Lucene search
K

133 matches found

Intel
Intel
added 2021/05/11 12:0 a.m.60 views

2019.2 IPU – TSX Asynchronous Abort Advisory

Summary: A potential security vulnerability in TSX Asynchronous Abort TAA for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11135 Description: TSX Asynchronous Abort...

6.5CVSS6.4AI score0.03133EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.259 views

CentOS 8 : virt:rhel (CESA-2020:0279)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:0279 advisory. - hw: TSX Transaction Asynchronous Abort TAA CVE-2019-11135 Note that Nessus has not tested for this issue but has instead relied only on the application's...

6.5CVSS7.3AI score0.03133EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/11 12:51 p.m.33 views

Security Bulletin: Vulnerability in side channel in Intel CPUs affect IBM Cloud Pak System (CVE-2019-11135)

Summary IBM Cloud Pak System when using Intel CPUs could allow a local authenticated attacker to obtain sensitive information. OS image for RedHat Enterprise Linux for Cloud Pak System is shipped as component for IBM Cloud Pak System. OS image for RedHat Enterprise Linux addressed vulnerability...

6.5CVSS0.2AI score0.03133EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.44 views

Oracle Linux 8 : virt:ol (ELSA-2020-0279)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0279 advisory. - cpumap: Add TAANO bit for IA32ARCHCAPABILITIES MSR CVE-2019-11135 - cpumap: Add TSXCTRL bit for IA32ARCHCAPABILITIES MSR CVE-2019-11135 - api: disallow...

9.8CVSS7.6AI score0.60631EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2020/08/12 12:0 a.m.37 views

Missing Linux Kernel mitigations for 'TAA - TSX Asynchronous Abort' hardware vulnerabilities (INTEL-SA-00270)

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

6.5CVSS7.8AI score0.03133EPSS
Exploits0References3
OSV
OSV
added 2020/07/13 5:15 p.m.4 views

CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is no...

5.5CVSS7.8AI score0.00457EPSS
Exploits0References3
NVD
NVD
added 2020/07/13 5:15 p.m.39 views

CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is no...

5.5CVSS0.00457EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/07/13 5:15 p.m.47 views

CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is no...

5.5CVSS6.8AI score0.00457EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/07/03 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2020-1792)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8AI score0.03133EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.242 views

EulerOS Virtualization 3.0.6.0 : kvm (EulerOS-SA-2020-1792)

According to the versions of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor...

8.8CVSS7.2AI score0.03133EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/22 5:48 p.m.44 views

Security Bulletin: IBM QRadar SIEM is vulnerable to side channel attack with Intel CPUs (CVE-2019-11135)

Summary IBM QRadar SIEM when using Intel CPUs could allow a local authenticated attacker to obtain sensitive information Vulnerability Details CVEID: CVE-2019-11135 DESCRIPTION: Multiple Intel CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a TSX...

6.5CVSS1.1AI score0.03133EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/04/14 5:55 p.m.6 views

Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)

A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is not affected by the MDS issue MDSNO=1, the guest was to...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/04/01 12:0 a.m.57 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1342)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.10114EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2020/03/08 12:0 a.m.38 views

NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021)

The remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the...

8.8CVSS7.6AI score0.05789EPSS
Exploits5References13
Lenovo
Lenovo
added 2020/03/07 12:32 a.m.23 views

Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US

No description provided...

7.8CVSS5.7AI score0.0104EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/03/03 3:24 p.m.77 views

Moderate: Red Hat Security Advisory: qemu-kvm security and enhancement update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.5CVSS7AI score0.03133EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/03/03 3:24 p.m.3 views

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

6.5CVSS6.8AI score0.03133EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/02/19 7:0 p.m.87 views

Moderate: Red Hat Security Advisory: virt:8.1 and virt-devel:8.1 security update

An update for the virt:8.1 and virt-devel:8.1 modules is now available for Advanced Virtualization for RHEL 8.1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

6.5CVSS7AI score0.03133EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/10 12:0 a.m.282 views

Oracle Linux 8 : kernel (ELSA-2020-0339)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-0339 advisory. - x86 kvm: vmx: use MSRIA32TSXCTRL to hard-disable TSX on guest that lack it Paolo Bonzini 1781660 1779553 CVE-2019-19338 - x86 kvm: vmx: implement...

10CVSS7.1AI score0.16908EPSS
Exploits6References9
Tenable Nessus
Tenable Nessus
added 2020/02/07 12:0 a.m.36 views

SUSE SLES12 Security Update : xen (SUSE-SU-2020:0334-1)

This update for xen fixes the following issues : CVE-2020-7211: potential directory traversal using relative paths via tftp server on Windows host bsc1161181. CVE-2019-19579: Device quarantine for alternate pci assignment methods bsc1157888. CVE-2019-19581: findnextbit issues bsc1158003...

9.8CVSS7.3AI score0.04141EPSS
Exploits0References40
Rows per page
Query Builder