google Chrome 7.0.530.0 \n * Google Chrome 7.0.531.0 \n * Google Chrome 7.0.531.1 \n * Google Chrome 7.0.531.2 \n * Google Chrome 7.0.535.1 \n * Google Chrome 7.0.535.2 \n * Google Chrome 7.0.536.0 \n * Google Chrome 7.0.536.1 \n * Google Chrome 7.0.536.2 \n * Google Chrome 7.0.536.3 \n * Google Chrome 7.0.536.4 \n * Google Chrome 7.0.537.0 \n * Google Chrome 7.0.538.0 \n * Google Chrome 7.0.539.0 \n * Google Chrome 7.0.540.0 \n * Google Chrome 7.0.541.0 \n * Google Chrome 7.0.542.0 \n * Google Chrome 7.0.544.0 \n * Google Chrome 7.0.547.0 \n * Google Chrome 7.0.547.1 \n * Google Chrome 7.0.548.0 \n * Google Chrome 8.0.549.0 \n * Google Chrome 8.0.550.0 \n * Google Chrome 8.0.551.0 \n * Google Chrome 8.0.551.1 \n * Google Chrome 8.0.552.0 \n * Google Chrome 8.0.552.1 \n * Google Chrome 8.0.552.10 \n * Google Chrome 8.0.552.100 \n * Google Chrome 8.0.552.101 \n * Google Chrome 8.0.552.102 \n * Google Chrome 8.0.552.103 \n * Google Chrome 8.0.552.104 \n * Google Chrome 8.0.552.105 \n * Google Chrome 8.0.552.11 \n * Google Chrome 8.0.552.12 \n * Google Chrome 8.0.552.13 \n * Google Chrome 8.0.552.14 \n * Google Chrome 8.0.552.15 \n * Google Chrome 8.0.552.16 \n * Google Chrome 8.0.552.17 \n * Google Chrome 8.0.552.18 \n * Google Chrome 8.0.552.19 \n * Google Chrome 8.0.552.2 \n * Google Chrome 8.0.552.20 \n * Google Chrome 8.0.552.200 \n * Google Chrome 8.0.552.201 \n * Google Chrome 8.0.552.202 \n * Google Chrome 8.0.552.203 \n * Google Chrome 8.0.552.204 \n * Google Chrome 8.0.552.205 \n * Google Chrome 8.0.552.206 \n * Google Chrome 8.0.552.207 \n * Google Chrome 8.0.552.208 \n * Google Chrome 8.0.552.209 \n * Google Chrome 8.0.552.21 \n * Google Chrome 8.0.552.210 \n * Google Chrome 8.0.552.211 \n * Google Chrome 8.0.552.212 \n * Google Chrome 8.0.552.213 \n * Google Chrome 8.0.552.214 \n * Google Chrome 8.0.552.215 \n * Google Chrome 8.0.552.216 \n * Google Chrome 8.0.552.217 \n * Google Chrome 8.0.552.218 \n * Google Chrome 8.0.552.219 \n * Google Chrome 8.0.552.220 \n * Google Chrome 8.0.552.221 \n * Google Chrome 8.0.552.222 \n * Google Chrome 8.0.552.223 \n * Google Chrome 8.0.552.224 \n * Google Chrome 8.0.552.225 \n * Google Chrome 8.0.552.226 \n * Google Chrome 8.0.552.227 \n * Google Chrome 8.0.552.228 \n * Google Chrome 8.0.552.229 \n * Google Chrome 8.0.552.23 \n * Google Chrome 8.0.552.230 \n * Google Chrome 8.0.552.231 \n * Google Chrome 8.0.552.232 \n * Google Chrome 8.0.552.233 \n * Google Chrome 8.0.552.234 \n * Google Chrome 8.0.552.235 \n * Google Chrome 8.0.552.237 \n * Google Chrome 8.0.552.24 \n * Google Chrome 8.0.552.25 \n * Google Chrome 8.0.552.26 \n * Google Chrome 8.0.552.27 \n * Google Chrome 8.0.552.28 \n * Google Chrome 8.0.552.29 \n * Google Chrome 8.0.552.300 \n * Google Chrome 8.0.552.301 \n * Google Chrome 8.0.552.302 \n * Google Chrome 8.0.552.303 \n * Google Chrome 8.0.552.304 \n * Google Chrome 8.0.552.305 \n * Google Chrome 8.0.552.306 \n * Google Chrome 8.0.552.307 \n * Google Chrome 8.0.552.308 \n * Google Chrome 8.0.552.309 \n * Google Chrome 8.0.552.310 \n * Google Chrome 8.0.552.311 \n * Google Chrome 8.0.552.312 \n * Google Chrome 8.0.552.313 \n * Google Chrome 8.0.552.315 \n * Google Chrome 8.0.552.316 \n * Google Chrome 8.0.552.317 \n * Google Chrome 8.0.552.318 \n * Google Chrome 8.0.552.319 \n * Google Chrome 8.0.552.320 \n * Google Chrome 8.0.552.321 \n * Google Chrome 8.0.552.322 \n * Google Chrome 8.0.552.323 \n * Google Chrome 8.0.552.324 \n * Google Chrome 8.0.552.325 \n * Google Chrome 8.0.552.326 \n * Google Chrome 8.0.552.327 \n * Google Chrome 8.0.552.328 \n * Google Chrome 8.0.552.329 \n * Google Chrome 8.0.552.330 \n * Google Chrome 8.0.552.331 \n * Google Chrome 8.0.552.332 \n * Google Chrome 8.0.552.333 \n * Google Chrome 8.0.552.334 \n * Google Chrome 8.0.552.335 \n * Google Chrome 8.0.552.336 \n * Google Chrome 8.0.552.337 \n * Google Chrome 8.0.552.338 \n * Google Chrome 8.0.552.339 \n * Google Chrome 8.0.552.340 \n * Google Chrome 8.0.552.341 \n * Google Chrome 8.0.552.342 \n * Google Chrome 8.0.552.343 \n * Google Chrome 8.0.552.344 \n * Google Chrome 8.0.552.35 \n * Google Chrome 8.0.552.4 \n * Google Chrome 8.0.552.40 \n * Google Chrome 8.0.552.41 \n * Google Chrome 8.0.552.42 \n * Google Chrome 8.0.552.43 \n * Google Chrome 8.0.552.44 \n * Google Chrome 8.0.552.45 \n * Google Chrome 8.0.552.47 \n * Google Chrome 8.0.552.48 \n * Google Chrome 8.0.552.49 \n * Google Chrome 8.0.552.5 \n * Google Chrome 8.0.552.50 \n * Google Chrome 8.0.552.51 \n * Google Chrome 8.0.552.52 \n * Google Chrome 8.0.552.6 \n * Google Chrome 8.0.552.7 \n * Google Chrome 8.0.552.8 \n * Google Chrome 8.0.552.9 \n * Google Chrome 8.0.553.0 \n * Google Chrome 8.0.554.0 \n * Google Chrome 8.0.556.0 \n * Google Chrome 8.0.557.0 \n * Google Chrome 8.0.558.0 \n * Google Chrome 8.0.559.0 \n * Google Chrome 8.0.560.0 \n * Google Chrome 8.0.561.0 \n * Google Chrome 9 \n * Google Chrome 9.0.562.0 \n * Google Chrome 9.0.563.0 \n * Google Chrome 9.0.564.0 \n * Google Chrome 9.0.565.0 \n * Google Chrome 9.0.566.0 \n * Google Chrome 9.0.567.0 \n * Google Chrome 9.0.568.0 \n * Google Chrome 9.0.569.0 \n * Google Chrome 9.0.570.0 \n * Google Chrome 9.0.570.1 \n * Google Chrome 9.0.571.0 \n * Google Chrome 9.0.572.0 \n * Google Chrome 9.0.572.1 \n * Google Chrome 9.0.573.0 \n * Google Chrome 9.0.574.0 \n * Google Chrome 9.0.575.0 \n * Google Chrome 9.0.576.0 \n * Google Chrome 9.0.577.0 \n * Google Chrome 9.0.578.0 \n * Google Chrome 9.0.579.0 \n * Google Chrome 9.0.580.0 \n * Google Chrome 9.0.581.0 \n * Google Chrome 9.0.582.0 \n * Google Chrome 9.0.583.0 \n * Google Chrome 9.0.584.0 \n * Google Chrome 9.0.585.0 \n * Google Chrome 9.0.586.0 \n * Google Chrome 9.0.587.0 \n * Google Chrome 9.0.587.1 \n * Google Chrome 9.0.588.0 \n * Google Chrome 9.0.589.0 \n * Google Chrome 9.0.590.0 \n * Google Chrome 9.0.591.0 \n * Google Chrome 9.0.592.0 \n * Google Chrome 9.0.593.0 \n * Google Chrome 9.0.594.0 \n * Google Chrome 9.0.595.0 \n * Google Chrome 9.0.596.0 \n * Google Chrome 9.0.597.0 \n * Google Chrome 9.0.597.1 \n * Google Chrome 9.0.597.10 \n * Google Chrome 9.0.597.100 \n * Google Chrome 9.0.597.101 \n * Google Chrome 9.0.597.102 \n * Google Chrome 9.0.597.106 \n * Google Chrome 9.0.597.107 \n * Google Chrome 9.0.597.11 \n * Google Chrome 9.0.597.12 \n * Google Chrome 9.0.597.14 \n * Google Chrome 9.0.597.15 \n * Google Chrome 9.0.597.16 \n * Google Chrome 9.0.597.17 \n * Google Chrome 9.0.597.18 \n * Google Chrome 9.0.597.19 \n * Google Chrome 9.0.597.2 \n * Google Chrome 9.0.597.20 \n * Google Chrome 9.0.597.21 \n * Google Chrome 9.0.597.22 \n * Google Chrome 9.0.597.23 \n * Google Chrome 9.0.597.24 \n * Google Chrome 9.0.597.25 \n * Google Chrome 9.0.597.26 \n * Google Chrome 9.0.597.27 \n * Google Chrome 9.0.597.28 \n * Google Chrome 9.0.597.29 \n * Google Chrome 9.0.597.30 \n * Google Chrome 9.0.597.31 \n * Google Chrome 9.0.597.32 \n * Google Chrome 9.0.597.33 \n * Google Chrome 9.0.597.34 \n * Google Chrome 9.0.597.35 \n * Google Chrome 9.0.597.36 \n * Google Chrome 9.0.597.37 \n * Google Chrome 9.0.597.38 \n * Google Chrome 9.0.597.39 \n * Google Chrome 9.0.597.4 \n * Google Chrome 9.0.597.40 \n * Google Chrome 9.0.597.41 \n * Google Chrome 9.0.597.42 \n * Google Chrome 9.0.597.44 \n * Google Chrome 9.0.597.45 \n * Google Chrome 9.0.597.46 \n * Google Chrome 9.0.597.47 \n * Google Chrome 9.0.597.5 \n * Google Chrome 9.0.597.54 \n * Google Chrome 9.0.597.55 \n * Google Chrome 9.0.597.56 \n * Google Chrome 9.0.597.57 \n * Google Chrome 9.0.597.58 \n * Google Chrome 9.0.597.59 \n * Google Chrome 9.0.597.60 \n * Google Chrome 9.0.597.62 \n * Google Chrome 9.0.597.63 \n * Google Chrome 9.0.597.64 \n * Google Chrome 9.0.597.65 \n * Google Chrome 9.0.597.66 \n * Google Chrome 9.0.597.67 \n * Google Chrome 9.0.597.68 \n * Google Chrome 9.0.597.69 \n * Google Chrome 9.0.597.7 \n * Google Chrome 9.0.597.70 \n * Google Chrome 9.0.597.71 \n * Google Chrome 9.0.597.72 \n * Google Chrome 9.0.597.73 \n * Google Chrome 9.0.597.74 \n * Google Chrome 9.0.597.75 \n * Google Chrome 9.0.597.76 \n * Google Chrome 9.0.597.77 \n * Google Chrome 9.0.597.78 \n * Google Chrome 9.0.597.79 \n * Google Chrome 9.0.597.96 \n * Google Chrome 9.0.597.97 \n * Google Chrome 9.0.597.98 \n * Google Chrome 9.0.597.99 \n * Google Chrome 9.0.598.0 \n * Google Chrome 9.0.599.0 \n * Google Chrome 9.0.600.0 \n * Google Chrome OS 0.10.140.0 \n * Google Chrome OS 0.9.110.6 \n * Google Chrome OS 0.9.126.0 \n * Google Chrome OS 0.9.128.3 \n * Google Chrome OS 0.9.130.14 Beta \n * Google Chrome OS 0.9.131.0 \n * Google Chrome OS 0.9.134.14 \n * Google Chrome OS 20.0.1132.0 \n * Google Chrome OS 20.0.1132.1 \n * Google Chrome OS 20.0.1132.10 \n * Google Chrome OS 20.0.1132.11 \n * Google Chrome OS 20.0.1132.12 \n * Google Chrome OS 20.0.1132.13 \n * Google Chrome OS 20.0.1132.14 \n * Google Chrome OS 20.0.1132.15 \n * Google Chrome OS 20.0.1132.16 \n * Google Chrome OS 20.0.1132.17 \n * Google Chrome OS 20.0.1132.18 \n * Google Chrome OS 20.0.1132.19 \n * Google Chrome OS 20.0.1132.2 \n * Google Chrome OS 20.0.1132.20 \n * Google Chrome OS 20.0.1132.21 \n * Google Chrome OS 20.0.1132.3 \n * Google Chrome OS 20.0.1132.4 \n * Google Chrome OS 20.0.1132.5 \n * Google Chrome OS 20.0.1132.6 \n * Google Chrome OS 20.0.1132.7 \n * Google Chrome OS 20.0.1132.8 \n * Google Chrome OS 20.0.1132.9 \n * Google Chrome OS 21.0.1180.0 \n * Google Chrome OS 21.0.1180.1 \n * Google Chrome OS 21.0.1180.10 \n * Google Chrome OS 21.0.1180.11 \n * Google Chrome OS 21.0.1180.13 \n * Google Chrome OS 21.0.1180.14 \n * Google Chrome OS 21.0.1180.15 \n * Google Chrome OS 21.0.1180.17 \n * Google Chrome OS 21.0.1180.18 \n * Google Chrome OS 21.0.1180.2 \n * Google Chrome OS 21.0.1180.3 \n * Google Chrome OS 21.0.1180.31 \n * Google Chrome OS 21.0.1180.32 \n * Google Chrome OS 21.0.1180.33 \n * Google Chrome OS 21.0.1180.34 \n * Google Chrome OS 21.0.1180.35 \n * Google Chrome OS 21.0.1180.36 \n * Google Chrome OS 21.0.1180.37 \n * Google Chrome OS 21.0.1180.38 \n * Google Chrome OS 21.0.1180.39 \n * Google Chrome OS 21.0.1180.4 \n * Google Chrome OS 21.0.1180.41 \n * Google Chrome OS 21.0.1180.46 \n * Google Chrome OS 21.0.1180.47 \n * Google Chrome OS 21.0.1180.48 \n * Google Chrome OS 21.0.1180.49 \n * Google Chrome OS 21.0.1180.5 \n * Google Chrome OS 21.0.1180.50 \n * Google Chrome OS 21.0.1180.51 \n * Google Chrome OS 21.0.1180.52 \n * Google Chrome OS 21.0.1180.53 \n * Google Chrome OS 21.0.1180.54 \n * Google Chrome OS 21.0.1180.55 \n * Google Chrome OS 21.0.1180.56 \n * Google Chrome OS 21.0.1180.57 \n * Google Chrome OS 21.0.1180.6 \n * Google Chrome OS 21.0.1180.7 \n * Google Chrome OS 21.0.1180.79 \n * Google Chrome OS 21.0.1180.8 \n * Google Chrome OS 21.0.1180.81 \n * Google Chrome OS 21.0.1180.9 \n * Google Chrome OS 21.0.1183.0 \n * Google Chrome OS 23.0.1271.94 \n * Google Chrome OS 25.0.1364.0 \n * Google Chrome OS 25.0.1364.1 \n * Google Chrome OS 25.0.1364.10 \n * Google Chrome OS 25.0.1364.108 \n * Google Chrome OS 25.0.1364.11 \n * Google Chrome OS 25.0.1364.110 \n * Google Chrome OS 25.0.1364.112 \n * Google Chrome OS 25.0.1364.113 \n * Google Chrome OS 25.0.1364.114 \n * Google Chrome OS 25.0.1364.115 \n * Google Chrome OS 25.0.1364.116 \n * Google Chrome OS 25.0.1364.117 \n * Google Chrome OS 25.0.1364.118 \n * Google Chrome OS 25.0.1364.119 \n * Google Chrome OS 25.0.1364.12 \n * Google Chrome OS 25.0.1364.120 \n * Google Chrome OS 25.0.1364.121 \n * Google Chrome OS 25.0.1364.122 \n * Google Chrome OS 25.0.1364.123 \n * Google Chrome OS 25.0.1364.124 \n * Google Chrome OS 25.0.1364.125 \n * Google Chrome OS 25.0.1364.126 \n * Google Chrome OS 25.0.1364.13 \n * Google Chrome OS 25.0.1364.14 \n * Google Chrome OS 25.0.1364.15 \n * Google Chrome OS 25.0.1364.152 \n * Google Chrome OS 25.0.1364.154 \n * Google Chrome OS 25.0.1364.155 \n * Google Chrome OS 25.0.1364.156 \n * Google Chrome OS 25.0.1364.159 \n * Google Chrome OS 25.0.1364.16 \n * Google Chrome OS 25.0.1364.160 \n * Google Chrome OS 25.0.1364.161 \n * Google Chrome OS 25.0.1364.168 \n * Google Chrome OS 25.0.1364.169 \n * Google Chrome OS 25.0.1364.17 \n * Google Chrome OS 25.0.1364.170 \n * Google Chrome OS 25.0.1364.171 \n * Google Chrome OS 25.0.1364.172 \n * Google Chrome OS 25.0.1364.173 \n * Google Chrome OS 25.0.1364.18 \n * Google Chrome OS 25.0.1364.19 \n * Google Chrome OS 25.0.1364.2 \n * Google Chrome OS 25.0.1364.20 \n * Google Chrome OS 25.0.1364.21 \n * Google Chrome OS 25.0.1364.22 \n * Google Chrome OS 25.0.1364.23 \n * Google Chrome OS 25.0.1364.24 \n * Google Chrome OS 25.0.1364.25 \n * Google Chrome OS 25.0.1364.26 \n * Google Chrome OS 25.0.1364.27 \n * Google Chrome OS 25.0.1364.28 \n * Google Chrome OS 25.0.1364.29 \n * Google Chrome OS 25.0.1364.3 \n * Google Chrome OS 25.0.1364.30 \n * Google Chrome OS 25.0.1364.31 \n * Google Chrome OS 25.0.1364.32 \n * Google Chrome OS 25.0.1364.33 \n * Google Chrome OS 25.0.1364.34 \n * Google Chrome OS 25.0.1364.35 \n * Google Chrome OS 25.0.1364.36 \n * Google Chrome OS 25.0.1364.37 \n * Google Chrome OS 25.0.1364.38 \n * Google Chrome OS 25.0.1364.39 \n * Google Chrome OS 25.0.1364.40 \n * Google Chrome OS 25.0.1364.41 \n * Google Chrome OS 25.0.1364.42 \n * Google Chrome OS 25.0.1364.43 \n * Google Chrome OS 25.0.1364.44 \n * Google Chrome OS 25.0.1364.45 \n * Google Chrome OS 25.0.1364.46 \n * Google Chrome OS 25.0.1364.47 \n * Google Chrome OS 25.0.1364.48 \n * Google Chrome OS 25.0.1364.49 \n * Google Chrome OS 25.0.1364.5 \n * Google Chrome OS 25.0.1364.50 \n * Google Chrome OS 25.0.1364.51 \n * Google Chrome OS 25.0.1364.52 \n * Google Chrome OS 25.0.1364.53 \n * Google Chrome OS 25.0.1364.54 \n * Google Chrome OS 25.0.1364.55 \n * Google Chrome OS 25.0.1364.56 \n * Google Chrome OS 25.0.1364.57 \n * Google Chrome OS 25.0.1364.58 \n * Google Chrome OS 25.0.1364.61 \n * Google Chrome OS 25.0.1364.62 \n * Google Chrome OS 25.0.1364.63 \n * Google Chrome OS 25.0.1364.65 \n * Google Chrome OS 25.0.1364.66 \n * Google Chrome OS 25.0.1364.67 \n * Google Chrome OS 25.0.1364.68 \n * Google Chrome OS 25.0.1364.7 \n * Google Chrome OS 25.0.1364.70 \n * Google Chrome OS 25.0.1364.72 \n * Google Chrome OS 25.0.1364.73 \n * Google Chrome OS 25.0.1364.74 \n * Google Chrome OS 25.0.1364.75 \n * Google Chrome OS 25.0.1364.76 \n * Google Chrome OS 25.0.1364.77 \n * Google Chrome OS 25.0.1364.78 \n * Google Chrome OS 25.0.1364.79 \n * Google Chrome OS 25.0.1364.8 \n * Google Chrome OS 25.0.1364.80 \n * Google Chrome OS 25.0.1364.81 \n * Google Chrome OS 25.0.1364.82 \n * Google Chrome OS 25.0.1364.84 \n * Google Chrome OS 25.0.1364.85 \n * Google Chrome OS 25.0.1364.86 \n * Google Chrome OS 25.0.1364.87 \n * Google Chrome OS 25.0.1364.88 \n * Google Chrome OS 25.0.1364.89 \n * Google Chrome OS 25.0.1364.9 \n * Google Chrome OS 25.0.1364.90 \n * Google Chrome OS 25.0.1364.91 \n * Google Chrome OS 25.0.1364.92 \n * Google Chrome OS 25.0.1364.93 \n * Google Chrome OS 25.0.1364.95 \n * Google Chrome OS 25.0.1364.98 \n * Google Chrome OS 25.0.1364.99 \n * Google Chrome OS 26.0.1410.0 \n * Google Chrome OS 26.0.1410.1 \n * Google Chrome OS 26.0.1410.10 \n * Google Chrome OS 26.0.1410.11 \n * Google Chrome OS 26.0.1410.12 \n * Google Chrome OS 26.0.1410.14 \n * Google Chrome OS 26.0.1410.15 \n * Google Chrome OS 26.0.1410.16 \n * Google Chrome OS 26.0.1410.17 \n * Google Chrome OS 26.0.1410.18 \n * Google Chrome OS 26.0.1410.19 \n * Google Chrome OS 26.0.1410.20 \n * Google Chrome OS 26.0.1410.21 \n * Google Chrome OS 26.0.1410.22 \n * Google Chrome OS 26.0.1410.23 \n * Google Chrome OS 26.0.1410.24 \n * Google Chrome OS 26.0.1410.25 \n * Google Chrome OS 26.0.1410.26 \n * Google Chrome OS 26.0.1410.27 \n * Google Chrome OS 26.0.1410.28 \n * Google Chrome OS 26.0.1410.29 \n * Google Chrome OS 26.0.1410.3 \n * Google Chrome OS 26.0.1410.30 \n * Google Chrome OS 26.0.1410.31 \n * Google Chrome OS 26.0.1410.32 \n * Google Chrome OS 26.0.1410.33 \n * Google Chrome OS 26.0.1410.34 \n * Google Chrome OS 26.0.1410.35 \n * Google Chrome OS 26.0.1410.36 \n * Google Chrome OS 26.0.1410.37 \n * Google Chrome OS 26.0.1410.38 \n * Google Chrome OS 26.0.1410.39 \n * Google Chrome OS 26.0.1410.4 \n * Google Chrome OS 26.0.1410.40 \n * Google Chrome OS 26.0.1410.41 \n * Google Chrome OS 26.0.1410.42 \n * Google Chrome OS 26.0.1410.43 \n * Google Chrome OS 26.0.1410.44 \n * Google Chrome OS 26.0.1410.45 \n * Google Chrome OS 26.0.1410.46 \n * Google Chrome OS 26.0.1410.47 \n * Google Chrome OS 26.0.1410.48 \n * Google Chrome OS 26.0.1410.49 \n * Google Chrome OS 26.0.1410.5 \n * Google Chrome OS 26.0.1410.50 \n * Google Chrome OS 26.0.1410.51 \n * Google Chrome OS 26.0.1410.52 \n * Google Chrome OS 26.0.1410.54 \n * Google Chrome OS 26.0.1410.55 \n * Google Chrome OS 26.0.1410.56 \n * Google Chrome OS 26.0.1410.57 \n * Google Chrome OS 26.0.1410.6 \n * Google Chrome OS 26.0.1410.7 \n * Google Chrome OS 26.0.1410.8 \n * Google Chrome OS 26.0.1410.9 \n * Google Chrome OS 28.0.1500.71 \n * Google Chrome OS 28.0.1500.95 \n * Google Chrome OS 32.0.1700.95 \n * Google Chrome OS 33.0.1750.152 \n * Google Chrome OS 35.0.1916.155 \n * Google Chrome OS 37.0.2062.119 \n * Google Chrome OS 40.0.2214.114 \n * Google Chrome OS 48.0.2564.116 \n * Google Chrome OS 48.0.2564.92 \n * Google Chrome OS 52.0.2743.85 \n * Google Chrome OS 53.0.2785.103 \n * Google Chrome OS 53.0.2785.144 \n * Google Chrome OS 54.0.2840.79 \n * Google Chrome OS 57.0.2987.137 \n * Google Chrome OS 58.0.3029.89 \n * Google Chrome OS 59.0.3071.91 \n * Google Chrome OS 59.0.3071.92 \n * Google Chrome OS 60.0.3112.114 \n * Google Chrome OS 61.0.3163.113 \n * Google Chrome OS 62.0.3202.97 \n * Google Chrome OS 8.0.552.342 \n * Google Chrome OS 8.0.552.343 \n * Google Chrome OS 8.0.552.344 \n * Google Nexus 5X \n * Google Nexus 6P \n * Google Pixel 2 XL \n * Google Pixel C \n * Google Pixel XL \n * Google V8 \n * HP ProLiant DL385 Gen10 Server 1.02 \n * IBM AIX 5.3 \n * IBM AIX 6.1 \n * IBM AIX 7.1 \n * IBM Aix 7.2 \n * IBM Vios 2.2.0 \n * Intel Xeon CPU E5-1650 v3 \n * Linux kernel 4.14.7 \n * Linux kernel 4.9.74 \n * Microsoft Edge \n * Microsoft Internet Explorer 11 \n * Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2008 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2014 for 32-bit Systems Service Pack 2 \n * Microsoft SQL Server 2014 for x64-based Systems Service Pack 2 \n * Microsoft SQL Server 2016 for x64-based Systems \n * Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 \n * Microsoft SQL Server 2017 for x64-based Systems \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Oracle VM VirtualBox 5.0 \n * Oracle VM VirtualBox 5.0.10 \n * Oracle VM VirtualBox 5.0.11 \n * Oracle VM VirtualBox 5.0.12 \n * Oracle VM VirtualBox 5.0.13 \n * Oracle VM VirtualBox 5.0.14 \n * Oracle VM VirtualBox 5.0.16 \n * Oracle VM VirtualBox 5.0.18 \n * Oracle VM VirtualBox 5.0.22 \n * Oracle VM VirtualBox 5.0.26 \n * Oracle VM VirtualBox 5.0.28 \n * Oracle VM VirtualBox 5.0.32 \n * Oracle VM VirtualBox 5.0.34 \n * Oracle VM VirtualBox 5.0.38 \n * Oracle VM VirtualBox 5.0.8 \n * Oracle VM VirtualBox 5.0.9 \n * Oracle VM VirtualBox 5.1.10 \n * Oracle VM VirtualBox 5.1.14 \n * Oracle VM VirtualBox 5.1.16 \n * Oracle VM VirtualBox 5.1.20 \n * Oracle VM VirtualBox 5.1.24 \n * Oracle VM VirtualBox 5.1.30 \n * Oracle VM VirtualBox 5.1.8 \n * Oracle VM VirtualBox 5.2.0 \n * Oracle VM VirtualBox 5.2.2 \n * Oracle VM VirtualBox 5.2.4 \n * Oracle X86 Servers SW 1.0 \n * Oracle X86 Servers SW 2.0 \n * Redhat Enterprise Linux 5 \n * Redhat Enterprise Linux 6 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux Desktop 6 \n * Redhat Enterprise Linux Desktop 7 \n * Redhat Enterprise Linux EUS Compute Node 6.7 \n * Redhat Enterprise Linux EUS Compute Node 7.3 \n * Redhat Enterprise Linux EUS Compute Node 7.4 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Upd 7.3 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.2 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - AUS 6.6 \n * Redhat Enterprise Linux Server - AUS 7.2 \n * Redhat Enterprise Linux Server - AUS 7.3 \n * Redhat Enterprise Linux Server - AUS 7.4 \n * Redhat Enterprise Linux Server - Extended Update Support 6.7 \n * Redhat Enterprise Linux Server - Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - TUS 6.6 \n * Redhat Enterprise Linux Server - TUS 7.2 \n * Redhat Enterprise Linux Server - TUS 7.3 \n * Redhat Enterprise Linux Server - TUS 7.4 \n * Redhat Enterprise Linux Server 6 \n * Redhat Enterprise Linux Server 7 \n * Redhat Enterprise Linux Workstation 6 \n * Redhat Enterprise Linux Workstation 7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 \n * Redhat Enterprise Linux for IBM z Systems 6 \n * Redhat Enterprise Linux for IBM z Systems 7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4 \n * Redhat Enterprise Linux for Power, big endian 6 \n * Redhat Enterprise Linux for Power, big endian 7 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4 \n * Redhat Enterprise Linux for Power, little endian 7 \n * Redhat Enterprise Linux for Real Time 7 \n * Redhat Enterprise Linux for Real Time for NFV 7 \n * Redhat Enterprise Linux for Scientific Computing 6 \n * Redhat Enterprise Linux for Scientific Computing 7 \n * Redhat Enterprise Mrg 2 \n * Redhat Virtualization Host 4 \n * VMWare ESXi 5.5 \n * VMWare Esxi 6.0 \n * VMWare Esxi 6.5 \n * VMWare Fusion 8.0 \n * VMWare Fusion 8.0.1 \n * VMWare Fusion 8.0.2 \n * VMWare Fusion 8.1.0 \n * VMWare Fusion 8.1.1 \n * VMWare Fusion 8.5 \n * VMWare Fusion 8.5.2 \n * VMWare Fusion 8.5.4 \n * VMWare Fusion 8.5.5 \n * VMWare Fusion 8.5.6 \n * VMWare Fusion 8.5.8 \n * VMWare Identity Manager 2.0 \n * VMWare Identity Manager 2.7 \n * VMWare Identity Manager 2.7.1 \n * VMWare Identity Manager 3.0 \n * VMWare Workstation 12.0 \n * VMWare Workstation 12.5.3 \n * VMWare Workstation 12.5.5 \n * VMWare Workstation 12.5.7 \n * VMWare vCenter Server 6.0 \n * VMWare vCenter Server 6.5 \n * VMWare vCloud Usage Meter 3.0 \n * VMWare vCloud Usage Meter 3.3 \n * VMWare vCloud Usage Meter 3.3.3 \n * VMWare vRealize Automation 6.0 \n * VMWare vRealize Automation 6.1 \n * VMWare vRealize Automation 6.2 \n * VMWare vRealize Automation 6.2.4 \n * VMWare vRealize Automation 6.2.4.1 \n * VMWare vRealize Automation 6.2.5 \n * VMWare vRealize Automation 7.0 \n * VMWare vRealize Automation 7.1 \n * VMWare vRealize Automation 7.2.0 \n * VMWare vRealize Automation 7.3.0 \n * VMWare vSphere Data Protection 6.0 \n * VMWare vSphere Data Protection 6.0.0 \n * VMWare vSphere Data Protection 6.0.5 \n * VMWare vSphere Data Protection 6.0.6 \n * VMWare vSphere Data Protection 6.0.7 \n * VMWare vSphere Data Protection 6.1 \n * VMWare vSphere Data Protection 6.1.0 \n * VMWare vSphere Data Protection 6.1.4 \n * VMWare vSphere Data Protection 6.1.5 \n * VMWare vSphere Data Protection 6.1.6 \n * VMWare vSphere Integrated Containers 1.0 \n * VMWare vSphere Integrated Containers 1.1 \n * VMWare vSphere Integrated Containers 1.2 \n * VMWare vSphere Integrated Containers 1.3 \n * Xen Xen \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nGiven the local nature of this issue, grant only trusted and accountable individuals access to affected computers. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "published": "2018-01-03T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/102378", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-11T18:48:46"}], "f5": [{"id": "F5:K91229003", "type": "f5", "title": "Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754", "description": "\nF5 Product Development has assigned 698651, 701445, 701447, 704490, and 704483 (BIG-IP); 702233, 702236, and 202237 (BIG-IQ); 702353, 702354, and 702355 (Enterprise Manager); 702355, 702377, and 702378 (iWorkflow); CPF-24782, CPF-24783, and CPF-24784 (Traffix); LRS-65859, LRS-65860, and LRS-65861 (LineRate) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H91229003 on the **Diagnostics** > **Identified** > **Medium** page.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) | 13.x | 13.0.0 - 13.1.0 | 13.1.0.4*** \n13.0.1*** | Medium | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) | CPU, BIOS, and kernel \n12.x | 12.1.0 - 12.1.3 | 12.1.3.3*** \n11.x | 11.6.1 - 11.6.3 \n11.5.1 - 11.5.5 \n11.2.1 | 11.6.3.1*** \n11.5.6*** \nARX | 6.x | None | None | None | None | None \nEnterprise Manager | 3.x | 3.1.1 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nBIG-IQ (Cloud, Device, Security, ADC) | 4.x | 4.5.0 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nBIG-IQ Centralized Management | 5.x | 5.0.0 - 5.4.0 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \n4.x | 4.6.0 | None \nBIG-IQ Cloud and Orchestration | 1.x | 1.0.0 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nF5 iWorkflow | 2.x | 2.3.0 \n2.2.0 \n2.1.0 \n2.0.1 - 2.0.2 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nLineRate | 2.x | 2.6.0 | None | Medium | ** | CPU, BIOS, and kernel \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | Security bulletin build 93 (5.1.0) \nSecurity bulletin build 32 (5.0.0) | Medium (CVE-2017-5715) \nHigh (CVE-2017-5753) \nHigh (CVE-2017-5754) | [6.7](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5715) \n[8.2](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5753) \n[7.9](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5754) | CPU, BIOS, and kernel \n4.x | 4.0.0 - 4.4.0 | Security bulletin build 14 (4.4.0) \n \n** Confirmation of vulnerability or non-vulnerability is not presently available. F5 is still researching the issue for the products indicated and will update this article with the most current information as soon as it has been confirmed. F5 Technical Support has no additional information on this issue.\n\n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n*** Notes about fixes for CVE-2017-5753 (Spectre Variant 1) and CVE-2017-5754 (Meltdown):\n\n * Performance impact: \n * CVE-2017-5753 (Spectre Variant 1)\n\nF5 does not anticipate a performance impact as a result of the fix for CVE-2017-5753 Spectre Variant 1.\n\n * CVE-2017-5754 (Meltdown)\n\nIn most scenarios, the fix for CVE-2017-5754 Meltdown has a negligible performance impact. F5 recommends testing the performance impact before deploying the fix in a production environment, or testing the fix during a maintenance window with consideration to the possible impact on your specific environment. If you encounter unacceptable performance issues in testing and choose to disable the Meltdown fix, you can do so by typing the following command:\n\ntmsh modify sys db kernel.pti value disable\n\n**Note:** This database variable change is applied without requirement for a reboot.\n\n**Important:** If you choose to disable the Meltdown fix, the BIG-IP system will be vulnerable to the CVE-2017-5754 Meltdown vulnerability. However, in order to take advantage of this vulnerability, the attacker must already possess the ability to run arbitrary code on the system. For non-vCMP systems, good access controls and keeping your system up-to-date with security fixes will mitigate this risk. For vCMP systems with multiple tenants, F5 recommends that you leave the Meltdown fix enabled.\n\n * Virtual F5 products/vCMP guests:\n\nThe Meltdown and Spectre 1 fixes block the ability for those exploits to be executed on the patched OS. If the exploit allows cross-VM boundary information leaks, then a fixed VM is still vulnerable to attacks from a non-fixed VM or the host. Therefore, it is important to apply fixes to both guest VMs and the host that runs them.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP\n\nThe only roles on a BIG-IP system that can exploit these vulnerabilities are the Administrator, Resource Administrator, Manager, and iRules Manager roles. To mitigate against all three vulnerabilities, ensure that you limit access to these roles to only trusted employees.\n\nTo mitigate the Spectre Variant 2 vulnerability in multi-tenancy vCMP configurations, ensure that all guests are set to at least two **Cores Per Guest**.\n\nTraffix SDC\n\nFixes for CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 are available from F5 via the following security bulletins for Traffix SDC 5.1.0, 5.0.0, and 4.4.0:\n\n * **5.1.0** \\- security bulletin build 93\n * **5.0.0** \\- security bulletin build 32\n * **4.4.0** \\- security bulletin build 14\n\nFor more information, contact your Traffix SDC Technical Support representative.\n\n * <https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html>\n\n**Note**: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\n * <https://meltdownattack.com/>\n\n**Note**: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "published": "2018-01-04T04:46:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://support.f5.com/csp/article/K91229003", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-04-13T05:15:17"}], "nessus": [{"id": "SLACKWARE_SSA_2018-057-01.NASL", "type": "nessus", "title": "Slackware 14.2 : Slackware 14.2 kernel (SSA:2018-057-01) (Spectre)", "description": "New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 1.", "published": "2018-02-27T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=107006", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-03-03T18:11:22"}, {"id": "UBUNTU_USN-3521-1.NASL", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : nvidia-graphics-drivers-384 vulnerability (USN-3521-1) (Spectre)", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.\n\nThis update provides mitigations to address the issue, along with compatibility fixes for the corresponding Linux kernel updates.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2018-01-10T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=105723", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-02-01T01:16:21"}, {"id": "MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL", "type": "nessus", "title": "macOS : Apple Safari <= 11.0.2 (11604.4.7.1.6 / 12604.4.7.1.6 / 13604.4.7.10.6) Information Disclosure (Spectre)", "description": "The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 11.0.2, or is 11.0.2 and missing the January 8th patch.\nIt is, therefore, affected by a vulnerability that exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis.", "published": "2018-01-09T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=105689", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-23T05:09:04"}, {"id": "MOZILLA_FIREFOX_57_0_4.NASL", "type": "nessus", "title": "Mozilla Firefox < 57.0.4 Speculative Execution Side-Channel Attack Vulnerability (Spectre)", "description": "The version of Mozilla Firefox installed on the remote Windows host is prior to 57.0.4. It is, therefore, vulnerable to a speculative execution side-channel attack. Code from a malicious web page could read data from other web sites or private data from the browser itself.", "published": "2018-01-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=105616", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-12T06:56:36"}, {"id": "FEDORA_2018-690989736A.NASL", "type": "nessus", "title": "Fedora 26 : webkitgtk4 (2018-690989736a) (Spectre)", "description": "This update includes improvements to mitigate the effects of Spectre ([CVE-2017-5753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20 17-5753) and [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 7-5715)) :\n\n - Disable SharedArrayBuffers from Web API.\n\n - Reduce the precision of “high” resolution time to 1ms.\n\nAdditional fixes :\n\n - Fix API documentation generation with newer gtk-doc.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2018-01-19T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=106178", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-02-04T11:08:23"}, {"id": "UBUNTU_USN-3542-1.NASL", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-3542-1) (Spectre)", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2018-01-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=106272", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-02-01T00:59:18"}, {"id": "VMWARE_VCENTER_VMSA-2018-0007.NASL", "type": "nessus", "title": "VMware vCenter Server 6.5.x < 6.5u1f Multiple Vulnerabilities (VMSA-2018-0007) (Spectre-1) (Meltdown)", "description": "The version of VMware vCenter Server installed on the remote host is 6.5.x prior to 6.5u1f. It is, therefore, affected by multiple vulnerabilities. See advisory for details.", "published": "2018-02-22T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=106950", "cvelist": ["CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-02-26T23:29:33"}, {"id": "ORACLEVM_OVMSA-2018-0007.NASL", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0007) (Spectre)", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825]\n\n - kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) (CVE-2017-5715)\n\n - userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug:\n 27340459] (CVE-2017-5753)\n\n - x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753)\n\n - kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715)\n\n - kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) (CVE-2017-5715)\n\n - x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/spec_ctrl: Disable if running as Xen PV guest.\n (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715)\n\n - Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] (CVE-2017-5715)\n\n - Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] (CVE-2017-5715)\n\n - Use the ibpb_inuse variable. (Jun Nakajima) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715)\n\n - kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] (CVE-2017-5715)\n\n - Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715)\n\n - *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715)\n\n - x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug:\n 27339995] (CVE-2017-5715)\n\n - x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)", "published": "2018-01-12T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=105761", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-02-23T04:06:16"}, {"id": "ORACLELINUX_ELSA-2018-4017.NASL", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4017) (Spectre)", "description": "Description of changes:\n\n[4.1.12-112.14.13.el7uek]\n- Revert 'kernel.spec: Require the new microcode_ctl.' (Brian Maly)\n\n[4.1.12-112.14.12.el7uek]\n- xen-blkback: add pending_req allocation stats (Ankur Arora) [Orabug: 27386890]\n- xen-blkback: move indirect req allocation out-of-line (Ankur Arora) [Orabug: 27386890]\n- xen-blkback: pull nseg validation out in a function (Ankur Arora) [Orabug: 27386890]\n- xen-blkback: make struct pending_req less monolithic (Ankur Arora) [Orabug: 27386890]\n- x86: Clean up IBRS functionality resident in common code (Kanth Ghatraju) [Orabug: 27403317]\n- x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) [Orabug: 27403317]\n- Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27403317]\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27403317]\n- sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) [Orabug: 27403317]\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27403317]\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27403317]\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27403317]\n- KVM: x86: Add memory barrier on vmcs field lookup (Andrew Honig) {CVE-2017-5753}\n- KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (Andrew Honig) [Orabug: 27402301] {CVE-2017-1000407} {CVE-2017-1000407}\n- xfs: give all workqueues rescuer threads (Chris Mason) [Orabug: 27397568]\n- ixgbevf: handle mbox_api_13 in ixgbevf_change_mtu (Joao Martins) [Orabug: 27397001]", "published": "2018-01-22T00:00:00", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=106225", "cvelist": ["CVE-2017-5753", "CVE-2017-1000407"], "lastseen": "2018-02-04T10:54:33"}, {"id": "ORACLELINUX_ELSA-2018-4004.NASL", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4004) (Spectre)", "description": "Description of changes:\n\n[4.1.12-112.14.5.el7uek]\n- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825]\n\n[4.1.12-112.14.4.el7uek]\n- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n\n[4.1.12-112.14.3.el7uek]\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} {CVE-2017-5715}\n- x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] {CVE-2017-5715}\n- Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}\n- Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}", "published": "2018-01-12T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=105759", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-02-04T10:59:51"}], "openvas": [{"id": "OPENVAS:1361412562310843411", "type": "openvas", "title": "Ubuntu Update for nvidia-graphics-drivers-384 USN-3521-1", "description": "Check the version of nvidia-graphics-drivers-384", "published": "2018-01-10T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843411", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-01-23T13:03:54"}, {"id": "OPENVAS:1361412562310812629", "type": "openvas", "title": "Apple MacOSX Security Updates (HT208397)", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple information disclosure vulnerabilities.", "published": "2018-01-12T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812629", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-15T13:03:10"}, {"id": "OPENVAS:1361412562310843428", "type": "openvas", "title": "Ubuntu Update for linux USN-3542-1", "description": "Check the version of linux", "published": "2018-01-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843428", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-26T11:03:49"}, {"id": "OPENVAS:1361412562310874007", "type": "openvas", "title": "Fedora Update for webkitgtk4 FEDORA-2018-0590e4af13", "description": "Check the version of webkitgtk4", "published": "2018-01-13T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874007", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-23T13:03:51"}, {"id": "OPENVAS:1361412562310874035", "type": "openvas", "title": "Fedora Update for webkitgtk4 FEDORA-2018-690989736a", "description": "Check the version of webkitgtk4", "published": "2018-01-19T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874035", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-23T13:03:51"}, {"id": "OPENVAS:1361412562310843419", "type": "openvas", "title": "Ubuntu Update for webkit2gtk USN-3530-1", "description": "Check the version of webkit2gtk", "published": "2018-01-12T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843419", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-23T13:03:54"}, {"id": "OPENVAS:1361412562310843436", "type": "openvas", "title": "Ubuntu Update for linux-kvm USN-3549-1", "description": "Check the version of linux-kvm", "published": "2018-01-30T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843436", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-02-02T13:04:02"}, {"id": "OPENVAS:1361412562310882822", "type": "openvas", "title": "CentOS Update for kernel CESA-2018:0008 centos6 ", "description": "Check the version of kernel", "published": "2018-01-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882822", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-01-23T13:03:47"}, {"id": "OPENVAS:1361412562310882855", "type": "openvas", "title": "CentOS Update for kernel CESA-2018:0512 centos6 ", "description": "Check the version of kernel", "published": "2018-03-15T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882855", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-20T16:37:18"}, {"id": "OPENVAS:1361412562310843474", "type": "openvas", "title": "Ubuntu Update for linux-hwe USN-3597-2", "description": "Check the version of linux-hwe", "published": "2018-03-15T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843474", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-20T16:38:35"}], "ubuntu": [{"id": "USN-3521-1", "type": "ubuntu", "title": "NVIDIA graphics drivers vulnerability", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.\n\nThis update provides mitigations to address the issue, along with compatibility fixes for the corresponding Linux kernel updates.", "published": "2018-01-09T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3521-1/", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-03-29T18:18:43"}, {"id": "USN-3542-2", "type": "ubuntu", "title": "Linux kernel (Trusty HWE) vulnerabilities", "description": "USN-3542-1 addressed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM.\n\nJann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures.", "published": "2018-01-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3542-2/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-03-29T18:21:11"}, {"id": "USN-3542-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures.", "published": "2018-01-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3542-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-03-29T18:18:08"}, {"id": "USN-3549-1", "type": "ubuntu", "title": "Linux kernel (KVM) vulnerabilities", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753)", "published": "2018-01-29T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3549-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-03-29T18:18:30"}, {"id": "USN-3530-1", "type": "ubuntu", "title": "WebKitGTK+ vulnerabilities", "description": "It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions. (CVE-2017-5753, CVE-2017-5715)", "published": "2018-01-11T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3530-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-03-29T18:19:27"}, {"id": "USN-3580-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory.", "published": "2018-02-22T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3580-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-03-29T18:19:50"}, {"id": "USN-3597-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Original advisory details:\n\nJann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754)\n\nJann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753)", "published": "2018-03-15T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3597-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-29T18:17:53"}, {"id": "USN-3516-1", "type": "ubuntu", "title": "Firefox vulnerabilities", "description": "It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions. (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754).", "published": "2018-01-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3516-1/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-29T18:18:14"}, {"id": "USN-3541-2", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerabilities", "description": "USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.\n\nJann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and s390x architectures. (CVE-2017-5715, CVE-2017-5753)\n\nUSN-3523-2 mitigated CVE-2017-5754 (Meltdown) for the amd64 architecture in the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the ppc64el architecture. Original advisory details:\n\nJann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754)", "published": "2018-01-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3541-2/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-29T18:17:08"}, {"id": "USN-3597-2", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerabilities", "description": "USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.\n\nUSNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) for the i386, amd64, and ppc64el architectures for Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the arm64 architecture. Original advisory details:\n\nJann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754)\n\nJann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753)", "published": "2018-03-15T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://usn.ubuntu.com/3597-2/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-29T18:20:23"}], "slackware": [{"id": "SSA-2018-057-01", "type": "slackware", "title": "Slackware 14.2 kernel", "description": "New kernel packages are available for Slackware 14.2 to mitigate the\nspeculative side channel attack known as Spectre variant 1.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/linux-4.4.118/*: Upgraded.\n This kernel includes __user pointer sanitization mitigation for the Spectre\n (variant 1) speculative side channel attack.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-firmware-20180222_7344ec9-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-generic-4.4.118-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-generic-smp-4.4.118_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-headers-4.4.118_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-huge-4.4.118-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-huge-smp-4.4.118_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-modules-4.4.118-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-modules-smp-4.4.118_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-source-4.4.118_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-firmware-20180222_7344ec9-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-generic-4.4.118-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-headers-4.4.118-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-huge-4.4.118-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-modules-4.4.118-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-source-4.4.118-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 packages:\n260968bbd379913c30d11d8b1daac6ae kernel-firmware-20180222_7344ec9-noarch-1.txz\n0c1ffb6a5ce31e3b467b76366cb45fdf kernel-generic-4.4.118-i586-1.txz\nd9aa76d4956dc5afae7e6a51f3539480 kernel-generic-smp-4.4.118_smp-i686-1.txz\n0ee08392f4b80274a4dfd4ec502bfac2 kernel-headers-4.4.118_smp-x86-1.txz\n5d9561ac8b58e6ca10fb18b9b2385ef9 kernel-huge-4.4.118-i586-1.txz\n7583356ca16efd078db333a1f3e7cd8b kernel-huge-smp-4.4.118_smp-i686-1.txz\n9413547cb17efd1086a167220b440382 kernel-modules-4.4.118-i586-1.txz\n792d09fb27f79dbd89e3edb8f47bb8f5 kernel-modules-smp-4.4.118_smp-i686-1.txz\nc9e204b423f5624aca02c4eabe100c3e kernel-source-4.4.118_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\n260968bbd379913c30d11d8b1daac6ae kernel-firmware-20180222_7344ec9-noarch-1.txz\n92ca007b24d746beef19c13cee9b4fcd kernel-generic-4.4.118-x86_64-1.txz\n60f9bec621769a54c7bb4cf772ab52f3 kernel-headers-4.4.118-x86-1.txz\n14dea8448b42c4308eae40dcca595373 kernel-huge-4.4.118-x86_64-1.txz\nce365549a202ac2b3e35aa553757d3a8 kernel-modules-4.4.118-x86_64-1.txz\n740953188c1956d7720cb3de3c3ef77b kernel-source-4.4.118-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.118-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.118 | bash\n\nPlease note that "uniprocessor" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run "uname -a". If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.118-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.118 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run "lilo" as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "published": "2018-02-26T15:17:47", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.684951", "cvelist": ["CVE-2017-5753"], "lastseen": "2018-02-27T03:36:44"}, {"id": "SSA-2018-016-01", "type": "slackware", "title": "kernel", "description": "New kernel packages are available for Slackware 14.0 and 14.2 to fix\nsecurity issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/linux-4.4.111/*: Upgraded.\n This kernel includes mitigations for the Spectre (variant 2) and Meltdown\n speculative side channel attacks.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-generic-3.2.98-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-generic-smp-3.2.98_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-headers-3.2.98_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-huge-3.2.98-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-huge-smp-3.2.98_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-modules-3.2.98-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-modules-smp-3.2.98_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/linux-3.2.98/kernel-source-3.2.98_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-generic-3.2.98-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-headers-3.2.98-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-huge-3.2.98-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-modules-3.2.98-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.98/kernel-source-3.2.98-noarch-1.txz\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-generic-4.4.111-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-generic-smp-4.4.111_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-headers-4.4.111_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-huge-4.4.111-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-huge-smp-4.4.111_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-modules-4.4.111-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-modules-smp-4.4.111_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-source-4.4.111_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-generic-4.4.111-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-headers-4.4.111-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-huge-4.4.111-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-modules-4.4.111-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/patches/packages/linux-4.4.111/kernel-source-4.4.111-noarch-1.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.14.13-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.14.13_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.14.13-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.14.13_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.14.13-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.14.13_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.14.13_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.14.13_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-firmware-20180104_65b1c68-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.14.13-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.14.13-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.14.13-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.14.13-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.14.13-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 packages:\nbf85158499277e0398e41293370abc4a kernel-firmware-20180104_65b1c68-noarch-1.txz\n0ef73b92f14f3e0494f36b4074d62a35 kernel-generic-3.2.98-i586-1.txz\n193dda4b6e27335a17411c6a29f60ea3 kernel-generic-smp-3.2.98_smp-i686-1.txz\nd9d8f98a4d25cadf60f48160bdf30ae7 kernel-headers-3.2.98_smp-x86-1.txz\n2c45a0a535d82af30302e6f635eb0ba0 kernel-huge-3.2.98-i586-1.txz\n803e8c349a811ee41ee53e350084fe44 kernel-huge-smp-3.2.98_smp-i686-1.txz\nffc5679148ddc84e374382263f2a5961 kernel-modules-3.2.98-i586-1.txz\n01c13c7e9d5aaf71d94567bdc4dd13ea kernel-modules-smp-3.2.98_smp-i686-1.txz\n6f9a2484dca0bfc6cdb1283265c3cc19 kernel-source-3.2.98_smp-noarch-1.txz\n\nSlackware x86_64 14.0 packages:\nbf85158499277e0398e41293370abc4a kernel-firmware-20180104_65b1c68-noarch-1.txz\n6f05db9ce854f92fb440799124d87f4a kernel-generic-3.2.98-x86_64-1.txz\ne32cde2cb8e5c22eae3c473aaddcc492 kernel-headers-3.2.98-x86-1.txz\nfc501013a04b89f4c829dc95d2737d08 kernel-huge-3.2.98-x86_64-1.txz\n4bded5fdf8de31bcff6e6125c6b1cf3e kernel-modules-3.2.98-x86_64-1.txz\ne0c621c22934741155c3f7ec4f25ca97 kernel-source-3.2.98-noarch-1.txz\n\nSlackware 14.2 packages:\nbf85158499277e0398e41293370abc4a kernel-firmware-20180104_65b1c68-noarch-1.txz\n55b1acd85f0dd9813b8d2fef44dd1aae kernel-generic-4.4.111-i586-1.txz\nc0d837091607479cc85adb180eeb35bf kernel-generic-smp-4.4.111_smp-i686-1.txz\nfeb19648f920e02e48d8c9a2b9ad42c0 kernel-headers-4.4.111_smp-x86-1.txz\n8afbb68507e4b57a419b3f0175e60266 kernel-huge-4.4.111-i586-1.txz\n81678780cde9ba1885ead0c5ec8348cd kernel-huge-smp-4.4.111_smp-i686-1.txz\n504677324345522321dce25515e1bb67 kernel-modules-4.4.111-i586-1.txz\n0443b18244cad227346b2dc81301d8c0 kernel-modules-smp-4.4.111_smp-i686-1.txz\ndc6d52e7f44bee953e8885c42ff969fe kernel-source-4.4.111_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\nbf85158499277e0398e41293370abc4a kernel-firmware-20180104_65b1c68-noarch-1.txz\ncc3b1bf83ed853d867b86e68ccae43da kernel-generic-4.4.111-x86_64-1.txz\n3b8e65e8e2ed82c1c3320ddb552dbd5f kernel-headers-4.4.111-x86-1.txz\ndb1e811cec9d0acc003226ca8fff6d73 kernel-huge-4.4.111-x86_64-1.txz\nbe8500e6820957f4ed674fb325fd0c53 kernel-modules-4.4.111-x86_64-1.txz\n80f813a256d80064d584f09d18a77f9b kernel-source-4.4.111-noarch-1.txz\n\nSlackware -current packages:\nbf85158499277e0398e41293370abc4a a/kernel-firmware-20180104_65b1c68-noarch-1.txz\ncd566e152b3504d350b68331a79f9924 a/kernel-generic-4.14.13-i586-1.txz\n830a1b7ab36a1ccd0268d90eb9d202c4 a/kernel-generic-smp-4.14.13_smp-i686-1.txz\n4077c7deecee1131e97e348c07e2bd52 a/kernel-huge-4.14.13-i586-1.txz\n7f1070bb3f47dd960b26bfb4cb383e27 a/kernel-huge-smp-4.14.13_smp-i686-1.txz\na14936b31e2dbdb96f807006faebeaca a/kernel-modules-4.14.13-i586-1.txz\n115efae6390092080c0d8759cf0ab29e a/kernel-modules-smp-4.14.13_smp-i686-1.txz\nfe1ae020a95c8f2ee5dcf6e719454642 d/kernel-headers-4.14.13_smp-x86-1.txz\n8698f2eb6e19738fd70e1190c12f1f77 k/kernel-source-4.14.13_smp-noarch-1.txz\n\nSlackware x86_64 -current packages:\nbf85158499277e0398e41293370abc4a a/kernel-firmware-20180104_65b1c68-noarch-1.txz\nebdd84b0dd7951ab87a0f7ac80115c7b a/kernel-generic-4.14.13-x86_64-1.txz\ndf6d28423447d505d2a934751fb84989 a/kernel-huge-4.14.13-x86_64-1.txz\nc998eec627dc1734a6913bc651f45591 a/kernel-modules-4.14.13-x86_64-1.txz\n61cdd86bb7f642786c72991db7ec1845 d/kernel-headers-4.14.13-x86-1.txz\n8bab48aa2a5aad8547e7e6183db33c17 k/kernel-source-4.14.13-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.111-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.111 | bash\n\nPlease note that "uniprocessor" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run "uname -a". If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.111-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.111 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run "lilo" as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "published": "2018-01-15T22:32:33", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.1191628", "cvelist": ["CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-02-02T18:11:27"}, {"id": "SSA-2018-037-01", "type": "slackware", "title": "Slackware 14.2 kernel", "description": "New kernel packages are available for Slackware 14.2 to mitigate the\nspeculative side channel attack known as Spectre variant 2.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/linux-4.4.115/*: Upgraded.\n This kernel includes full retpoline mitigation for the Spectre (variant 2)\n speculative side channel attack.\n Please note that this kernel was compiled with gcc-5.5.0, also provided as\n an update for Slackware 14.2. You'll need to install the updated gcc in order\n to compile kernel modules that will load into this updated kernel.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-firmware-20180201_2aa2ac2-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-generic-4.4.115-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-generic-smp-4.4.115_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-headers-4.4.115_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-huge-4.4.115-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-huge-smp-4.4.115_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-modules-4.4.115-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-modules-smp-4.4.115_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.115/kernel-source-4.4.115_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-firmware-20180201_2aa2ac2-noarch-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-generic-4.4.115-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-headers-4.4.115-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-huge-4.4.115-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-modules-4.4.115-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.115/kernel-source-4.4.115-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 packages:\n1ea8df1a6e5a76e8cb875aba9f42993b kernel-firmware-20180201_2aa2ac2-noarch-1.txz\n65ae3758100bf107ff3c23897ef1b5f9 kernel-generic-4.4.115-i586-1.txz\nc683178111756209c6dc1755e525e833 kernel-generic-smp-4.4.115_smp-i686-1.txz\n0c5cca7eb08d4887f88b615a4a832e6e kernel-headers-4.4.115_smp-x86-1.txz\n45397272b94b844c25ae3d13b9409f91 kernel-huge-4.4.115-i586-1.txz\nb326f2b6d30671f5917f7d1e9a00511b kernel-huge-smp-4.4.115_smp-i686-1.txz\n6a1a72436299fdd149fabd67e5db9a00 kernel-modules-4.4.115-i586-1.txz\nbd1e7630fb6dd94f84d317fa55cb60f5 kernel-modules-smp-4.4.115_smp-i686-1.txz\n74e80a52b163efde642a826e12f3ee0a kernel-source-4.4.115_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\n1ea8df1a6e5a76e8cb875aba9f42993b kernel-firmware-20180201_2aa2ac2-noarch-1.txz\nbe30a72f8fda706d0a36e11e71652301 kernel-generic-4.4.115-x86_64-1.txz\n2e6dd637df1bbc83dab278c0fb9a1ffc kernel-headers-4.4.115-x86-1.txz\n8d00477072ed624b4000e5ff9f260d57 kernel-huge-4.4.115-x86_64-1.txz\ne60a0f4aa1a8cc031db89b1d68b4e366 kernel-modules-4.4.115-x86_64-1.txz\nc4f92ddedc88105adcf4eafe863c2de6 kernel-source-4.4.115-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.115-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.115 | bash\n\nPlease note that "uniprocessor" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run "uname -a". If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.115-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.115 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run "lilo" as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "published": "2018-02-06T22:34:12", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.701978", "cvelist": ["CVE-2017-5715"], "lastseen": "2018-02-07T10:55:48"}], "vmware": [{"id": "VMSA-2018-0002", "type": "vmware", "title": "VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.", "description": "**Bounds-Check bypass and Branch Target Injection issues**\n\nCPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. (Speculative execution is an automatic and inherent CPU performance optimization used in all modern processors.) ESXi, Workstation and Fusion are vulnerable to Bounds Check Bypass and Branch Target Injection issues resulting from this vulnerability. \n \nResult of exploitation may allow for information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2017-5753 (Bounds Check bypass) and CVE-2017-5715 (Branch Target Injection) to these issues. \n \nColumn 5 of the following table lists the action required to remediate the observed vulnerability in each release, if a solution is available. \n\n", "published": "2018-01-03T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2018-0002.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-23T13:22:44"}, {"id": "VMSA-2018-0007", "type": "vmware", "title": "VMware Virtual Appliance updates address side-channel analysis due to speculative execution", "description": "a. VMware Virtual Appliance Mitigations for Bounds-Check bypass (Spectre-1), and Rogue data cache load issues (Meltdown)\n\nCPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. (Speculative execution is an automatic and inherent CPU performance optimization used in all modern processors.) Successful exploitation may allow for information disclosure.\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2017-5753 (Bounds Check bypass), CVE-2017-5754 (Rogue data cache load) to these issues. \n\nColumn 5 of the following table lists the action required to mitigate the vulnerability in each release, if a solution is available.\n", "published": "2018-02-08T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2018-0007.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-16T19:49:06"}, {"id": "VMSA-2018-0004", "type": "vmware", "title": "VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Mitigations for speculative execution issue.", "description": "**New speculative-execution control mechanism for Virtual Machines \n**\n\nUpdates of vCenter Server, ESXi, Workstation and Fusion virtualize the new speculative-execution control mechanism for Virtual Machines (VMs). As a result, a patched Guest Operating System (Guest OS) can remediate the Branch Target Injection issue (CVE-2017-5715). This issue may allow for information disclosure between processes within the VM.\n\n \nTo remediate CVE-2017-5715 in the Guest OS the following VMware and third party requirements must be met. Please note that these points are meant to be a brief overview. For a more in-depth explaination of the mitigation process please see [VMware Knowledge Base Article 52085](<https://kb.vmware.com/kb/52085>).\n\n_VMware Requirements_ \n\n\n * Deploy the updated version of vCenter Server listed in the table (if vCenter Server is used).\n * Deploy the ESXi patches and/or the new versions for Workstation or Fusion listed in the table.\n * Ensure that your VMs are using Hardware Version 9 or higher. For best performance, Hardware Version 11 or higher is recommended. [VMware Knowledge Base Article 1010675](<https://kb.vmware.com/kb/1010675>) discusses Hardware Versions.\n\n_Third party Requirements_\n\n * Deploy the Guest OS patches for CVE-2017-5715. These patches are to be obtained from your OS vendor.\n * Update the CPU microcode. Additional microcode is needed for your CPU to be able to expose the new MSRs that are used by the patched Guest OS. This microcode should be available from your hardware platform vendor.\n\nColumn 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "published": "2018-01-09T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2018-0004.html", "cvelist": ["CVE-2017-5715"], "lastseen": "2018-03-20T19:57:24"}], "oraclelinux": [{"id": "ELSA-2018-0292", "type": "oraclelinux", "title": "kernel security update", "description": "- 2.6.18-419.0.0.0.8\n- Backport CVEs to RHCK/OL5 [orabug 27547712] {CVE-2017-5753} {CVE-2017-5754}\n- 2.6.18-419.0.0.0.5\n- [fs] fix kernel panic on boot on ia64 guests (Honglei Wang) [orabug 26934100]", "published": "2018-02-23T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-0292.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-02-23T19:32:26"}, {"id": "ELSA-2018-4017", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[4.1.12-112.14.13]\n- Revert 'kernel.spec: Require the new microcode_ctl.' (Brian Maly)\n[4.1.12-112.14.12]\n- xen-blkback: add pending_req allocation stats (Ankur Arora) [Orabug: 27386890] \n- xen-blkback: move indirect req allocation out-of-line (Ankur Arora) [Orabug: 27386890] \n- xen-blkback: pull nseg validation out in a function (Ankur Arora) [Orabug: 27386890] \n- xen-blkback: make struct pending_req less monolithic (Ankur Arora) [Orabug: 27386890] \n- x86: Clean up IBRS functionality resident in common code (Kanth Ghatraju) [Orabug: 27403317] \n- x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) [Orabug: 27403317] \n- Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27403317] \n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27403317] \n- sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) [Orabug: 27403317] \n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27403317] \n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27403317] \n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27403317] \n- KVM: x86: Add memory barrier on vmcs field lookup (Andrew Honig) {CVE-2017-5753}\n- KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (Andrew Honig) [Orabug: 27402301] {CVE-2017-1000407} {CVE-2017-1000407}\n- xfs: give all workqueues rescuer threads (Chris Mason) [Orabug: 27397568] \n- ixgbevf: handle mbox_api_13 in ixgbevf_change_mtu (Joao Martins) [Orabug: 27397001]", "published": "2018-01-18T00:00:00", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4017.html", "cvelist": ["CVE-2017-5753", "CVE-2017-1000407"], "lastseen": "2018-01-19T04:55:51"}, {"id": "ELSA-2018-4004", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[4.1.12-112.14.5]\n- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825]\n[4.1.12-112.14.4]\n- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n[4.1.12-112.14.3]\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}\n- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} {CVE-2017-5715}\n- x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] {CVE-2017-5715}\n- Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}\n- Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}\n- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}\n- x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}\n- *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}\n- x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}", "published": "2018-01-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4004.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-06T12:56:17"}, {"id": "ELSA-2018-4012", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "kernel-uek\n[4.1.12-94.7.8]\n- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27378087] [Orabug: 27352353] {CVE-2017-5754}\n- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT (redux) (Konrad Rzeszutek Wilk) [Orabug: 27378074] \n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27378063] \n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27378035] \n- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported. (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- x86/entry_64: TRACE_IRQS_OFF before re-enabling. (Jamie Iles) [Orabug: 27345388] {CVE-2017-5715}\n- ptrace: remove unlocked RCU dereference. (Jamie Iles) [Orabug: 27345388] {CVE-2017-5715}\n- x86/ia32: Adds code hygiene for 32bit SYSCALL instruction entry. (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- x86/ia32: dont save registers on audit call (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n[4.1.12-94.7.7]\n- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT. (Konrad Rzeszutek Wilk) [Orabug: 27365568] {CVE-2017-5715}\n- x86/ia32: save and clear registers on syscall. (Jamie Iles) [Orabug: 27364707] {CVE-2017-5754}\n- x86/IBRS: Save current status of MSR_IA32_SPEC_CTRL (Boris Ostrovsky) [Orabug: 27364720] \n- pti: Rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Pavel Tatashin) [Orabug: 27358615] {CVE-2017-5754}\n- x86/spec_ctrl: Add missing IBRS_DISABLE (Konrad Rzeszutek Wilk) \n- Make use of ibrs_inuse consistent. (Jun Nakajima) \n- x86/kvm: Set IBRS on VMEXIT if guest disabled it. (Konrad Rzeszutek Wilk) \n- Re-introduce clearing of r12-15, rbp, rbx (Kris Van Hees) [Orabug: 27345388] {CVE-2017-5715}\n- x86: more ibrs/pti fixes (Pavel Tatashin) [Orabug: 27358615] {CVE-2017-5754}\n- x86/spec: Actually do the check for in_use on ENABLE_IBRS (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- kvm: svm: Expose the CPUID.0x80000008 ebx flag. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spec_ctrl: Provide the sysfs version of the ibrs_enabled (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Use better #define for FEATURE_ENABLE_IBRS and 0 (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Instead of 0x2, 0x4, and 0x1 use #defines. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- kpti: Disable when running under Xen PV (Konrad Rzeszutek Wilk) [Orabug: 27358615] {CVE-2017-5754}\n- x86: Dont ENABLE_IBRS in nmi when we are still running on user cr3 (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts - fix ia32 path (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Fix spectre/kpti integration (Konrad Rzeszutek Wilk) [Orabug: 27358615] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27358615] {CVE-2017-5754}\n- KAISER KABI tweaks. (Martin K. Petersen) [Orabug: 27358615] {CVE-2017-5754}\n- x86/ldt: fix crash in ldt freeing. (Jamie Iles) [Orabug: 27358615] {CVE-2017-5754}\n- x86/entry: Define 'cpu_current_top_of_stack' for 64-bit code (Denys Vlasenko) [Orabug: 27358615] {CVE-2017-5754}\n- x86/entry: Remove unused 'kernel_stack' per-cpu variable (Denys Vlasenko) [Orabug: 27358615] {CVE-2017-5754}\n- x86/entry: Stop using PER_CPU_VAR(kernel_stack) (Denys Vlasenko) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Guenter Roeck) [Orabug: 27358615] {CVE-2017-5754}\n- x86/vdso: Get pvclock data from the vvar VMA instead of the fixmap (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- KPTI: Report when enabled (Kees Cook) [Orabug: 27358615] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27358615] {CVE-2017-5754}\n- x86/kaiser: Move feature detection up (Borislav Petkov) [Orabug: 27358615] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT (Borislav Petkov) [Orabug: 27358615] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: drop is_atomic arg to kaiser_pagetable_walk() (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Borislav Petkov) [Orabug: 27358615] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: fix unlikely error in alloc_ldt_struct() (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: paranoid_entry pass cr3 need to paranoid_exit (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: PCID 0 for kernel and 128 for user (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: enhanced by kernel and user PCIDs (Dave Hansen) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: vmstat show NR_KAISERTABLE as nr_overhead (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: delete KAISER_REAL_SWITCH option (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: cleanups while trying for gold link (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: kaiser_remove_mapping() move along the pgd (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: tidied up kaiser_add/remove_mapping slightly (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: tidied up asm/kaiser.h somewhat (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: ENOMEM if kaiser_pagetable_walk() NULL (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: fix perf crashes (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: KAISER depends on SMP (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: fix build and FIXME in alloc_ldt_struct() (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: do not set _PAGE_NX on pgd_none (Hugh Dickins) [Orabug: 27358615] {CVE-2017-5754}\n- kaiser: merged update (Dave Hansen) [Orabug: 27358615] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Richard Fellner) [Orabug: 27358615] {CVE-2017-5754}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Make flush_tlb_mm_range() more predictable (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Remove flush_tlb() and flush_tlb_current_task() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/irq: Do not substract irq_tlb_count from irq_call_count (Aaron Lu) [Orabug: 27358615] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldnt use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- ARM: Hide finish_arch_post_lock_switch() from modules (Steven Rostedt) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27358615] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27358615] {CVE-2017-5754}\n[4.1.12-94.7.6]\n- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27351275] \n- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n[4.1.12-94.7.5]\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27345402] {CVE-2017-5753}\n- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715} {CVE-2017-5715}\n- x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27345388] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27345388] {CVE-2017-5715}\n- Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27345388] {CVE-2017-5715}\n- Clear the host registers after setbe (Jun Nakajima) [Orabug: 27345388] {CVE-2017-5715}\n- Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 273 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - K V M : x 8 6 : a d d S P E C _ C T R L t o M S R a n d C P U I D l i s t s ( A n d r e a A r c a n g e l i ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - k v m : v m x : a d d M S R _ I A 3 2 _ S P E C _ C T R L a n d M S R _ I A 3 2 _ P R E D _ C M D ( P a o l o B o n z i n i ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - U s e t h e ' i b r s _ i n u s e ' v a r i a b l e . ( J u n N a k a j i m a ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - k v m : s v m : a d d M S R _ I A 3 2 _ S P E C _ C T R L a n d M S R _ I A 3 2 _ P R E D _ C M D ( A n d r e a A r c a n g e l i ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / s v m : S e t I B P B w h e n r u n n i n g a d i f f e r e n t V C P U ( P a o l o B o n z i n i ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / k v m : P a d R S B o n V M t r a n s i t i o n ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / c p u / A M D : A d d s p e c u l a t i v e c o n t r o l s u p p o r t f o r A M D ( T o m L e n d a c k y ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / m i c r o c o d e : R e c h e c k I B R S a n d I B P B f e a t u r e o n m i c r o c o d e r e l o a d ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 : M o v e I B R S / I B P B f e a t u r e d e t e c t i o n t o s c a t t e r e d . c ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / s p e c _ c t r l : A d d l o c k t o s e r i a l i z e c h a n g e s t o i b r s a n d i b p b c o n t r o l ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / s p e c _ c t r l : A d d s y s c t l k n o b s t o e n a b l e / d i s a b l e S P E C _ C T R L f e a t u r e ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / k v m : c l e a r r e g i s t e r s o n V M e x i t ( T o m L e n d a c k y ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / k v m : S e t I B P B w h e n s w i t c h i n g V M ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - * I N C O M P L E T E * x 8 6 / s y s c a l l : C l e a r u n u s e d e x t r a r e g i s t e r s o n s y s c a l l e n t r a n c e ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / e n t r y : S t u f f R S B f o r e n t r y t o k e r n e l f o r n o n - S M E P p l a t f o r m ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / m m : O n l y s e t I B P B w h e n t h e n e w t h r e a d c a n n o t p t r a c e c u r r e n t t h r e a d ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / m m : S e t I B P B u p o n c o n t e x t s w i t c h ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / i d l e : D i s a b l e I B R S w h e n o f f l i n i n g c p u a n d r e - e n a b l e o n w a k e u p ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / i d l e : D i s a b l e I B R S e n t e r i n g i d l e a n d e n a b l e i t o n w a k e u p ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / s p e c _ c t r l : s a v e I B R S M S R v a l u e i n p a r a n o i d _ e n t r y ( A n d r e a A r c a n g e l i ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - * S c a f f o l d i n g * x 8 6 / s p e c _ c t r l : A d d s y s c t l k n o b s t o e n a b l e / d i s a b l e S P E C _ C T R L f e a t u r e ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / e n t e r : U s e I B R S o n s y s c a l l a n d i n t e r r u p t s ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 : A d d m a c r o t h a t d o e s n o t s a v e r a x , r c x , r d x o n s t a c k t o d i s a b l e I B R S ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / e n t e r : M A C R O S t o s e t / c l e a r I B R S a n d s e t I B P ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / f e a t u r e : R e p o r t p r e s e n c e o f I B P B a n d I B R S c o n t r o l ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 : A d d S T I B P f e a t u r e e n u m e r a t i o n ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / c p u f e a t u r e : A d d X 8 6 _ F E A T U R E _ I A 3 2 _ A R C H _ C A P S a n d X 8 6 _ F E A T U R E _ I B R S _ A T T ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > - x 8 6 / f e a t u r e : E n a b l e t h e x 8 6 f e a t u r e t o c o n t r o l ( T i m C h e n ) [ O r a b u g : 2 7 3 4 5 3 8 8 ] { C V E - 2 0 1 7 - 5 7 1 5 } b r > b r > [ 4 . 1 . 1 2 - 9 4 . 7 . 4 ] b r > - K V M : n V M X : F i x l o s s o f L 2 s N M I b l o c k i n g s t a t e ( W a n p e n g L i ) [ O r a b u g : 2 7 0 6 2 5 2 6 ] b r > - K V M : n V M X : t r a c k N M I b l o c k i n g s t a t e s e p a r a t e l y f o r e a c h V M C S ( P a o l o B o n z i n i ) [ O r a b u g : 2 7 0 6 2 5 2 6 ] b r > - K V M : V M X : r e q u i r e v i r t u a l N M I s u p p o r t ( P a o l o B o n z i n i ) [ O r a b u g : 2 7 0 6 2 5 2 6 ] b r > - K V M : n V M X : F i x t h e N M I I D T - v e c t o r i n g h a n d l i n g ( W a n p e n g L i ) [ O r a b u g : 2 7 0 6 2 5 2 6 ] b r > - n e t l i n k : a l l o w t o l i s t e n ' a l l ' n e t n s ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t l i n k : r e n a m e p r i v a t e f l a g s a n d s t a t e s ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t n s : u s e a s p i n _ l o c k t o p r o t e c t n s i d m a n a g e m e n t ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t n s : n o t i f y n e w n s i d o u t s i d e _ _ p e e r n e t 2 i d ( ) ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t n s : r e n a m e p e e r n e t 2 i d ( ) t o p e e r n e t 2 i d _ a l l o c ( ) ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t n s : a l w a y s p r o v i d e t h e i d t o r t n l _ n e t _ f i l l ( ) ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > - n e t n s : r e t u r n s a l w a y s a n i d i n _ _ p e e r n e t 2 i d ( ) ( N i c o l a s D i c h t e l ) [ O r a b u g : 2 7 0 9 8 3 3 2 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k - 0 . 6 . 0 - 4 . e l 6 . s r c . r p m / t d > t d > 9 1 d 8 5 0 f a 4 1 7 7 3 5 f 8 3 f 8 4 6 c d d 5 b f 9 7 a 7 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . s r c . r p m / t d > t d > 5 3 c f d 7 7 e 5 0 e b 3 c 8 6 3 a 1 a 7 a f 2 7 5 b a 4 5 9 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k - 0 . 6 . 0 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 1 1 9 f e e c d 3 e c 7 4 7 4 4 7 5 6 2 6 d 0 1 d b 3 e c b 0 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > c f 3 1 5 4 8 2 a c 1 8 1 5 9 5 0 0 2 3 d 0 c 3 9 0 e 4 8 3 7 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 b b 6 6 a 4 0 5 b 1 4 a a d e 6 1 2 5 e 7 b 8 d f e a 4 6 3 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 1 5 f a 9 8 5 3 e 2 7 8 5 4 0 d 1 e b c 8 f 3 6 b 7 1 2 a 0 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 8 b 1 0 5 8 2 5 7 b a 3 3 3 2 9 0 2 f a 4 a c e 7 5 f 0 e 5 2 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > 0 3 2 5 1 8 f a 7 0 6 6 8 9 3 1 c e 6 5 4 9 6 1 1 9 7 1 5 a 9 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > 0 c 4 6 1 c 6 1 2 c 4 4 8 9 f c 4 6 7 f f b 7 2 a a 1 3 6 c 1 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k - 0 . 6 . 0 - 4 . e l 7 . s r c . r p m / t d > t d > 1 7 0 e 3 0 1 c 0 a 7 c 9 7 6 f d b c b b 1 b 4 9 c 3 7 a 0 e 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . s r c . r p m / t d > t d > 8 d d 7 a c e b 8 c d f 7 a 2 b 8 4 5 0 3 e d 7 0 4 4 7 e d 7 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k - 0 . 6 . 0 - 4 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 6 2 9 9 9 9 4 1 7 e b 4 f 1 6 6 7 9 e a d a 3 7 9 3 3 d 0 d d 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > b 9 a 3 e 5 2 2 2 3 9 e 7 7 4 1 3 5 d d b b 1 e 0 a f 4 1 0 9 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 3 7 8 1 5 6 a 7 4 2 b b 8 8 7 c 7 0 6 6 7 1 3 9 4 4 f 0 5 0 0 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 5 5 0 8 c a 1 e 2 8 b 0 5 0 3 a 4 c c 0 0 4 8 1 f 5 0 8 2 0 7 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d d d 9 0 9 8 8 b 6 d 5 7 5 3 a 3 3 f e f a c 3 5 9 d e 2 d 4 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > 0 4 2 1 b 3 1 b 0 1 f e e 6 6 4 8 1 a e 5 8 b 1 7 7 0 e 6 6 7 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 4 . 1 . 1 2 - 9 4 . 7 . 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > 7 6 6 1 5 9 f 6 d b 3 b 3 9 e 7 5 9 b b 4 a 1 d c 1 e 4 b e 9 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2018-01-19T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4012.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-04-04T13:03:10"}, {"id": "ELSA-2018-0007", "type": "oraclelinux", "title": "kernel security update", "description": "- [3.10.0-693.11.6.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-693.11.6]\n- [x86] spec_ctrl: Eliminate redundant FEATURE Not Present messages (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}\n- [x86] mm/kaiser: init_tss is supposed to go in the PAGE_ALIGNED per-cpu section (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: svm: spec_ctrl at vmexit needs per-cpu areas functional (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}\n- [x86] kaiser/mm: skip IBRS/CR3 restore when paranoid exception returns to userland (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}\n- [x86] kaiser/mm: consider the init_mm.pgd a kaiser pgd (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}\n[3.10.0-693.11.5]\n- [x86] kaiser/mm: convert userland visible 'kpti' name to 'pti' (Andrea Arcangeli) [1519795 1519798]\n- Revert 'x86/entry: Use retpoline for syscall's indirect calls' (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: set IBRS during resume from RAM if ibrs_enabled is 2 (Andrea Arcangeli) [1519795 1519798]\n- [x86] kaiser/mm: __load_cr3 in resume from RAM after kernel gs has been restored (Andrea Arcangeli) [1519795 1519798]\n[3.10.0-693.11.4]\n- [x86] spec_ctrl: allow use_ibp_disable only if both SPEC_CTRL and IBPB_SUPPORT are missing (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: Documentation spec_ctrl.txt (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: remove irqs_disabled() check from intel_idle() (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: use enum when setting ibrs/ibpb_enabled (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: undo speculation barrier for ibrs_enabled and noibrs_cmdline (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: introduce ibpb_enabled = 2 for IBPB instead of IBRS (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: introduce SPEC_CTRL_PCP_ONLY_IBPB (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: cleanup s/flush/sync/ naming when sending IPIs (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: set IBRS during CPU init if in ibrs_enabled == 2 (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: use IBRS_ENABLED instead of 1 (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: allow the IBP disable feature to be toggled at runtime (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: always initialize save_reg in ENABLE_IBRS_SAVE_AND_CLOBBER (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: ibrs_enabled() is expected to return > 1 (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: issue a __spec_ctrl_ibpb if a credential check isn't possible (Andrea Arcangeli) [1519795 1519798]\n- [x86] mm/kaiser: disable global pages by default with KAISER (Andrea Arcangeli) [1519795 1519798]\n- Revert 'x86/mm/kaiser: Disable global pages by default with KAISER' (Andrea Arcangeli) [1519795 1519798]\n- ibpb: don't optimize spec_cntrl_ibpb on PREEMPT_RCU (Andrea Arcangeli) [1519795 1519798]\n- [x86] spec_ctrl: clear registers after 32bit syscall stackframe is setup (Andrea Arcangeli) [1519800 1519801]\n- [x86] spec_ctrl: reload spec_ctrl cpuid in all microcode load paths (Andrea Arcangeli) [1519800 1519801]\n- [x86] kaiser/mm: fix pgd freeing in error path (Andrea Arcangeli) [1519800 1519801]\n[3.10.0-693.11.3]\n- [x86] spec_ctrl: Prevent unwanted speculation without IBRS (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715 CVE-2017-5754}\n- [x86] entry: Remove trampoline check from paranoid entry path (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715 CVE-2017-5754}\n- [x86] entry: Fix paranoid_exit() trampoline clobber (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715 CVE-2017-5754}\n- [x86] entry: Simplify trampoline stack restore code (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715 CVE-2017-5754}\n- [x86] dumpstack: Remove raw stack dump (Josh Poimboeuf) [1519795 1519798]\n- [x86] spec_ctrl: remove SPEC_CTRL_DEBUG code (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: add noibrs noibpb boot options (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] entry: Use retpoline for syscall's indirect calls (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] syscall: Clear unused extra registers on 32-bit compatible syscall entrance (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: cleanup unnecessary ptregscall_common function (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: CLEAR_EXTRA_REGS and extra regs save/restore (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] syscall: Clear unused extra registers on syscall entrance (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: rescan cpuid after a late microcode update (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: add debugfs ibrs_enabled ibpb_enabled (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: consolidate the spec control boot detection (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] KVM/spec_ctrl: allow IBRS to stay enabled in host userland (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: add debug aid to test the entry code without microcode (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: move stuff_RSB in spec_ctrl.h (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] entry: Stuff RSB for entry to kernel for non-SMEP platform (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] mm: Only set IBPB when the new thread cannot ptrace current thread (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] mm: Set IBPB upon context switch (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] idle: Disable IBRS when offlining cpu and re-enable on wakeup (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] idle: Disable IBRS entering idle and enable it on wakeup (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: implement spec ctrl C methods (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: save IBRS MSR value in save_paranoid for NMI (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] enter: Use IBRS on syscall and interrupts (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: swap rdx with rsi for nmi nesting detection (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: spec_ctrl_pcp and kaiser_enabled_pcp in same cachline (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] spec_ctrl: use per-cpu knob instead of ALTERNATIVES for ibpb and ibrs (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] enter: MACROS to set/clear IBRS and set IBPB (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [kvm] x86: add SPEC_CTRL to MSR and CPUID lists (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [kvm] svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] svm: Set IBPB when running a different VCPU (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [kvm] vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [kvm] vmx: Set IBPB when running a different VCPU (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [kvm] x86: clear registers on VM exit (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] kvm: pad RSB on VM transition (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] cpu/AMD: Control indirect branch predictor when SPEC_CTRL not available (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] feature: Report presence of IBPB and IBRS control (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [x86] feature: Enable the x86 feature to control Speculation (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [tools] objtool: Don't print 'call dest' warnings for ignored functions (Josh Poimboeuf) [1519795 1519798] {CVE-2017-5715}\n- [misc] locking/barriers: prevent speculative execution based on Coverity scan results (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [fs] udf: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [fs] prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [kernel] userns: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [scsi] qla2xxx: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [netdrv] p54: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [netdrv] carl9170: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [media] uvcvideo: prevent speculative execution (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [x86] cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [x86] cpu/AMD: Make the LFENCE instruction serialized (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [misc] locking/barriers: introduce new memory barrier gmb() (Josh Poimboeuf) [1519788 1519786] {CVE-2017-5753}\n- [x86] mm/kaiser: Replace kaiser with kpti to sync with upstream (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: add 'kaiser' and 'nokaiser' boot options (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: map the trace idt tables in userland shadow pgd (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: fix RESTORE_CR3 crash in kaiser_stop_machine (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: use stop_machine for enable/disable knob (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: use atomic ops to poison/unpoison user pagetables (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: use invpcid to flush the two kaiser PCID AISD (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: use two PCID ASIDs optimize the TLB during enter/exit kernel (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: stop patching flush_tlb_single (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: use PCID feature to make user and kernel switches faster (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm: If INVPCID is available, use it to flush global mappings (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/64: Fix reboot interaction with CR4.PCIDE (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/64: Initialize CR4.PCIDE early (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm: Add a 'noinvpcid' boot option to turn off INVPCID (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm: Add the 'nopcid' boot option to turn off PCID (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: validate trampoline stack (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] entry: Move SYSENTER_stack to the beginning of struct tss_struct (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: isolate the user mapped per cpu areas (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: enable kaiser in build (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: selective boot time defaults (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: handle call to xen_pv_domain() on PREEMPT_RT (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser/xen: Dynamically disable KAISER when running under Xen PV (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: add Kconfig (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: avoid false positives during non-kaiser pgd updates (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: Respect disabled CPU features (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: trampoline stack comments (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: stack trampoline (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: remove paravirt clock warning (Josh Poimboeuf) [1519800 1519801] {CVE-2017-5754}\n- [x86] mm/kaiser: re-enable vsyscalls (Josh Poimboeuf) [15 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a l l o w t o b u i l d K A I S E R w i t h K A S R L ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a l l o w K A I S E R t o b e e n a b l e d / d i s a b l e d a t r u n t i m e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : u n - p o i s o n P G D s a t r u n t i m e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a d d a f u n c t i o n t o c h e c k f o r K A I S E R b e i n g e n a b l e d ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a d d d e b u g f s f i l e t o t u r n K A I S E R o n / o f f a t r u n t i m e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : d i s a b l e n a t i v e V S Y S C A L L ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a p v i r t u a l l y - a d d r e s s e d p e r f o r m a n c e m o n i t o r i n g b u f f e r s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a p d e b u g I D T t a b l e s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a d d k p r o b e s t e x t s e c t i o n ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a p t r a c e i n t e r r u p t e n t r y ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a p e n t r y s t a c k p e r - c p u a r e a s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a p d y n a m i c a l l y - a l l o c a t e d L D T s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a k e s u r e s t a t i c P G D s a r e 8 k i n s i z e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a l l o w N X p o i s o n t o b e s e t i n p 4 d / p g d ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : u n m a p k e r n e l f r o m u s e r s p a c e p a g e t a b l e s ( c o r e p a t c h ) ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : m a r k p e r - c p u d a t a s t r u c t u r e s r e q u i r e d f o r e n t r y / e x i t ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : i n t r o d u c e u s e r - m a p p e d p e r - c p u a r e a s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : a d d c r 3 s w i t c h e s t o e n t r y c o d e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : r e m o v e s c r a t c h r e g i s t e r s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : p r e p a r e a s s e m b l y f o r e n t r y / e x i t C R 3 s w i t c h i n g ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / k a i s e r : D i s a b l e g l o b a l p a g e s b y d e f a u l t w i t h K A I S E R ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m : D o c u m e n t X 8 6 _ C R 4 _ P G E t o g g l i n g b e h a v i o r ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m / t l b : M a k e C R 4 - b a s e d T L B f l u s h e s m o r e r o b u s t ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] m m : D o n o t s e t _ P A G E _ U S E R f o r i n i t _ m m p a g e t a b l e s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ x 8 6 ] i n c r e a s e r o b u s t e n e s s o f b a d _ i r e t f i x u p h a n d l e r ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ p e r f ] x 8 6 / i n t e l / u n c o r e : F i x m e m o r y l e a k s o n a l l o c a t i o n f a i l u r e s ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ m m ] u s e r f a u l t f d : h u g e t l b f s : p r e v e n t U F F D I O _ C O P Y t o f i l l b e y o n d t h e e n d o f i _ s i z e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ f s ] u s e r f a u l t f d : n o n - c o o p e r a t i v e : f i x f o r k u s e a f t e r f r e e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ m m ] u s e r f a u l t f d : h u g e t l b f s : r e m o v e s u p e r f l u o u s p a g e u n l o c k i n V M _ S H A R E D c a s e ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } b r > - [ m m ] f i x b a d r s s - c o u n t e r i f r e m a p _ f i l e _ p a g e s r a c e d m i g r a t i o n ( J o s h P o i m b o e u f ) [ 1 5 1 9 8 0 0 1 5 1 9 8 0 1 ] { C V E - 2 0 1 7 - 5 7 5 4 } / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 5 7 1 5 . h t m l \" > C V E - 2 0 1 7 - 5 7 1 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 5 7 5 3 . h t m l \" > C V E - 2 0 1 7 - 5 7 5 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 5 7 5 4 . h t m l \" > C V E - 2 0 1 7 - 5 7 5 4 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . s r c . r p m / t d > t d > 5 8 b d e 1 d c 4 f 0 9 f 0 8 5 7 3 1 4 f 8 1 a d 7 2 d 9 c 4 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 6 a 9 f 4 4 8 0 8 2 4 2 8 3 e a 4 c d 3 b 9 6 9 6 5 b d 2 9 d 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - a b i - w h i t e l i s t s - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . n o a r c h . r p m / t d > t d > a b 9 2 f 1 6 5 3 5 d 6 4 e b c d 0 a e 5 9 1 f b 0 0 6 4 f 5 e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 7 3 7 f 9 1 5 7 6 f b 1 a a f 6 1 6 1 3 f 9 3 f 1 8 2 d 3 5 2 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 2 a 3 c f 3 b 7 3 c 1 c d a b 0 9 0 0 2 e 0 9 d 0 5 d 4 7 7 1 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 5 f f b f 5 4 c e 5 a 8 4 9 2 6 7 d 7 b 3 f f f e e 2 c 9 e a 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . n o a r c h . r p m / t d > t d > a e 1 4 f 6 e 1 7 e d d f 6 1 6 b f 8 3 d a b c a f 9 7 a 3 8 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 9 2 4 b 5 6 8 6 c 9 f 2 6 d a 4 1 d 9 3 0 1 d a 0 8 1 4 a 6 6 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > f 0 d 2 c 4 3 1 7 e 3 0 7 0 5 7 b e 9 7 f 7 4 b b 4 e 5 9 f 5 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > d f f 6 a 2 5 4 d f 3 3 a 9 6 5 d f 3 d 1 f 3 0 f 2 9 3 1 f b f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - t o o l s - l i b s - d e v e l - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 9 3 9 5 3 d d 5 a 0 b 4 1 6 b a 2 5 3 8 9 6 8 0 4 6 b c 2 a 7 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > p e r f - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 4 0 c 1 d 9 c f 3 9 e 4 1 f 7 4 f b 2 9 f f a 5 2 0 3 a 4 9 a 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > p y t h o n - p e r f - 3 . 1 0 . 0 - 6 9 3 . 1 1 . 6 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > 1 9 7 a 9 4 8 7 6 8 9 2 0 2 9 a 1 e 5 a f f a b 6 7 1 d 9 6 3 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2018-01-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-0007.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-04-04T13:01:07"}, {"id": "ELSA-2018-4022", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "kernel-uek\n[3.8.13-118.20.2]\n- x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27444923] {CVE-2017-5753}\n- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27444923] {CVE-2017-5753}\n- x86/rsb: add comment specifying why we skip STUFF_RSB (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/rsb: make STUFF_RSB jmp labels more robust (Ankur Arora) [Orabug: 27451658] {CVE-2017-5715}\n- x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spectre: Drop the warning about ibrs being obsolete. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec: Don't print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27376697] {CVE-2017-5715}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27376697] \n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Display correct settings for the SPECTRE_V[12] bug (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27376697] {CVE-2017-5715}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27376697] {CVE-2017-5715} {CVE-2017-5754}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5715}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27376697] {CVE-2017-5754}\n- x86/entry: STUFF_RSB only after switching to kernel CR3 (Ankur Arora) [Orabug: 27376697] {CVE-2017-5715}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27376697] {CVE-2017-5715}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27376697] {CVE-2017-5715}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/enter: MACROS to set/clear IBRS (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27376697] {CVE-2017-5715}\n- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27333764] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333764] [Orabug: 27333760] {CVE-2017-5754} {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Lepton Wu) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: x86: Fix NMI handling (Jiri Kosina) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: move paravirt clock vsyscall mapping out of kaiser_init (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: disable if xen PARAVIRT (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86/alternatives: add asm ALTERNATIVE macro (Mike Kravetz) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: alloc_ldt_struct() use get_zeroed_page() (Hugh Dickins) [Orabug: 27333764] {CVE-2017-5754}\n- x86: kvmclock: Disable use from vDSO if KPTI is enabled (Ben Hutchings) [Orabug: 27333764] {CVE-2017-5754}\n- kaiser: Fix build with CONFIG_FUNCTION_GRAPH_TRACER (Kees Cook) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) [Orabug: 27333764] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Richard Fellner) [Orabug: 27333764] {CVE-2017-5754}\n- kprobes: Prohibit probing on .entry.text code (Masami Hiramatsu) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Fix flush_tlb_page() on Xen (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Disable preemption during CR3 read+write (Sebastian Andrzej Siewior) [Orabug: 27333764] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27333764] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86: Clean up cr4 manipulation (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27333764] {CVE-2017-5754}\n- x86/ldt: Make modify_ldt synchronous (Andy Lutomirski) [Orabug: 27333764] {CVE-2017-5754} {CVE-2015-5157}", "published": "2018-01-29T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4022.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715", "CVE-2015-5157"], "lastseen": "2018-01-30T02:59:02"}, {"id": "ELSA-2018-4020", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.39-400.298.2]\n- x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: Dont print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move ENABLE_IBRS in the interrupt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec: STUFF_RSB _before_ ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Move STUFF_RSB in to the idt macro (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/enter: MACROS to set/clear IBRS and set IBPB (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27369777] {CVE-2017-5715} {CVE-2017-5753}\n- x86: fix build breakage (Brian Maly) [Orabug: 27346425] {CVE-2017-5753}\n- kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI to match upstream (Mike Kravetz) {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- KPTI: Report when enabled (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333761] [Orabug: 27333760] {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Guenter Roeck) [Orabug: 27333761] [Orabug: 27333760] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/alternatives: add asm ALTERNATIVE macro (Mike Kravetz) [Orabug: 27333761] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT, dynamically disable KAISER if PARAVIRT (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86-32: Fix boot with CONFIG_X86_INVD_BUG (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: alloc_ldt_struct() use get_zeroed_page() (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- kaiser: user_map __kprobes_text too (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) [Orabug: 27333761] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Hugh Dickins) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: fix bad backport to disable PCID on Xen (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldnt use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86, cpufeature: Add CPU features from Intel document 319433-012A (H. Peter Anvin) [Orabug: 27333761] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27333761] {CVE-2017-5754}\n- x86-64: Map the HPET NX (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754}\n- x86/ldt: Make modify_ldt synchronous (Andy Lutomirski) [Orabug: 27333761] {CVE-2017-5754} {CVE-2015-5157}\n- x86, cpu: Add cpufeature flag for PCIDs (Arun Thomas) [Orabug: 27333761] {CVE-2017-5754}\n- x86/mm: Disable preemption during CR3 read+write (Sebastian Andrzej Siewior) [Orabug: 27333761] {CVE-2017-5754}\n- locking/barriers: fix compile issue (Brian Maly) [Orabug: 27346425] {CVE-2017-5753}\n- x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27346425] {CVE-2017-5753}\n- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}\n- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27346425] {CVE-2017-5753}", "published": "2018-01-24T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4020.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715", "CVE-2015-5157"], "lastseen": "2018-01-24T11:00:55"}, {"id": "ELSA-2018-4011", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[4.1.12-112.14.11]\n- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27363926] [Orabug: 27352353] {CVE-2017-5754}\n- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT (redux) (Konrad Rzeszutek Wilk) [Orabug: 27369994] \n- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27362581] \n- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27363792] \n- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/entry_64: TRACE_IRQS_OFF before re-enabling. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}\n- ptrace: remove unlocked RCU dereference. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}\n- x86/ia32: Adds code hygiene for 32bit SYSCALL instruction entry. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/ia32: don't save registers on audit call (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}\n- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT. (Konrad Rzeszutek Wilk) [Orabug: 27365544] {CVE-2017-5715}", "published": "2018-01-12T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4011.html", "cvelist": ["CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-01-13T09:03:01"}, {"id": "ELSA-2018-4006", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[4.1.12-112.14.10]\n- x86/ia32: save and clear registers on syscall. (Jamie Iles) [Orabug: 27355759] {CVE-2017-5754}\n- x86/IBRS: Save current status of MSR_IA32_SPEC_CTRL (Boris Ostrovsky) [Orabug: 27355887] \n- pti: Rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Pavel Tatashin) [Orabug: 27352353] {CVE-2017-5754}\n- usb/core: usb_alloc_dev(): fix setting of ->portnum (Nicolai Stange) [Orabug: 27356522] \n- x86/spec_ctrl: Add missing IBRS_DISABLE (Konrad Rzeszutek Wilk) \n- Make use of ibrs_inuse consistent. (Jun Nakajima)\n[4.1.12-112.14.8]\n- x86/kvm: Set IBRS on VMEXIT if guest disabled it. (Konrad Rzeszutek Wilk)\n[4.1.12-112.14.7]\n- Re-introduce clearing of r12-15, rbp, rbx (Kris Van Hees) [Orabug: 27352353] {CVE-2017-5754}\n- x86: more ibrs/pti fixes (Pavel Tatashin) [Orabug: 27352353] {CVE-2017-5754}\n- x86/spec: Actually do the check for in_use on ENABLE_IBRS (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- kvm: svm: Expose the CPUID.0x80000008 ebx flag. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/spec_ctrl: Provide the sysfs version of the ibrs_enabled (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Use better #define for FEATURE_ENABLE_IBRS and 0 (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Instead of 0x2, 0x4, and 0x1 use #defines. (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- kpti: Disable when running under Xen PV (Konrad Rzeszutek Wilk) [Orabug: 27352353] {CVE-2017-5754}\n- x86: Don't ENABLE_IBRS in nmi when we are still running on user cr3 (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86/enter: Use IBRS on syscall and interrupts - fix ia32 path (Konrad Rzeszutek Wilk) {CVE-2017-5715}\n- x86: Fix spectre/kpti integration (Konrad Rzeszutek Wilk) [Orabug: 27352353] {CVE-2017-5754}\n- PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27352353] {CVE-2017-5754}\n- KAISER KABI tweaks. (Martin K. Petersen) [Orabug: 27352353] {CVE-2017-5754}\n- x86/ldt: fix crash in ldt freeing. (Jamie Iles) [Orabug: 27352353] {CVE-2017-5754}\n- x86/entry: Define 'cpu_current_top_of_stack' for 64-bit code (Denys Vlasenko) [Orabug: 27352353] {CVE-2017-5754}\n- x86/entry: Remove unused 'kernel_stack' per-cpu variable (Denys Vlasenko) [Orabug: 27352353] {CVE-2017-5754}\n- x86/entry: Stop using PER_CPU_VAR(kernel_stack) (Denys Vlasenko) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: Set _PAGE_NX only if supported (Guenter Roeck) [Orabug: 27352353] {CVE-2017-5754}\n- x86/vdso: Get pvclock data from the vvar VMA instead of the fixmap (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- KPTI: Report when enabled (Kees Cook) [Orabug: 27352353] {CVE-2017-5754}\n- KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27352353] {CVE-2017-5754}\n- x86/kaiser: Move feature detection up (Borislav Petkov) [Orabug: 27352353] {CVE-2017-5754}\n- x86/kaiser: Reenable PARAVIRT (Borislav Petkov) [Orabug: 27352353] {CVE-2017-5754}\n- x86/paravirt: Dont patch flush_tlb_single (Thomas Gleixner) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: drop is_atomic arg to kaiser_pagetable_walk() (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- x86/kaiser: Check boottime cmdline params (Borislav Petkov) [Orabug: 27352353] {CVE-2017-5754}\n- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: fix unlikely error in alloc_ldt_struct() (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: paranoid_entry pass cr3 need to paranoid_exit (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: PCID 0 for kernel and 128 for user (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: enhanced by kernel and user PCIDs (Dave Hansen) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: vmstat show NR_KAISERTABLE as nr_overhead (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: delete KAISER_REAL_SWITCH option (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: cleanups while trying for gold link (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: kaiser_remove_mapping() move along the pgd (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: tidied up kaiser_add/remove_mapping slightly (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: tidied up asm/kaiser.h somewhat (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: ENOMEM if kaiser_pagetable_walk() NULL (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: fix perf crashes (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: KAISER depends on SMP (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: fix build and FIXME in alloc_ldt_struct() (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: do not set _PAGE_NX on pgd_none (Hugh Dickins) [Orabug: 27352353] {CVE-2017-5754}\n- kaiser: merged update (Dave Hansen) [Orabug: 27352353] {CVE-2017-5754}\n- KAISER: Kernel Address Isolation (Richard Fellner) [Orabug: 27352353] {CVE-2017-5754}\n- x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Make flush_tlb_mm_range() more predictable (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Remove flush_tlb() and flush_tlb_current_task() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/irq: Do not substract irq_tlb_count from irq_call_count (Aaron Lu) [Orabug: 27352353] {CVE-2017-5754}\n- sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- ARM: Hide finish_arch_post_lock_switch() from modules (Steven Rostedt) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm, sched/core: Turn off IRQs in switch_mm() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm, sched/core: Uninline switch_mm() (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- sched/core: Add switch_mm_irqs_off() and use it in the scheduler (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27352353] {CVE-2017-5754}\n- x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27352353] {CVE-2017-5754}", "published": "2018-01-09T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-4006.html", "cvelist": ["CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-01-09T12:54:27"}, {"id": "ELSA-2018-0029", "type": "oraclelinux", "title": "libvirt security update", "description": "[3.2.0-14.0.1.el7_4.7]\n- bump release and rebuild\n[3.2.0-14.el7_4.7]\n- qemu: Properly store microcode version in QEMU caps cache (CVE-2017-5715)\n[3.2.0-14.el7_4.6]\n- util: add virFileReadHeaderQuiet wrapper around virFileReadHeaderFD (CVE-2017-5715)\n- util: introduce virHostCPUGetMicrocodeVersion (CVE-2017-5715)\n- cpu_x86: Rename virCPUx86MapInitialize (CVE-2017-5715)\n- conf: include x86 microcode version in virsh capabiltiies (CVE-2017-5715)\n- qemu: capabilities: force update if the microcode version does not match (CVE-2017-5715)\n- cpu: add CPU features and model for indirect branch prediction protection (CVE-2017-5715)", "published": "2018-01-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2018-0029.html", "cvelist": ["CVE-2017-5715"], "lastseen": "2018-01-06T12:59:04"}], "redhat": [{"id": "RHSA-2018:0464", "type": "redhat", "title": "(RHSA-2018:0464) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\n* Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\n* Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nRed Hat would like to thank Google Project Zero for reporting these issues.\n\nBug Fix(es):\n\n* Previously, the page table isolation feature was able to modify the kernel Page Global Directory (PGD) entries with the _NX bit even for CPUs without the capability to use the \"no execute\" (NX) bit technology. Consequently, the page tables got corrupted, and the kernel panicked at the first page-fault occurrence. This update adds the check of CPU capabilities before modifying kernel PGD entries with _NX. As a result, the operating system no longer panics on boot due to corrupted page tables under the described circumstances. (BZ#1538169)\n\n* When booting the operating system with the Kernel Page Table Isolation option enabled, the HPET VSYSCALL shadow mapping was not placed correctly. Consequently, the High Precision Event Timer (HPET) feature was not available early enough, and warnings on boot time occurred. This update fixes the placement of HPET VSYSCALL, and the warnings on boot time due to this behavior no longer occur. (BZ#1541281)\n\n* Previously, the routine preparing the kexec crashkernel area did not properly clear the page allocated to be kexec's Page Global Directory (PGD). Consequently, the page table isolation shadow mapping routines failed with a warning message when setting up page table entries. With this update, the underlying source code has been fixed to clear the kexec PGD allocated page before setting up its page table entries. As a result, warnings are no longer issued when setting up kexec. (BZ#1541285)\n\n* When changing a kernel page mapping from Read Only (RO) to Read Write (RW), the Translation Lookaside Buffer (TLB) entry was previously not updated. Consequently, a protection fault on a write operation occurred, which led to a kernel panic. With this update, the underlying source code has been fixed to handle such kind of fault properly, and the kernel no longer panics in the described situation. (BZ#1541892)", "published": "2018-03-07T19:50:33", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0464", "cvelist": ["CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-03-07T15:48:38"}, {"id": "RHSA-2018:0090", "type": "redhat", "title": "(RHSA-2018:0090) Important: Red Hat CloudForms 4.2 security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-16T02:33:22", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0090", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-15T22:07:22"}, {"id": "RHSA-2018:0089", "type": "redhat", "title": "(RHSA-2018:0089) Important: Red Hat CloudForms 4.1 security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system. CloudForms virtual machines include a copy of the Linux Kernel.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-16T02:33:19", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0089", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-15T22:08:20"}, {"id": "RHSA-2018:0020", "type": "redhat", "title": "(RHSA-2018:0020) Important: kernel security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T20:05:39", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0020", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-06T09:58:40"}, {"id": "RHSA-2018:0007", "type": "redhat", "title": "(RHSA-2018:0007) Important: kernel security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T03:30:46", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0007", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-04-15T16:21:20"}, {"id": "RHSA-2018:0021", "type": "redhat", "title": "(RHSA-2018:0021) Important: kernel-rt security update", "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T21:01:58", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0021", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-06T09:58:56"}, {"id": "RHSA-2018:0011", "type": "redhat", "title": "(RHSA-2018:0011) Important: kernel security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T03:35:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0011", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-06T09:59:18"}, {"id": "RHSA-2018:0016", "type": "redhat", "title": "(RHSA-2018:0016) Important: kernel-rt security update", "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T10:10:11", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0016", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-03-28T02:40:33"}, {"id": "RHSA-2018:0045", "type": "redhat", "title": "(RHSA-2018:0045) Important: rhvm-appliance security update", "description": "The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-05T20:35:48", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0045", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-03-28T02:40:26"}, {"id": "RHSA-2018:0008", "type": "redhat", "title": "(RHSA-2018:0008) Important: kernel security update", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.\n\nNote: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.\n\nIn this update mitigations for x86-64 architecture are provided.\n\nVariant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.\n\nRed Hat would like to thank Google Project Zero for reporting these issues.", "published": "2018-01-04T03:31:17", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2018:0008", "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754"], "lastseen": "2018-01-06T09:59:07"}], "packetstorm": [{"id": "PACKETSTORM:145645", "type": "packetstorm", "title": "Spectre Information Disclosure Proof Of Concept", "description": "", "published": "2018-01-04T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-05T00:28:26"}], "zdt": [{"id": "1337DAY-ID-29366", "type": "zdt", "title": "Multiple CPUs - Spectre Information Disclosure (PoC) Exploit", "description": "Exploit for multiple platform in category local exploits", "published": "2018-01-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://0day.today/exploit/description/29366", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-09T13:27:32"}], "threatpost": [{"id": "APPLE-RELEASES-SPECTRE-PATCHES-FOR-SAFARI-MACOS-AND-IOS/129365", "type": "threatpost", "title": "Apple Releases Spectre Patches for Safari, macOS and iOS", "description": "Apple released iOS 11.2.2 software Monday for iPhones, iPads and iPod touch models that patch for the Spectre vulnerabilities. A macOS High Sierra 10.13.2 supplemental update was also released to bolster Spectre defenses in Apple\u2019s Safari browser and WebKit, the web browser engine used by Safari, Mail, and App Store.\n\nThis is the second update for Apple since last week\u2019s revelation of the massive processor vulnerabilities, Meltdown and Spectre, [impacting CPU\u2019s worldwide](<https://threatpost.com/intel-in-security-hot-seat-over-serious-cpu-design-flaw/129289/>). Apple previously released mitigations against Meltdown with updates that included iOS 11.2, macOS and tvOS 11.2.\n\n### Related Posts\n\n#### [Experts Weigh In On Spectre Patch Challenges](<https://threatpost.com/experts-weigh-in-on-spectre-patch-challenges/129337/> \"Permalink to Experts Weigh In On Spectre Patch Challenges\" )\n\nJanuary 7, 2018 , 11:21 pm\n\n#### [Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts](<https://threatpost.com/vendors-share-patch-updates-on-spectre-and-meltdown-mitigation-efforts/129307/> \"Permalink to Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts\" )\n\nJanuary 4, 2018 , 1:01 pm\n\n#### [MacOS LPE Exploit Gives Attackers Root Access](<https://threatpost.com/macos-lpe-exploit-gives-attackers-root-access/129282/> \"Permalink to MacOS LPE Exploit Gives Attackers Root Access\" )\n\nJanuary 2, 2018 , 5:12 pm\n\nMonday\u2019s three updates include [macOS High Sierra 10.13.2 supplemental](<https://support.apple.com/en-us/HT208397>), [Safari 11.0.2](<https://support.apple.com/en-us/HT208403>), and [iOS 11.2.2](<https://support.apple.com/en-us/HT208401>). The updates \u201cincludes security improvements\u201d to mitigate the two known methods for exploiting Spectre identified as variants \u201cbounds check bypass\u201d ([CVE-2017-5753](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753>)/Spectre/variant 1) and \u201cbranch target injection\u201d ([CVE-2017-5715/Spectre](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715>)/variant 2).\n\nApple said the Safari 11.0.2 update is available for OS X El Capitan 10.11.6 and macOS Sierra 10.12.6. The macOS High Sierra 10.13.2 supplemental update includes security updates for Safari and WebKit. iOS 11.2.2 is for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.\n\nAccording to experts, the Spectre vulnerability, variant is much more difficult attack to carry out than Meltdown because it breaks the isolation between different applications. But, at the same time, it will also be harder to patch.\n\nThere is also a greater sense of urgency with Spectre. A Meltdown attack scenario requires an attacker to already have a foothold on the targeted system. Spectre opens up certain types of remote attack scenarios such as browser-based attacks, according to researchers.\n\nLast week Mozilla, along with Microsoft and Google, updated the code in their browsers to increase them time it takes to execute certain Java commands that could exploit the Spectre flaws, making it exponentially harder \u2013 but not impossible \u2013 to exploit.\n\n\u201cA JavaScript attack being able to pull memory contents of the browser and could result in pulling credentials and session keys, which bypasses a lot of a lot of security protections,\u201d said Jimmy Graham, director of product management at Qualys [in a previous interview with Threatpost](<https://threatpost.com/experts-weigh-in-on-spectre-patch-challenges/129337/>).\n\nApple is not releasing any additional technical details of the patches, including what \u2013 if any \u2013 penalty patches may have on device performance.", "published": "2018-01-08T16:57:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://threatpost.com/apple-releases-spectre-patches-for-safari-macos-and-ios/129365/", "cvelist": ["CVE-2017-5753", "CVE-2017-5715"], "lastseen": "2018-01-09T01:03:08"}, {"id": "EXPERTS-WEIGH-IN-ON-SPECTRE-PATCH-CHALLENGES/129337", "type": "threatpost", "title": "Experts Weigh In On Spectre Patch Challenges", "description": "The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices.\n\nCurrently, vendors are focused on three main mitigation efforts. Patches that address the Meltdown flaws are KPTI (Kernel Page Table Isolation) and KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed). On Thursday, Google unveiled a [Retpoline coding technique](<https://support.google.com/faqs/answer/7625886>) for mitigating against Spectre attacks.\n\n### Related Posts\n\n#### [Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts](<https://threatpost.com/vendors-share-patch-updates-on-spectre-and-meltdown-mitigation-efforts/129307/> \"Permalink to Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts\" )\n\nJanuary 4, 2018 , 1:01 pm\n\n#### [Intel In Security Hot Seat Over Reported CPU Design Flaw](<https://threatpost.com/intel-in-security-hot-seat-over-serious-cpu-design-flaw/129289/> \"Permalink to Intel In Security Hot Seat Over Reported CPU Design Flaw\" )\n\nJanuary 3, 2018 , 2:33 pm\n\n#### [Intel Patches CPU Bugs Impacting Millions of PCs, Servers](<https://threatpost.com/intel-patches-cpu-bugs-impacting-millions-of-pcs-servers/128962/> \"Permalink to Intel Patches CPU Bugs Impacting Millions of PCs, Servers\" )\n\nNovember 21, 2017 , 3:03 pm\n\nIntel [said last week](<https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/>) that it is \u201crapidly issuing updates for all types of Intel-based computer systems\u201d that include software patches and firmware updates that will \u201cimmunize\u201d more than 90 percent of processors introduced in the past five years. By the end of this week those ambitious patching efforts will be complete, Intel said.\n\nSecurity experts say two vectors that exploit Spectre will be particularly challenging to \u201cimmunize.\u201d\n\nCurrently known methods for exploiting Meltdown and Spectre are identified as variants \u201cbounds check bypass\u201d ([CVE-2017-5753](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753>)/Spectre/variant 1), \u201cbranch target injection\u201d ([CVE-2017-5715/Spectre](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715>)/variant 2) and \u201crogue data cache load\u201d ([CVE-2017-5754/Meltdown](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754>)/variant 3).\n\n\u201cMeltdown is a well-defined vulnerability where a user-mode program can access privileged kernel-mode memory. This makes patching Meltdown much easier than Spectre by ensuring kernel memory is unmapped from a user-mode, which is what we see in the form of kernel page-table isolation (KPTI),\u201d said Jeff Tang, senior security researcher at Cylance.\n\nSpectre is much more difficult to attack to carry out because it breaks the isolation between different applications, researchers say. But at the same time, it will also be harder to patch.\n\nBen Carr, VP of strategy at Cyberbit, said there is not a single patch that can be applied for Spectre and mitigation efforts will require ongoing efforts. He said Spectre attacks do not rely on a specific feature of a single processor\u2019s memory management and protection system, making future attacks part of a generalized strategy to undermine a CPU.\n\n\u201cIn the case of Spectre, it is a class of attack not a specific vulnerability\u2026 Exploits are based on the side effects of speculative execution, specifically branch prediction. This type of exploit will be tailored and continue to morph and change making patching extremely difficult,\u201d Carr said.\n\nResearchers say, Spectre also represents a larger challenge to the industry because it requires a greater degree of coordination among stakeholders to mitigate.\n\nExploits targeting Spectre variant 1 (bounds check bypass) requires custom compiled binaries from vendors. Fixing variant 2 (branch target injection) entails a microcode update, which will be delivered through Intel OEM partners, as well as a patched OS kernel which leverages the microcode update, said Alex Ionescu, vice president of EDR Strategy.\n\n\u201cAll major browsers have provided patches, and Linux\u2019s kernel JIT engine needs a patch as well. Other JIT-type applications/libraries/kernel components which run arbitrary code will require individual patches,\u201d Ionescu said of variant 1.\n\nMicrosoft Windows kernel has a patch available to leverage an update for variant 2, and Linux is currently merging a fix into their mainline kernel for release to distributions, Ionescu said.\n\nBecause Spectre patches require mitigation techniques that don\u2019t exist, software vendors need to update their compiler infrastructure and recompile their products for patches, researchers said. Next, users need to update their software.\n\n\u201cThat\u2019s quite the pipeline in order to address just one vulnerability with a massive window of opportunity for nefarious actors to cause mischief,\u201d Tang said.\n\nThere is also a greater sense of urgency with Spectre. A Meltdown attack scenario requires an attacker to already have a foothold on the targeted system. Spectre opens up certain types of remote attack scenarios such as browser-based attacks, said Jimmy Graham, director of product management at Qualys.\n\n\u201cA JavaScript attack being able to pull memory contents of the browser and could result in pulling credentials and session keys, which bypasses a lot of a lot of security protections,\u201d Graham said.\n\nLast week Mozilla, along with Microsoft and Google, updated the code in their browsers to increase them time it takes to execute certain Java commands that could exploit the Spectre flaws, making it exponentially harder \u2013 but not impossible \u2013 to exploit.\n\nLastly, experts also claim patches for Spectre negatively impact CPU performance to a greater degree than Meltdown patches, something that could dissuade some from patching.\n\nGoogle said its Retpoline patch for Spectre and Meltdown have a \u201cnegligible\u201d impact on CPU performance. Retpoline has already been deployed by in the Google Cloud infrastructure, with no significant impact on speeds, according to the company.\n\nThe Retpoline technique focuses on mitigating one of the three variants involved in the new attacks (branch target injection/variant 2), considered the most difficult of the three to address. The patch technique is described as \u201ca specially contrived way to run operating system kernel code that prevents incorrect branch speculation,\u201d said Jon Masters, chief ARM architect with Red Hat [in a blog post](<https://www.redhat.com/en/blog/what-are-meltdown-and-spectre-here%E2%80%99s-what-you-need-know>).\n\nThe fix requires CPU vendors to have kernel with countermeasures, such as microcode updates, already in place. Intel said that it would issue its own microcode updates to address the issue. AMD said a microcode update to disable branch [prediction is now available](<https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html>).\n\n\u201cThe Retpoline technique is currently being introduced to the Clang/LLVM compiler as a mitigation for one variant of the Spectre vulnerability,\u201d Tang said. \u201cHowever, the LLVM compiler is predominantly used by Apple\u2019s macOS, certain Linux and BSD distributions, and Google Chrome. Missing from this list is Microsoft Windows and other popular programs for Microsoft Windows that typically use Microsoft\u2019s C/C++ compiler.\u201d\n\nExperts point out each of the patches don\u2019t remove the threat of attacks, just reduce by varying degrees the likelihood an attacker will be successful. They maintain the only the only true fix is replacing a computer\u2019s CPU.\n\n\u201cGiven the increased scrutiny of speculative execution attacks (aka side channel attacks) and the fact that the available updates are merely mitigations, we may see some very creative workarounds that continue to give these vulnerabilities additional lifespan if not new vulnerabilities within the same class,\u201d Tang said.\n\nHe said the same way buffer-overflow vulnerabilities and Heartbleed lead to years of vulnerable programs, Meltdown and Spectre will have a similar impact on the security landscape.", "published": "2018-01-07T23:21:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://threatpost.com/experts-weigh-in-on-spectre-patch-challenges/129337/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-01-08T08:58:28"}, {"id": "VENDORS-SHARE-PATCH-UPDATES-ON-SPECTRE-AND-MELTDOWN-MITIGATION-EFFORTS/129307", "type": "threatpost", "title": "Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts", "description": "Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide.\n\nThe two flaws, [Spectre and Meltdown](<https://spectreattack.com/>), are far reaching and impact a wide range of microprocessors used in the past decade in computers and mobile devices including those running Android, Chrome, iOS, Linux, macOS and Windows. While Meltdown only affects Intel processors, Spectre affects chips from Intel, AMD, ARM and others.\n\n### Related Posts\n\n#### [Intel In Security Hot Seat Over Reported CPU Design Flaw](<https://threatpost.com/intel-in-security-hot-seat-over-serious-cpu-design-flaw/129289/> \"Permalink to Intel In Security Hot Seat Over Reported CPU Design Flaw\" )\n\nJanuary 3, 2018 , 2:33 pm\n\n#### [Mozilla Patches Critical Bug in Thunderbird](<https://threatpost.com/mozilla-patches-critical-bug-in-thunderbird/129244/> \"Permalink to Mozilla Patches Critical Bug in Thunderbird\" )\n\nDecember 26, 2017 , 2:09 pm\n\n#### [Permissions Flaw Found on Azure AD Connect](<https://threatpost.com/permissions-flaw-found-azure-ad-connect/129170/> \"Permalink to Permissions Flaw Found on Azure AD Connect\" )\n\nDecember 14, 2017 , 12:43 pm\n\nCurrently known vectors for exploiting the flaws are identified as \u201cbounds check bypass\u201d ([CVE-2017-5753](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753>)), \u201cbranch target injection\u201d ([CVE-2017-5715](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715>)) and \u201crogue data cache load\u201d ([CVE-2017-5754](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754>)), according to researchers at Google Project Zero.\n\nHere is how companies are responding to revelations of the flaws, also referred to as \u201cspeculative execution side-channel attacks\u201d vulnerabilities.\n\nAs for Intel, all Intel processors released since 1995 are impacted by Meltdown, according to researchers. The company said Wednesday that OEMs will release relevant Intel firmware updates to address the issue. \u201cCheck with your operating system vendor or system manufacturer and apply any available updates as soon as they are available,\u201d [the company said in a statement](<https://newsroom.intel.com/news/intel-responds-to-security-research-findings/>).\n\nMicrosoft said it was offering an out-of-band update for Windows, ahead of next week\u2019s Patch Tuesday security update. \u201cMicrosoft has released several updates to help mitigate these vulnerabilities. We have also taken action to secure our cloud services,\u201d the company said in [a statement to its Security TechCenter](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002>).\n\nLinux security patches, protecting against Spectre and Meltdown exploits, were pushed out last week. Thomas Gleixner, a Linux kernel developer, posted last month to [the Linux Kernel Mailing List](<https://lkml.org/lkml/2017/12/4/709>) information about isolation patches called KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed).\n\nMobile chip designer [ARM said most processors](<https://developer.arm.com/support/security-update>) designed by the company are not affected by Spectre. Those chips that are include: Cortex-A75, Cortex-A73, Cortex-A72, Cortex-A57-, Cortex-A17, and Cortex-A9.\n\nGoogle addressed the issue on Wednesday stating: \u201cWe are posting before an originally coordinated disclosure date of January 9, 2018 because of existing public reports and growing speculation in the press and security research community about the issue, which raises the risk of exploitation.\u201d\n\nGoogle said Android devices with the [latest security update](<https://source.android.com/security/bulletin/2018-01-01>), released on Jan. 3, are protected. Google Chrome OS versions prior to 63 are not patched. Google added, \u201cChrome 64, due to be released on January 23, will contain mitigations to protect against exploitation.\u201d Google said its Google Cloud Infrastructure and Google App Engine require \u201cno additional user or customer action.\u201d Google Compute Engine customers [have been informed](<https://cloud.google.com/compute/docs/security-bulletins>) the infrastructure is patched, but \u201ccustomers much patch/update guest environment(s),\u201d according to Google.\n\nAmazon [released a statement](<https://aws.amazon.com/security/security-bulletins/AWS-2018-013/>) regarding the impact of Meltdown and Spectre stating: \u201cAll but a small single-digit percentage of instances across the Amazon EC2 fleet are already protected. The remaining ones will be completed in the next several hours, with associated instance maintenance notifications.\u201d\n\n\u201cWhile the updates AWS performs protect underlying infrastructure, in order to be fully protected against these issues, customers must also patch their instance operating systems. Updates for Amazon Linux have been made available, and instructions for updating existing instances are provided further below along with any other AWS-related guidance relevant to this bulletin,\u201d Amazon said.\n\n> Windows 17035 Kernel ASLR/VA Isolation In Practice (like Linux KAISER). First screenshot shows how NtCreateFile is not mapped in the kernel region of the user CR3. Second screenshot shows how a 'shadow' kernel trap handler, is (has to be). [pic.twitter.com/7PriLIJHe1](<https://t.co/7PriLIJHe1>)\n> \n> \u2014 Alex Ionescu (@aionescu) [November 14, 2017](<https://twitter.com/aionescu/status/930412525111296000?ref_src=twsrc%5Etfw>)\n\nApple has not released a statement relating to the Spectre and Meltdown. However, it\u2019s understood that the recent macOS 10.13.2 update, released on Dec. 6, partially addressed the flaw. Alex Ionescu, vice president of endpoint detection and response strategy at Crowdstrike, appears to confirm this in a tweet:\n\n\u201cThe question on everyone\u2019s minds: Does MacOS fix the Intel #KPTI Issue? Why yes, yes it does. Say hello to the \u201cDouble Map\u201d since 10.13.2 \u2014 and with some surprises in 10.13.3 (under Developer NDA so can\u2019t talk/show you).\u201d\n\nAMD [said the impact](<https://www.amd.com/en/corporate/speculative-execution>) of the three known vectors for exploiting Spectre and Meltdown ([CVE-2017-5753](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753>), [CVE-2017-5715](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715>)) and [CVE-2017-5754](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754>)) are minimal. It said issues tied to [CVE-2017-5753](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753>) will be addressed via OS updates made by system vendors and are expected to have \u201cnegligible performance impact\u201d on system performance. However, the \u201cbranch target injection\u201d vector ([CVE-2017-5715](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715>)) could impact a small number of customers. \u201cDifferences in AMD architecture mean there is a near zero risk of exploitation of this variant,\u201d AMD said.\n\nOn the Mozilla Security Blog, Luke Wagner, a Mozilla software engineer, said the Firefox browser is impacted by Meltdown and Spectre.\n\n\u201cOur internal experiments confirm that it is possible to use similar techniques from Web content to read private information between different origins. The full extent of this class of attack is still under investigation and we are working with security researchers and other browser vendors to fully understand the threat and fixes,\u201d [Wagner wrote](<https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/>).\n\nWagner added Mozilla has implemented a short-term fix in all Firefox releases starting with 57. \u201cSince this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox,\u201d he said.\n\nGoogle\u2019s security research team [Google Project Zero](<https://googleprojectzero.blogspot.com/>) discovered the Meltdown flaw last June. Jann Horn, a security analyst at a Google, is credited for discovering the flaw. Also credited for discovering the vulnerability is Werner Haas and Thomas Prescher, at Cyberus Technology; and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz at the Graz University of Technology.\n\nOn Wednesday, the United States Computer Emergency Readiness Team issued one of the harshest recommendations for fixing the issue. Under the heading \u201cSolutions\u201d, US-CERT states \u201creplace CPU hardware.\u201d\n\n\u201cThe underlying vulnerability is primarily caused by CPU implementation optimization choices. Fully removing the vulnerability requires replacing vulnerable CPU hardware,\u201d US-CERT states.", "published": "2018-01-04T13:01:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://threatpost.com/vendors-share-patch-updates-on-spectre-and-meltdown-mitigation-efforts/129307/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-01-04T22:58:39"}, {"id": "NEW-MICROSOFT-BUG-BOUNTY-PROGRAM-LOOKS-TO-SQUASH-THE-NEXT-SPECTRE-MELTDOWN/130523", "type": "threatpost", "title": "New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown", "description": "In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities.\n\nThe limited time [program](<https://blogs.technet.microsoft.com/msrc/2018/03/14/speculative-execution-bounty-launch/>) is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution attacks that Microsoft and other industry partners are not yet aware of. \n\n### Related Posts\n\n#### [Intel Details CPU \u2018Virtual Fences\u2019 Fix As Safeguard Against Spectre, Meltdown Flaws](<https://threatpost.com/intel-details-cpu-virtual-fences-fix-as-safeguard-against-spectre-meltdown-flaws/130501/> \"Permalink to Intel Details CPU \u2018Virtual Fences\u2019 Fix As Safeguard Against Spectre, Meltdown Flaws\" )\n\nMarch 16, 2018 , 10:38 am\n\n#### [Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update](<https://threatpost.com/microsoft-patches-15-critical-bugs-in-march-patch-tuesday-update/130424/> \"Permalink to Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update\" )\n\nMarch 13, 2018 , 6:25 pm\n\n#### [AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips](<https://threatpost.com/amd-investigating-reports-of-13-critical-vulnerabilities-found-in-ryzen-epyc-chips/130404/> \"Permalink to AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips\" )\n\nMarch 13, 2018 , 4:04 pm\n\nSpeculative execution side channels are a hardware vulnerability class that affects CPUs from multiple manufacturers. The vulnerabilities were thrust into the spotlight in January after it was disclosed that there are three variants of the issue, dubbed Spectre and Meltdown, that could potentially enable hackers to access users\u2019 data. \n\nThese security flaws impact processors across the board, including Intel, ARM and AMD. Microsoft, for its part, has worked to release firmware and software updates for its devices featuring these CPUs.\n\n\u201cIn recognition of that threat environment change, we are launching a bounty program to encourage research into the new class of vulnerability and the mitigations Microsoft has put in place to help mitigate this class of issues,\u201d Phillip Misner, principal security group manager at Microsoft, said in a [post](<https://blogs.technet.microsoft.com/msrc/2018/03/14/speculative-execution-bounty-launch/>).\n\nMicrosoft\u2019s bug bounty program features a second tier that offers up to $200,000 to find speculative execution side channel attacks that can be used to read sensitive memory that is not allocated to an attacker\u2019s virtual machine on Azure.\n\nAnother tier of the program offers up to $200,000 to find a novel method of bypassing speculative execution mitigations on Windows. That could include a method of bypassing Windows mitigations for \u201cbranch target injections\u201d like Spectre variant 2 (or CVE-2017-5715) or \u201crogue data cache load\u201d like the Meltdown variant (or CVE-2017-5754). \u201cThese bypasses must demonstrate that it is possible to disclose sensitive information when these mitigations are present and enabled,\u201d according to Microsoft.\n\nThe company is also offering up to $25,000 to find instances of a known speculative execution vulnerability in Windows 10 or Microsoft Edge. That includes exploitable instances of Spectre variant 1 (CVE-2017-5753).\n\nMicrosoft has kept up with mitigations around Spectre and Meltdown after the vulnerabilities were first disclosed in January. In March, the company released a myriad of software and firmware/microcode updates, including protected updates for its x86 version of Windows 10 and microcode updates for devices running the Windows 10 Fall Creators Updates and Intel\u2019s sixth-gen Skylake processors.\n\nMost recently, the company offered [new updates](<https://threatpost.com/microsoft-patches-15-critical-bugs-in-march-patch-tuesday-update/130424/>) against Meltdown and Spectre with new releases on this month\u2019s Patch Tuesday for PCs running x86 versions of Windows 7 and 8.1 as well as Server 2008 and 2012.\n\nMicrosoft isn\u2019t alone in offering bounties to look for new side channel vulnerabilities \u2013 last month, [Intel](<https://threatpost.com/intel-expands-bug-bounty-program-post-spectre-and-meltdown/129980/>) also launched a new bug bounty program focused specifically on side channel vulnerabilities similar to Spectre and Meltdown, with potential awards for disclosures totaling up to $250,000.", "published": "2018-03-16T16:15:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://threatpost.com/new-microsoft-bug-bounty-program-looks-to-squash-the-next-spectre-meltdown/130523/", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "lastseen": "2018-03-17T02:50:57"}, {"id": "INTEL-DETAILS-CPU-VIRTUAL-FENCES-FIX-AS-SAFEGUARD-AGAINST-SPECTRE-MELTDOWN-FLAWS/130501", "type": "threatpost", "title": "Intel Details CPU 'Virtual Fences' Fix As Safeguard Against Spectre, Meltdown Flaws", "description": "Intel introduced hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when the vulnerabilities were made public in early 2018.\n\nSpectre and Meltdown, which account for three variants of a side-channel analysis security issue in server and desktop processors, could potentially allow hackers to access users\u2019 protected data. The security flaws, which were first disclosed by Google Project Zero in early January, impact processors including those from Intel, ARM and AMD.\n\n### Related Posts\n\n#### [Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update](<https://threatpost.com/microsoft-patches-15-critical-bugs-in-march-patch-tuesday-update/130424/> \"Permalink to Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update\" )\n\nMarch 13, 2018 , 6:25 pm\n\n#### [AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips](<https://threatpost.com/amd-investigating-reports-of-13-critical-vulnerabilities-found-in-ryzen-epyc-chips/130404/> \"Permalink to AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips\" )\n\nMarch 13, 2018 , 4:04 pm\n\n#### [Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips](<https://threatpost.com/intel-releases-updated-spectre-fixes-for-broadwell-and-haswell-chips/130144/> \"Permalink to Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips\" )\n\nFebruary 28, 2018 , 9:59 am\n\nIn order to protect against these flaws, Intel said Thursday said it has designed a new set of CPU design features that work with the operating system to install \u201cvirtual fences\u201d protecting the system from speculative execution attacks that could exploit a variant of the Spectre flaw.\n\n\u201cWe have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3,\u201d Brian Krzanich, CEO of Intel, said in a blog [post](<https://newsroom.intel.com/editorials/advancing-security-silicon-level/>). \u201cThink of this partitioning as additional \u201cprotective walls\u201d between applications and user privilege levels to create an obstacle for bad actors.\u201d\n\nKrzanich said the new safeguards will be built into Intel\u2019s next-generation Xeon Scalable processors, code-named Cascade Lake, as well as Intel\u2019s eighth-gen Core processors that are expected to ship in the second half of 2018.\n\n\u201cAs we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical. Our goal is to offer not only the best performance, but also the best secure performance,\u201d said Krzanich in a statement.\n\nOn the heels of Intel\u2019s announcement of hardware fixes, many in the industry are still waiting for more in-depth details on these upcoming chips, including specifics around performance and how the security features operate at a technical level.\n\n> Promise has been given, but we know only a few details abut the HW solution\u2026<https://t.co/WmThNMIlKh>[#Intel](<https://twitter.com/hashtag/Intel?src=hash&ref_src=twsrc%5Etfw>) [#Meltdown](<https://twitter.com/hashtag/Meltdown?src=hash&ref_src=twsrc%5Etfw>) [#Spectre](<https://twitter.com/hashtag/Spectre?src=hash&ref_src=twsrc%5Etfw>) [#vulnerability](<https://twitter.com/hashtag/vulnerability?src=hash&ref_src=twsrc%5Etfw>) [#hardware](<https://twitter.com/hashtag/hardware?src=hash&ref_src=twsrc%5Etfw>) [#Solution](<https://twitter.com/hashtag/Solution?src=hash&ref_src=twsrc%5Etfw>) [#CyberSecurity](<https://twitter.com/hashtag/CyberSecurity?src=hash&ref_src=twsrc%5Etfw>)\n> \n> \u2014 Peter Santavy (@PSantavy) [March 16, 2018](<https://twitter.com/PSantavy/status/974639244785438720?ref_src=twsrc%5Etfw>)\n\n> Intel has announced that their next-gen Xeons (Cascade Lake) and 8th Gen Core that will ship in H2 have been redesigned in order to protect against Spectre (Var 2, [#CVE](<https://twitter.com/hashtag/CVE?src=hash&ref_src=twsrc%5Etfw>)-2017-5715) and Meltdown (Var 3, CVE-2017-5754) through partitioning. Exact details were not disclosed.\n> \n> \u2014 WikiChip (@WikiChip) [March 16, 2018](<https://twitter.com/WikiChip/status/974642340794191877?ref_src=twsrc%5Etfw>)\n\nIn addition to Intel\u2019s new hardware, Krzanich said that the company has now also released microcode updates for all the Intel products launched in the past five years requiring protection against Spectre and Meltdown.\n\nThat includes the company\u2019s newer Skylake, Kaby Lake and Cannon Lake platforms, as well as its Broadwell and Haswell platforms, which were patched in [February](<https://threatpost.com/intel-issues-updated-spectre-firmware-fixes-for-newer-processors/130025/>).\n\nIntel has been looking to step up its security game on the heels of Google Project Zero\u2019s discovery of Meltdown and Spectre. Earlier this year the company launched a new [bug bounty program](<https://threatpost.com/intel-expands-bug-bounty-program-post-spectre-and-meltdown/129980/>) focused specifically on side channel vulnerabilities similar to Spectre and Meltdown, with potential awards for disclosures totaling up to $250,000. In February, Intel released a [new whitepaper](<https://software.intel.com/sites/default/files/managed/1d/46/Retpoline-A-Branch-Target-Injection-Mitigation.pdf>) detailing Google\u2019s software fix for Spectre, called Retpoline.\n\nThere are three variants of the side-channel issue that impact both the hardware and software of Intel chips; while Meltdown breaks down the mechanism keeping applications from accessing arbitrary system memory, Spectre tricks other applications into accessing arbitrary locations in their memory. Intel said that its hardware security technology will protect against the Spectre variant 2 and Meltdown variant 3 flaws, however software fixes are still required to protect against Spectre variant 1 vulnerabilities.", "published": "2018-03-16T10:38:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://threatpost.com/intel-details-cpu-virtual-fences-fix-as-safeguard-against-spectre-meltdown-flaws/130501/", "cvelist": ["CVE-2017-5754"], "lastseen": "2018-03-16T19:05:42"}, {"id": "INTEL-HALTS-SPECTRE-FIXES-ON-OLDER-CHIPS-CITING-LIMITED-ECOSYSTEM-SUPPORT/130965", "type": "threatpost", "title": "Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support", "description": "Intel has halted patches for an array of older chips that would protect them against the Spectre vulnerability, according to a recent microcode update.\n\nThe microcode [update](<https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf>) shows that its older products \u2013 including Wolfdale, Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, SoFIA 3GR, and Yorkfield \u2013 will no longer receive patches.\n\n### Related Posts\n\n#### [Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack](<https://threatpost.com/microsoft-fixes-bad-patch-that-left-windows-7-server-2008-open-to-attack/130871/> \"Permalink to Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack\" )\n\nMarch 30, 2018 , 2:51 pm\n\n#### [New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown](<https://threatpost.com/new-microsoft-bug-bounty-program-looks-to-squash-the-next-spectre-meltdown/130523/> \"Permalink to New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown\" )\n\nMarch 16, 2018 , 4:15 pm\n\n#### [Intel Details CPU \u2018Virtual Fences\u2019 Fix As Safeguard Against Spectre, Meltdown Flaws](<https://threatpost.com/intel-details-cpu-virtual-fences-fix-as-safeguard-against-spectre-meltdown-flaws/130501/> \"Permalink to Intel Details CPU \u2018Virtual Fences\u2019 Fix As Safeguard Against Spectre, Meltdown Flaws\" )\n\nMarch 16, 2018 , 10:38 am\n\n\u201cWe\u2019ve now completed release of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered by Google Project Zero,\u201d said Intel in a statement to Threatpost. \u201cHowever, as indicated in our latest microcode revision guidance, we will not be providing updated microcode for a select number of older platforms for several reasons, including limited ecosystem support and customer feedback.\u201d\n\nAccording to the Intel\u2019s microcode update, \u201cafter a comprehensive investigation of
| Spectre| Meltdown