Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2019-14051-1.NASL
HistoryMay 17, 2019 - 12:00 a.m.

SUSE SLES11 Security Update : kernel (SUSE-SU-2019:14051-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

2019-05-1700:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
36
JSON

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.

Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)

CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)

CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)

CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)

CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.

For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736

The following security bugs were fixed: CVE-2019-9213: The expand_downwards function in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).

CVE-2013-0216: The Xen netback functionality allowed guest OS users to cause a denial of service (loop) by triggering ring pointer corruption (bnc#800280).

CVE-2013-0231: The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen allowed guest OS users with PCI device access to cause a denial of service via a large number of kernel log messages. (bnc#801178).

CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c did not initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a recvfrom or recvmsg system call on an RDS socket (bnc#773383).

CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver allowed remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value (bnc#774523).

CVE-2013-0160: The kernel allowed local users to obtain sensitive information about keystroke timing by using the inotify API on the /dev/ptmx device (bnc#797175).

CVE-2013-1979: The scm_set_cred function in include/net/scm.h uses incorrect uid and gid values during credentials passing, which allowed local users to gain privileges via a crafted application (bnc#816708).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:14051-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(125250);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/26");

  script_cve_id(
    "CVE-2012-3412",
    "CVE-2012-3430",
    "CVE-2013-0160",
    "CVE-2013-0216",
    "CVE-2013-0231",
    "CVE-2013-1979",
    "CVE-2018-12126",
    "CVE-2018-12127",
    "CVE-2018-12130",
    "CVE-2019-9213",
    "CVE-2019-11091"
  );
  script_bugtraq_id(
    54702,
    54763,
    57176,
    57740,
    57743,
    59538
  );

  script_name(english:"SUSE SLES11 Security Update : kernel (SUSE-SU-2019:14051-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.

Four new speculative execution information leak issues have been
identified in Intel CPUs. (bsc#1111331)

CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)

CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)

CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)

CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
(MDSUM)

This kernel update contains software mitigations for these issues,
which also utilize CPU microcode updates shipped in parallel.

For more information on this set of information leaks, check out
https://www.suse.com/support/kb/doc/?id=7023736

The following security bugs were fixed: CVE-2019-9213: The
expand_downwards function in mm/mmap.c lacked a check for the mmap
minimum address, which made it easier for attackers to exploit kernel
NULL pointer dereferences on non-SMAP platforms. This is related to a
capability check for the wrong task (bnc#1128166).

CVE-2013-0216: The Xen netback functionality allowed guest OS users to
cause a denial of service (loop) by triggering ring pointer corruption
(bnc#800280).

CVE-2013-0231: The pciback_enable_msi function in the PCI backend
driver (drivers/xen/pciback/conf_space_capability_msi.c) in Xen
allowed guest OS users with PCI device access to cause a denial of
service via a large number of kernel log messages. (bnc#801178).

CVE-2012-3430: The rds_recvmsg function in net/rds/recv.c did not
initialize a certain structure member, which allowed local users to
obtain potentially sensitive information from kernel stack memory via
a recvfrom or recvmsg system call on an RDS socket (bnc#773383).

CVE-2012-3412: The sfc (aka Solarflare Solarstorm) driver allowed
remote attackers to cause a denial of service (DMA descriptor
consumption and network-controller outage) via crafted TCP packets
that trigger a small MSS value (bnc#774523).

CVE-2013-0160: The kernel allowed local users to obtain sensitive
information about keystroke timing by using the inotify API on the
/dev/ptmx device (bnc#797175).

CVE-2013-1979: The scm_set_cred function in include/net/scm.h uses
incorrect uid and gid values during credentials passing, which allowed
local users to gain privileges via a crafted application (bnc#816708).

The update package also includes non-security fixes. See advisory for
details.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1082943");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1094244");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103186");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1106886");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1110436");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112178");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117515");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119019");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127082");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127376");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127445");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127534");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127738");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1128166");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1128383");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129248");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129437");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129439");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129770");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1130353");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1130384");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1131107");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1131587");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1132589");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=773383");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=774523");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=797175");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=800280");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=801178");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=816708");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2012-3412/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2012-3430/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-0160/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-0216/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-0231/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2013-1979/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12126/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12127/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12130/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11091/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9213/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/support/kb/doc/?id=7023736");
  # https://www.suse.com/support/update/announcement/2019/suse-su-201914051-1.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d083dd81");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 11-SP4-LTSS:zypper in -t patch
slessp4-kernel-20190508-14051=1

SUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch
slexsp3-kernel-20190508-14051=1

SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
dbgsp4-kernel-20190508-14051=1");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-1979");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

# Temp disable
exit(0, 'Temporarily disabled.');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = eregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! ereg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! ereg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-ec2-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-ec2-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-ec2-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-xen-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-xen-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-pae-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-pae-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"kernel-pae-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"kernel-default-man-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-default-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-default-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-default-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-source-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-syms-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-trace-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-trace-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", reference:"kernel-trace-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-ec2-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-ec2-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-ec2-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-xen-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-xen-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-xen-devel-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-pae-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-pae-base-3.0.101-108.90.1")) flag++;
if (rpm_check(release:"SLES11", sp:"4", cpu:"i586", reference:"kernel-pae-devel-3.0.101-108.90.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
novellsuse_linuxkernel-defaultp-cpe:/a:novell:suse_linux:kernel-default
novellsuse_linuxkernel-default-basep-cpe:/a:novell:suse_linux:kernel-default-base
novellsuse_linuxkernel-default-develp-cpe:/a:novell:suse_linux:kernel-default-devel
novellsuse_linuxkernel-default-manp-cpe:/a:novell:suse_linux:kernel-default-man
novellsuse_linuxkernel-ec2p-cpe:/a:novell:suse_linux:kernel-ec2
novellsuse_linuxkernel-ec2-basep-cpe:/a:novell:suse_linux:kernel-ec2-base
novellsuse_linuxkernel-ec2-develp-cpe:/a:novell:suse_linux:kernel-ec2-devel
novellsuse_linuxkernel-paep-cpe:/a:novell:suse_linux:kernel-pae
novellsuse_linuxkernel-pae-basep-cpe:/a:novell:suse_linux:kernel-pae-base
novellsuse_linuxkernel-pae-develp-cpe:/a:novell:suse_linux:kernel-pae-devel
Rows per page:
1-10 of 191

References

Related

openvas 31
nessus 86
osv 5
oraclelinux 11
thn 1
threatpost 2
ibm 5
myhack58 2
intel 1
fedora 2
redhat 22
ubuntu 6
centos 5
suse 4
debian 5
vmware 2
amazon 2
virtuozzo 2
lenovo 1
hp 1
cloudfoundry 1
mageia 1
paloalto 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:14051-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1313-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1547-1)
2021-04-19 00:00:00
nessus
nessus
RHEL 7 : libvirt (RHSA-2019:1184) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
2019-05-14 00:00:00
RHEL 7 : qemu-kvm (RHSA-2019:1189) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
2019-05-15 00:00:00
Oracle Linux 7 : kernel (ELSA-2019-1168)
2019-05-16 00:00:00
osv
osv
linux-4.9 - security update
2019-05-15 00:00:00
intel-microcode - security update
2019-05-15 00:00:00
intel-microcode - security update
2019-06-20 00:00:00
oraclelinux
oraclelinux
libvirt security update
2019-05-15 00:00:00
qemu-kvm security update
2019-05-14 00:00:00
Unbreakable Enterprise kernel security update
2019-05-14 00:00:00
thn
thn
New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011
2019-05-14 20:20:00
threatpost
threatpost
Intel CPUs Impacted By New Class of Spectre-Like Attacks
2019-05-14 18:01:49
Intel ZombieLoad Side-Channel Attack: 10 Takeaways
2019-05-15 16:48:11
ibm
ibm
Security Bulletin: IBM Netezza Firmware Diagnostics Support Tool is affected by the vulnerabilities known as Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities
2019-12-30 14:48:58
Security Bulletin: This Power Hardware Management Console (HMC) update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091 (known as MDS).
2021-09-22 23:05:38
Security Bulletin: Microarchitectural Data Sampling (MDS) Vulnerabilites affect OS Image for RedHat Linux for IBM Cloud Pak System
2020-05-06 12:17:56
myhack58
myhack58
Zombieload: Intel CPU exposure of a new side channel attack-exploit warning-the black bar safety net
2019-05-15 00:00:00
Intel official for 5 on 15, the aeration out of the CPU side channel vulnerabilities“ZombieLoad”detailed technical analysis on-the vulnerability warning-the black bar safety net
2019-05-20 00:00:00
intel
intel
Microarchitectural Data Sampling Advisory
2021-05-11 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: qemu-3.1.0-8.fc30
2019-05-17 01:08:38
[SECURITY] Fedora 30 Update: libvirt-5.1.0-5.fc30
2019-05-17 01:08:36
redhat
redhat
(RHSA-2019:1203) Important: vdsm security update
2019-05-14 20:37:52
(RHSA-2019:1186) Important: libvirt security update
2019-05-14 20:13:20
(RHSA-2019:1171) Important: kernel security and bug fix update
2019-05-14 20:13:04
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2019-05-15 00:00:00
libvirt update
2019-05-15 00:00:00
Intel Microcode update
2019-06-20 00:00:00
centos
centos
libvirt security update
2019-05-15 15:41:00
qemu security update
2019-05-15 20:31:32
kernel, perf, python security update
2019-05-15 15:42:15
suse
suse
Security update for ucode-intel (important)
2019-05-28 00:00:00
Security update for ucode-intel (important)
2019-07-24 00:00:00
Security update for libvirt (important)
2019-06-03 00:00:00
debian
debian
[SECURITY] [DLA 1789-2] intel-microcode security update
2019-06-20 21:50:38
[SECURITY] [DSA 4447-1] intel-microcode security update
2019-05-15 09:23:15
[SECURITY] [DSA 4447-2] intel-microcode security update
2019-06-20 06:41:32
vmware
vmware
VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
2019-05-14 00:00:00
VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
2019-05-14 00:00:00
amazon
amazon
Important: qemu-kvm
2019-08-07 23:12:00
Important: kernel
2019-05-07 22:39:00
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab138.1; Virtuozzo 6.0 Update 12 Hotfix 40 (6.0.12-3739)
2019-05-16 00:00:00
Important kernel security update: New kernel 2.6.32-042stab138.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2019-05-16 00:00:00
lenovo
lenovo
Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - US
2019-05-14 16:38:15
hp
hp
HPSBHF03618 rev. 8 - Intel Microarchitectural Data Sampling Security Updates
2019-05-14 00:00:00
cloudfoundry
cloudfoundry
USN-3977-2: Intel Microcode update (AKA ZombieLoad Attack) | Cloud Foundry
2019-05-29 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerabilities
2019-05-16 11:25:22
paloalto
paloalto
Information about Recent Intel Side Channel Vulnerabilities
2019-05-29 00:00:00
JSON
Related for SUSE_SU-2019-14051-1.NASL
openvas31nessus86osv5oraclelinux11thn1threatpost2ibm5myhack582intel1fedora2redhat22ubuntu6centos5suse4debian5vmware2amazon2virtuozzo2lenovo1hp1cloudfoundry1mageia1paloalto1