Create new 1.2 release for OL7 which includes the following fixed CVEs:
{CVE-2017-5715} {CVE-2017-5731} {CVE-2017-5732} {CVE-2017-5733} {CVE-2017-5734} {CVE-2017-5735} {CVE-2017-5753} {CVE-2018-12178} {CVE-2018-12180} {CVE-2018-12181} {CVE-2018-3630}

OSVersionArchitecturePackageVersionFilename
oracle linux7srcedk2< 1.3.2-1.el7edk2-1.3.2-1.el7.src.rpm
oracle linux7noarchaavmf< 1.3.2-1.el7AAVMF-1.3.2-1.el7.noarch.rpm
oracle linux7srcedk2< 1.3.2-1.el7edk2-1.3.2-1.el7.src.rpm
oracle linux7noarchovmf< 1.3.2-1.el7OVMF-1.3.2-1.el7.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	edk2	< 1.3.2-1.el7	edk2-1.3.2-1.el7.src.rpm
oracle linux	7	noarch	aavmf	< 1.3.2-1.el7	AAVMF-1.3.2-1.el7.noarch.rpm
oracle linux	7	src	edk2	< 1.3.2-1.el7	edk2-1.3.2-1.el7.src.rpm
oracle linux	7	noarch	ovmf	< 1.3.2-1.el7	OVMF-1.3.2-1.el7.noarch.rpm

oraclelinux 4

nessus 73

fedora 8

openvas 24

amazon 3

altlinux 2

suse 8

centos 1

redhat 11

gentoo 1

mageia 4

freebsd 1

apple 6

vmware 3

ibm 15

msrc 1

ubuntu 9

threatpost 2

kaspersky 1

packetstorm 1

photon 1

zdt 1

thn 1

huawei 2

redhatcve 1

seebug 1

nvidia 1

lenovo 2

qualysblog 4

f5 1

symantec 1

arista 1

virtuozzo 2

paloalto 1

malwarebytes 1

oraclelinux

edk2 security update

2019-06-06 00:00:00

edk2 security update

2019-09-13 00:00:00

ovmf security and enhancement update

2019-08-13 00:00:00

nessus

Oracle Linux 7 : edk2 (ELSA-2019-4785)

2023-09-07 00:00:00

Oracle Linux 7 : edk2 (ELSA-2019-4668)

2023-09-07 00:00:00

Amazon Linux 2 : edk2 (ALAS-2019-1273)

2019-08-28 00:00:00

fedora

[SECURITY] Fedora 30 Update: edk2-20190308stable-1.fc30

2019-03-31 00:05:59

[SECURITY] Fedora 29 Update: edk2-20190308stable-1.fc29

2019-04-03 03:31:40

[SECURITY] Fedora 29 Update: oniguruma-6.9.1-2.fc29

2019-07-31 01:48:59

openvas

Fedora Update for edk2 FEDORA-2019-bff1cbaba3

2019-05-07 00:00:00

openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4240-1)

2018-12-23 00:00:00

openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4254-1)

2018-12-23 00:00:00

amazon

Important: edk2

2019-08-23 03:26:00

Medium: oniguruma

2019-09-13 23:16:00

Medium: oniguruma

2019-09-30 20:59:00

altlinux

Security fix for the ALT Linux 10 package edk2 version 20190308-alt1

2019-04-02 00:00:00

Security fix for the ALT Linux 10 package edk2 version 20191122-alt1

2019-12-18 00:00:00

suse

Security update for ovmf (moderate)

2018-12-22 18:17:24

Security update for ovmf (moderate)

2018-12-22 18:09:42

Security update for ovmf (important)

2019-03-30 00:00:00

centos

OVMF security update

2019-08-30 03:50:09

redhat

(RHSA-2019:2125) Moderate: ovmf security and enhancement update

2019-08-06 08:03:42

(RHSA-2018:0091) Important: Red Hat CloudForms 4.5 security update

2018-01-15 21:33:25

(RHSA-2018:0089) Important: Red Hat CloudForms 4.1 security update

2018-01-15 21:33:19

gentoo

Oniguruma: Multiple vulnerabilities

2019-11-07 00:00:00

mageia

Updated php packages fix security vulnerabilities

2019-09-07 00:09:08

Updated webkit2 packages fix security vulnerabilities

2018-01-14 19:54:13

Updated kernel packages fix security vulnerabilities

2018-02-11 21:42:57

freebsd

oniguruma -- multiple vulnerabilities

2019-07-03 00:00:00

apple

About the security content of iOS 11.2.2

2018-01-08 00:00:00

About the security content of iOS 11.2.2 - Apple Support

2018-01-08 10:30:27

About the security content of macOS High Sierra 10.13.2 Supplemental Update

2018-01-08 00:00:00

vmware

VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

2018-01-03 00:00:00

VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

2018-01-03 00:00:00

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

2018-02-08 00:00:00

ibm

Security Bulletin: IBM Data Risk Manager has released VM v2.0.1 in response to the vulnerability known as Spectre.

2018-06-16 22:05:23

Security Bulletin: PowerKVM has released updates in response to the vulnerabilities known as Spectre and Meltdown.

2018-06-18 01:41:07

Security Bulletin: Aspera Products and the Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)

2018-12-08 04:55:34

msrc

Speculative Execution Bounty Launch

2018-03-15 00:00:04

ubuntu

Linux kernel (Trusty HWE) vulnerabilities

2018-01-23 00:00:00

Linux kernel (KVM) vulnerabilities

2018-01-29 00:00:00

Linux kernel vulnerabilities

2018-02-22 00:00:00

threatpost

Apple Releases Spectre Patches for Safari, macOS and iOS

2018-01-08 16:57:57

Experts Weigh In On Spectre Patch Challenges

2018-01-07 23:21:34

kaspersky

KLA11173 OSI vulnerability in VMware Products

2018-01-09 00:00:00

packetstorm

Spectre Information Disclosure Proof Of Concept

2018-01-04 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0098

2018-01-11 00:00:00

zdt

Multiple CPUs - Spectre Information Disclosure (PoC) Exploit

2018-01-04 00:00:00

thn

New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection

2021-09-13 07:54:00

huawei

Security Advisory - CPU Vulnerabilities Meltdown and Spectre

2018-06-06 00:00:00

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

2018-01-06 00:00:00

redhatcve

CVE-2017-5715

2021-07-20 18:54:09

seebug

Reading privileged memory with a side-channel (Meltdown & Spectre)

2018-01-04 00:00:00

nvidia

Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, and Tegra K1 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-05 00:00:00

lenovo

Reading Privileged Memory with a Side Channel - Lenovo Support US

2018-10-24 12:22:52

Reading Privileged Memory with a Side Channel - US

2018-10-24 12:22:52

qualysblog

Apple in the InfoSec Spotlight, as GitHub Falls Prey to Amplified DDoS Attack

2018-03-02 14:48:53

Meltdown/Spectre and Qualys Cloud Platform

2018-01-09 02:36:19

Processor Vulnerabilities – Meltdown and Spectre

2018-01-04 02:17:43

Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

2018-01-04 04:46:00

symantec

Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability

2018-01-03 00:00:00

arista

Security Advisory 0031

2018-01-03 00:00:00

virtuozzo

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2, Virtuozzo 6.0 Update 12 Hotfix 20 (6.0.12-3690)

2018-01-06 00:00:00

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 3.10.0-693.11.6.vz7.40.4, Virtuozzo 7.0 Update 6 Hotfix 3 (7.0.6-710)

2018-01-08 00:00:00

paloalto

Information about Meltdown and Spectre findings

2018-01-04 00:00:00

malwarebytes

Meltdown and Spectre fallout: patching problems persist

2018-01-11 14:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for ELSA-2020-5861