CVE-2018-12130

Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

Ubuntu 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-3977-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3977-2 advisory. USN-3977-1 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel...

USN-3977-2 intel-microcode update

USN-3977-1 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families. Original adviso...

Intel official for 5 on 15, the aeration out of the CPU side channel vulnerabilities“ZombieLoad”detailed technical analysis on-the vulnerability warning-the black bar safety net

Background understanding 5 March 15, the media exposed, security researchers at a month before the Intel chip found in the one called“ZombieLoad”the new vulnerability, this vulnerability may allow an attacker to obtain the current processor is processing the sensitive data. An attacker can exploi...

USN-3977-1: Intel Microcode update (AKA ZombieLoad Attack) | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietr...

OPENSUSE-SU-2019:1402-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

MGASA-2019-0173 Updated microcode packages fix security vulnerabilities

This update provides the Intel 20190514 microcode release that adds the microcode side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. The fixed /...

[SECURITY] Fedora 29 Update: microcode_ctl-2.1-29.fc29

The microcodectl utility is a companion to the microcode driver written by Tigran Aivazian . The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode...

Zombieload: Intel CPU exposure of a new side channel attack-exploit warning-the black bar safety net

! Security personnel recently discovered for Intel processor of the new side channel attack, which is also following the earlier Meltdown, the Spectre and Foreshadow after a fairly serious security problems. This vulnerability may allow an attacker to obtain the current processor is processing th...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-3977-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3977-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan...

Intel Microcode Updates for Windows 10 / Windows Server 2016 / Windows Server 2019 (May 2019) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities: - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091 - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 -...

USN-3977-1: Intel Microcode update

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...

SUSE-SU-2019:14048-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSB...

SUSE-SU-2019:1236-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release bsc1111331 Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBD...

CVE-2018-12127

Microarchitectural Load Port Data Sampling MLPDS: Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...

Security Bulletin: IBM QRadar SIEM is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...

SUSE-SU-2018:1935-2 Recommended update for ucode-intel

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

DSA-4273-2 intel-microcode - security update

Bulletin has no description...