Lucene search
Tenable700325.PRMHistoryAug 21, 2018 - 12:00 a.m.
Mozilla Firefox < 57.0.4 Multiple Vulnerabilities
2018-08-2100:00:00
Tenable
www.tenable.com
24
Versions of Mozilla Firefox earlier than 57.0.4 are unpatched for the following vulnerabilities :
- A flaw exists related to speculative execution, which is used as a performance feature to speed up operations. This optimization can result in memory being cached during conditional branches handling out-of-bounds checks. Using a vulnerable code pattern, or a JIT engine or interpreter to generate such a pattern, an attacker can perform a Flush+Reload or Evict+Reload side-channel attack on the cache and disclose parts of the privileged kernel memory. (CVE-2017-5753)
- A flaw exists in the fundamental design related to out-of-order process execution, which is used as a performance feature to speed up operations. This optimization can result in memory being cached before exceptions are raised for restricted memory access. Using transient instructions in combination with a Flush+Reload side-channel attack a local attacker can disclose parts of the privileged kernel memory. (CVE-2017-5754)
- A flaw exists related to speculative execution, which is used as a performance feature to speed up operations. This optimization can result in memory being cached during indirect branch prediction. This may allow a local attacker to train the Branch Target Buffer (BTB) to trigger a false prediction to a specially crafted memory location, causing a speculative execution of a crafted gadget and the caching of arbitrary memory. Using a side-channel attack on the cache the attacker can disclose parts of the privileged kernel memory. (CVE-2017-5754)
Binary data 700325.prmRelated
nessus
nessus
VMware vCenter Server 6.5.x < 6.5u1f Multiple Vulnerabilities (VMSA-2018-0007) (Spectre-1) (Meltdown)
2018-02-22 00:00:00
Oracle Linux 5 : kernel (ELSA-2018-0292)
2023-09-07 00:00:00
Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-006)
2018-02-05 00:00:00
ibm
ibm
oraclelinux
oraclelinux
kernel security update
2018-02-23 00:00:00
Unbreakable Enterprise kernel security update
2018-01-19 00:00:00
kernel security update
2018-01-04 00:00:00
intel
intel
redhat
redhat
(RHSA-2018:0464) Important: kernel security and bug fix update
2018-03-07 14:50:33
(RHSA-2018:0091) Important: Red Hat CloudForms 4.5 security update
2018-01-15 21:33:25
(RHSA-2018:0089) Important: Red Hat CloudForms 4.1 security update
2018-01-15 21:33:19
huawei
huawei
Security Advisory - CPU Vulnerabilities Meltdown and Spectre
2018-06-06 00:00:00
Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'
2018-01-06 00:00:00
redhatcve
redhatcve
CVE-2017-5715
2021-07-20 18:54:09
suse
suse
Security update for the Linux Kernel (important)
2018-01-16 21:08:59
Security update for the Linux Kernel (important)
2018-01-22 15:08:49
Security update for the Linux Kernel (important)
2018-01-16 21:08:19
seebug
seebug
Reading privileged memory with a side-channel
(Meltdown & Spectre)
2018-01-04 00:00:00
nvidia
nvidia
openvas
openvas
CentOS Update for kernel CESA-2018:0512 centos6
2018-03-15 00:00:00
Ubuntu: Security Advisory (USN-3540-1)
2018-01-23 00:00:00
Ubuntu: Security Advisory (USN-3541-2)
2018-01-23 00:00:00
mageia
mageia
Updated nvidia-current packages mitigates security issues
2018-01-13 17:28:36
qualysblog
qualysblog
Meltdown and Spectre Aren’t Business as Usual
2018-01-18 22:22:16
Processor Vulnerabilities – Meltdown and Spectre
2018-01-04 02:17:43
paloalto
paloalto
Information about Meltdown and Spectre findings
2018-01-04 00:00:00
malwarebytes
malwarebytes
Meltdown and Spectre fallout: patching problems persist
2018-01-11 14:00:00
Meltdown and Spectre: what you need to know
2018-01-04 15:53:24
cisco
cisco
CPU Side-Channel Information Disclosure Vulnerabilities
2018-01-04 22:20:00
cloudfoundry
cloudfoundry
USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-01-23 00:00:00
kitploit
kitploit
centos
centos
kernel, perf, python security update
2018-01-04 19:46:26
kernel, perf, python security update
2018-01-04 11:36:27
lenovo
lenovo
Reading Privileged Memory with a Side Channel - US
2018-10-24 12:22:52
Reading Privileged Memory with a Side Channel - Lenovo Support US
2018-10-24 12:22:52
symantec
symantec
Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability
2018-01-03 00:00:00
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
2018-01-08 08:00:00
f5
f5
virtuozzo
virtuozzo
Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2, Virtuozzo 6.0 Update 12 Hotfix 20 (6.0.12-3690)
2018-01-06 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerabilities
2018-03-15 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2018-01-23 00:00:00
Linux kernel vulnerabilities
2018-01-23 00:00:00
vmware
vmware
threatpost
threatpost
Experts Weigh In On Spectre Patch Challenges
2018-01-07 23:21:34
Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts
2018-01-04 13:01:52
arista
arista
Security Advisory 0031
2018-01-03 00:00:00
taosecurity
taosecurity
Lies and More Lies
2018-01-22 14:28:00
securelist
securelist
IT threat evolution Q1 2018
2018-05-14 10:00:08
thn
thn
[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks
2018-01-04 21:18:00
Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors
2018-01-03 19:34:00
citrix
citrix
Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
2018-01-03 04:00:00
talosblog
talosblog
Meltdown and Spectre
2018-01-08 09:16:00
veeam
veeam
Meltdown and Spectre vulnerabilities
2018-01-09 00:00:00
Related for 700325.PRM