421 matches found
DSA-4273-1 intel-microcode - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4273-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1446-1] intel-microcode security update
Package : intel-microcode Version : 3.20180703.2deb8u1 CVE ID : CVE-2018-3639 CVE-2018-3640 Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with...
Debian DLA-1446-1 : intel-microcode security update (Spectre)
Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors processors and operating systems. This update requires an update to the...
DLA-1446-1 intel-microcode - security update
Bulletin has no description...
Debian: Security Advisory (DLA-1446-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2018:1935-1 Recommended update for ucode-intel
The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...
openSUSE Security Update : ucode-intel (openSUSE-2018-266) (Spectre)
This update for ucode-intel fixes the following issues : The Intel CPU microcode version was updated to version 20180312. This update enables the IBPB+IBRS based mitigations of the Spectre v2 flaws boo1085207 CVE-2017-5715 - New Platforms - BDX-DE EGW A0 6-56-5:10 e000009 - SKX B1 6-55-3:97 10001...
Ubuntu: Security Advisory (USN-3531-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : microcode_ctl (ELSA-2018-4018) (Spectre)
Description of changes: 2.1-22.5.0.3 - Revert Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell 306d4 06-3d-04 rev 0x28, Broadwell 306f2 06-3f-02 rev 0x3b, Haswell 306f4 06-3f-04 rev 0x10, Haswell 306e4 06-3e-04 rev 0x42a, Ivy Bridge 40651 06-45-01 rev 0x21,...
Ubuntu 14.04 LTS / 16.04 LTS : Intel Microcode regression (USN-3531-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3531-2 advisory. USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability ...
OracleVM 3.4 : microcode_ctl (OVMSA-2018-0013) (Spectre)
The remote OracleVM system is missing necessary patches to address critical security updates : - Revert: early microcode load to allow updating Broadwell model 79 - Revert: Make sure 'modprobe microcode' is not executed on Broadwell model 79 - Revert: Run dracut upon microcode update - Revert...
USN-3531-2 intel-microcode regression
USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original...
Ubuntu: Security Advisory (USN-3531-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3531-1: Intel Microcode update
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...
USN-3531-1 intel-microcode update
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...
SUSE-SU-2018:0068-1 Security update for microcode_ctl
Update to Intel microcode version 20180108 bsc1075262 CVE-2017-5715 - The pre-released microcode fixing some important security issues is now officially published and included in the added tarball. Among other updates it contains: - IVT C0 06-3e-04:ed 428-42a - SKL-U/Y D0 06-4e-03:c0 ba-c2 -...
USN-2589-1 linux-lts-utopic vulnerabilities
Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A stack overflow was discovered in the the microcode loader for...
USN-2588-1 linux vulnerabilities
A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service kernel crash or to potentially execute code with kernel privileges. CVE-2015-2666 It was discovered that the Linux kernel's IPv6 networking...
UBUNTU-CVE-2015-2666
Stack-based buffer overflow in the getmatchingmodelmicrocode function in arch/x86/kernel/cpu/microcode/intelearly.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to th...