New types of side channel attacks impact most processors including Intel, AMD, ARM, etc. These attacks allow malicious userspace processes to read kernel memory, thus potentially causing kernel sensitive information to leak.

CPENameOperatorVersion
fortisandboxeq3.1.2
fortisandboxeq3.1.1
fortisandboxeq3.1.0
forticlientwindowseq5.6.4
forticlientwindowseq5.4.4
fortisiemeq4.10.0

Name	Operator	Version
fortisandbox	eq	3.1.2
fortisandbox	eq	3.1.1
fortisandbox	eq	3.1.0
forticlientwindows	eq	5.6.4
forticlientwindows	eq	5.4.4
fortisiem	eq	4.10.0

ibm 7

nessus 75

mskb 1

mscve 2

debian 7

threatpost 3

openvas 32

fedora 3

lenovo 3

cert 1

thn 2

oraclelinux 10

suse 3

osv 5

virtuozzo 2

ubuntu 6

centos 5

redhat 22

vmware 2

amazon 2

myhack58 2

intel 1

hp 1

mageia 1

cloudfoundry 1

ibm

Security Bulletin: This Power Hardware Management Console (HMC) update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown).

2021-09-23 01:45:02

Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Spectre variants 4 and 3a (CVE-2018-3639 CVE-2018-3640)

2023-12-07 22:31:00

Security Bulletin: This Power Hardware Management Console (HMC) update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 (known as MDS).

2021-09-22 23:05:38

nessus

Windows Speculative Execution Configuration Check

2019-12-18 00:00:00

Debian DLA-1506-1 : intel-microcode security update (Foreshadow) (Spectre)

2018-09-17 00:00:00

Security Updates for Windows 10 / Windows Server 2016 (August 2018) (Spectre) (Meltdown) (Foreshadow)

2018-08-24 00:00:00

mskb

KB4073065: Surface guidance to protect against silicon-based microarchitectural and speculative execution side-channel vulnerabilities

2018-05-21 07:00:00

mscve

Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities

2019-05-14 07:00:00

Microsoft Guidance to mitigate L1TF variant

2018-08-14 07:00:00

debian

[SECURITY] [DLA 1506-1] intel-microcode security update

2018-09-16 21:04:52

[SECURITY] [DSA 4469-1] libvirt security update

2019-06-22 16:55:45

[SECURITY] [DLA 1789-2] intel-microcode security update

2019-06-20 21:50:38

threatpost

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

2018-10-09 19:37:35

Intel CPUs Impacted By New Class of Spectre-Like Attacks

2019-05-14 18:01:49

Intel ZombieLoad Side-Channel Attack: 10 Takeaways

2019-05-15 16:48:11

openvas

Fedora Update for libvirt FEDORA-2019-6e146a714c

2019-05-21 00:00:00

Debian: Security Advisory (DSA-4469-1)

2019-06-24 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:14133-1)

2021-06-09 00:00:00

fedora

[SECURITY] Fedora 28 Update: libvirt-4.1.0-6.fc28

2019-05-21 01:14:10

[SECURITY] Fedora 30 Update: qemu-3.1.0-8.fc30

2019-05-17 01:08:38

[SECURITY] Fedora 30 Update: libvirt-5.1.0-5.fc30

2019-05-17 01:08:36

lenovo

Speculative Execution Side Channel Variants 4 and 3a - US

2018-09-13 11:41:00

Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US

2018-09-13 14:41:00

Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - US

2019-05-14 16:38:15

cert

CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

2018-05-21 00:00:00

thn

Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

2018-07-11 11:38:00

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

2019-05-14 20:20:00

oraclelinux

kernel security and bug fix update

2019-05-14 00:00:00

qemu-kvm security update

2019-05-15 00:00:00

libvirt security update

2019-05-14 00:00:00

suse

Security update for ucode-intel (important)

2019-05-28 00:00:00

Security update for ucode-intel (important)

2019-07-24 00:00:00

Security update for libvirt (important)

2019-06-03 00:00:00

osv

intel-microcode - security update

2019-06-20 00:00:00

linux - security update

2019-05-14 00:00:00

intel-microcode - security update

2019-05-15 00:00:00

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab138.1; Virtuozzo 6.0 Update 12 Hotfix 40 (6.0.12-3739)

2019-05-16 00:00:00

Important kernel security update: New kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-05-16 00:00:00

ubuntu

libvirt update

2019-05-16 00:00:00

libvirt update

2019-05-15 00:00:00

Linux kernel (Trusty HWE) vulnerabilities

2019-05-15 00:00:00

centos

kernel, perf, python security update

2019-05-15 15:42:15

libvirt security update

2019-05-15 15:41:00

qemu security update

2019-05-15 20:31:32

redhat

(RHSA-2019:1200) Important: qemu-kvm-rhev security update

2019-05-14 20:39:17

(RHSA-2019:1194) Important: libvirt security update

2019-05-14 20:17:03

(RHSA-2019:1189) Important: qemu-kvm security update

2019-05-14 20:13:31

vmware

VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)

2019-05-14 00:00:00

amazon

Important: qemu-kvm

2019-08-07 23:12:00

Important: kernel

2019-05-07 22:39:00

myhack58

Zombieload: Intel CPU exposure of a new side channel attack-exploit warning-the black bar safety net

2019-05-15 00:00:00

Intel official for 5 on 15, the aeration out of the CPU side channel vulnerabilities“ZombieLoad”detailed technical analysis on-the vulnerability warning-the black bar safety net

2019-05-20 00:00:00

intel

Microarchitectural Data Sampling Advisory

2021-05-11 00:00:00

HPSBHF03618 rev. 8 - Intel Microarchitectural Data Sampling Security Updates

2019-05-14 00:00:00

mageia

Updated microcode packages fix security vulnerabilities

2019-05-16 11:25:22

cloudfoundry

USN-3977-2: Intel Microcode update (AKA ZombieLoad Attack) | Cloud Foundry

2019-05-29 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

5.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

Related for FG-IR-18-002