Lucene search
K

163 matches found

RedHat Linux
RedHat Linux
added 2021/08/31 7:59 a.m.2 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/08/17 8:33 a.m.2 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/08/10 4:13 p.m.10 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:1248-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.5AI score0.01553EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2019:1241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS8.3AI score0.04881EPSS
Exploits1References174
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.260 views

CentOS 8 : kernel (CESA-2019:1167)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1167 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...

5.9CVSS6.7AI score0.01553EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/28 5:16 p.m.47 views

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Intel Microarchitectural Data Sampling (MDS) Vulnerabilites (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)

Summary A potential security vulnerability in CPUs may allow information disclosure. Vulnerability Details CVEID: CVE-2018-12126 Description: Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user ...

5.6CVSS1.9AI score0.01553EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/08/12 12:0 a.m.78 views

Missing Linux Kernel mitigations for 'MDS - Microarchitectural Data Sampling' hardware vulnerabilities

The remote host is missing one or more known mitigations on Linux Kernel side for the referenced SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

5.9CVSS7AI score0.01553EPSS
Exploits0References2
OSV
OSV
added 2020/07/13 5:15 p.m.4 views

CVE-2019-19338

A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is no...

5.5CVSS7.8AI score0.00457EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/06/29 8:16 a.m.8 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/06/23 1:48 p.m.3 views

hw: L1D Cache Eviction Sampling

A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...

5.5CVSS6.5AI score0.00587EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/06 12:2 p.m.44 views

Security Bulletin: IBM Cloud Pak System is vulnerable to Intel Microarchitectural Data Sampling (MDS) Vulnerabilites

Summary Potential security vulnerabilities in CPUs may allow information disclosure. Vulnerability Details CVEID: CVE-2019-11091 DESCRIPTION: Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an...

5.6CVSS0.8AI score0.01553EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2020/03/10 5:2 p.m.67 views

Load Value Injection (LVI) speculative side channel

ISSUE DESCRIPTION This is very closely related to the Microarchitectural Data Sampling vulnerabilities from May 2019. Please see https://xenbits.xen.org/xsa/advisory-297.html for details about MDS. A new way of using the micro-architectural details behind MDS has been identified. Instead of simpl...

5.6CVSS2.3AI score0.0104EPSS
Exploits1
Lenovo
Lenovo
added 2020/03/07 12:32 a.m.23 views

Intel SGX and Processor Side Channel Data Leakage Vulnerabilities - Lenovo Support US

No description provided...

7.8CVSS5.7AI score0.0104EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/30 2:48 p.m.38 views

Security Bulletin: IBM Netezza Firmware Diagnostics Support Tool is affected by the vulnerabilities known as Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities

Summary CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling MSBDS CVSS Base Score: 6.5 Medium CVE-2018-12127 - Microarchitectural Load Port Data Sampling MLPDS CVSS Base Score: 6.5 Medium CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling MFBDS CVSS Base Score: 6.5 Medium...

5.6CVSS2.1AI score0.01553EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/12/19 12:0 a.m.64 views

RancherOS < 1.5.2 Intel Microarchitectural Data Sampling Local Information Disclosure

The remote host is running a version of RancherOS prior to v1.5.2, hences is exposed to an Information Disclosure Vulnerability. Microarchitectural Data Sampling MDS is a family of side channel attacks on internal buffers in Intel CPUs. CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-110...

5.9CVSS6.6AI score0.01553EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2019/11/27 12:0 a.m.44 views

EulerOS 2.0 SP8 : qemu (EulerOS-SA-2019-2300)

According to the versions of the qemu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

5.9CVSS6.8AI score0.01553EPSS
Exploits0References5
OSV
OSV
added 2019/11/15 6:29 a.m.10 views

SUSE-SU-2019:2949-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Excepti...

10CVSS9.2AI score0.52199EPSS
Exploits44References117
Tenable Nessus
Tenable Nessus
added 2019/11/14 12:0 a.m.73 views

Debian DSA-4564-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. - CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables EPT, a guest VM may manipulate the...

7.8CVSS7.3AI score0.03133EPSS
Exploits0References16
The Hacker News
The Hacker News
added 2019/11/13 3:46 p.m.156 views

New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs

Zombieload is back. This time a new variant v2 of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants RIDL and Fallout. Initially...

6.5CVSS0.8AI score0.03133EPSS
Exploits0
Rows per page
Query Builder