163 matches found
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
SUSE: Security Advisory (SUSE-SU-2019:1248-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : kernel (CESA-2019:1167)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1167 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...
Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Intel Microarchitectural Data Sampling (MDS) Vulnerabilites (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
Summary A potential security vulnerability in CPUs may allow information disclosure. Vulnerability Details CVEID: CVE-2018-12126 Description: Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user ...
Missing Linux Kernel mitigations for 'MDS - Microarchitectural Data Sampling' hardware vulnerabilities
The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
CVE-2019-19338
A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is no...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
Security Bulletin: IBM Cloud Pak System is vulnerable to Intel Microarchitectural Data Sampling (MDS) Vulnerabilites
Summary Potential security vulnerabilities in CPUs may allow information disclosure. Vulnerability Details CVEID: CVE-2019-11091 DESCRIPTION: Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an...
Load Value Injection (LVI) speculative side channel
ISSUE DESCRIPTION This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019. Please see https://xenbits.xen.org/xsa/advisory-297.html for details about MDS. A new way of using the micro-architectural details behind MDS has been identified. Instead of simpl...
Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US
No description provided...
Security Bulletin: IBM Netezza Firmware Diagnostics Support Tool is affected by the vulnerabilities known as Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities
Summary CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling MSBDS CVSS Base Score: 6.5 Medium CVE-2018-12127 - Microarchitectural Load Port Data Sampling MLPDS CVSS Base Score: 6.5 Medium CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling MFBDS CVSS Base Score: 6.5 Medium...
RancherOS < 1.5.2 Intel Microarchitectural Data Sampling Local Information Disclosure
The remote host is running a version of RancherOS prior to v1.5.2, hences is exposed to an Information Disclosure Vulnerability. Microarchitectural Data Sampling MDS is a family of side channel attacks on internal buffers in Intel CPUs. CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-110...
EulerOS 2.0 SP8 : qemu (EulerOS-SA-2019-2300)
According to the versions of the qemu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...
SUSE-SU-2019:2949-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Excepti...
Debian DSA-4564-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. - CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables EPT, a guest VM may manipulate the...
New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs
Zombieload is back. This time a new variant v2 of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants RIDL and Fallout. Initially...