Pulse-Level Simulation of Crosstalk Attacks on Superconducting Quantum Hardware

Hardware crosstalk in multi-tenant superconducting quantum computers poses a severe security threat, allowing adversaries to induce targeted errors across tenant boundaries by injecting carefully engineered pulses. We present a simulation-based study of active crosstalk attacks at the pulse level...

CVE-2012-1361

Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold MMoH feature of Cisco Unified Communications Manager CUCM is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750...

Security Vulnerabilities in Quantum Cloud Systems: a Survey on Emerging Threats

Quantum computing is becoming increasingly widespread due to the potential and capabilities to solve complex problems beyond the scope of classical computers. As Quantum Cloud services are adopted by businesses and research groups, they allow for greater progress and application in many fields...

SUSE: Security Advisory (SUSE-SU-2021:1497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:1497-1 Security update for sca-patterns-sle11

This update for sca-patterns-sle11 fixes the following issues: - New regular patterns 1 for version 1.3.1 Special Register Buffer Data Sampling aka CrossTalk CVE-2020-0543 bsc1154824...

SUSE: Security Advisory (SUSE-SU-2020:1601-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability discovered in several Siemens products

Researchers have revealed that several Industrial products from Siemens are vulnerable to the so-called "CrossTalk" vulnerability in Intel Processors. A local malicious person with the rights to install software can exploit the vulnerability to gain access gain access to sensitive data. To do so,...

openSUSE Security Update : xen (openSUSE-2020-965)

This update for xen fixes the following issues : - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

openSUSE Security Update : xen (openSUSE-2020-985)

This update for xen fixes the following issues : - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

OPENSUSE-SU-2020:0985-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. - CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1889-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1887-1)

This update for xen fixes the following issues : CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking bsc1173377. CVE-2020-15565: Fixed insufficient cache write-back under VT-d bsc1173378. CVE-2020-15566: Fixed incorrect error handling in event channel port allocation bsc1173376...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:1632-1)

This update for xen to version 4.11.4 fixes the following issues : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling...

Greenbone OS - Linux Kernel Multiple Vulnerabilities (Jun 2020)

The Linux Kernel in Greenbone OS is prone to multiple information disclosure vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:1609-1)

This update for xen to version 4.12.3 fixes the following issues : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling...

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0818-1 Rating: important References: 1027519 1157490 1167007 1172205 Cross-References: CVE-2020-0543 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...

Another Intel Speculative Execution Vulnerability

Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data. Now that they -- and the research into the Intel ME vulnerability -- have shown researchers where to look, more is coming --...

openSUSE Security Update : ucode-intel (openSUSE-2020-791)

This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20200602 prerelease bsc1172466 This update contains security mitigations for : - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to core...

Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments TEE. Called SGAxe, the first of the flaws is an evolution of the previously uncovered CacheOut attack...

Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments TEE. Called SGAxe, the first of the flaws is an evolution of the previously uncovered CacheOut attack...