EulerOS 2.0 SP8 : qemu (EulerOS-SA-2019-2300)

According to the versions of the qemu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

EulerOS 2.0 SP5 : libvirt (EulerOS-SA-2019-2210)

According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2553)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2553 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access...

NewStart CGSL MAIN 4.06 : qemu-kvm Multiple Vulnerabilities (NS-SA-2019-0091)

The remote NewStart CGSL host, running version MAIN 4.06, has qemu-kvm packages installed that are affected by multiple vulnerabilities: - Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation i...

NewStart CGSL MAIN 4.05 : libvirt Multiple Vulnerabilities (NS-SA-2019-0152)

The remote NewStart CGSL host, running version MAIN 4.05, has libvirt packages installed that are affected by multiple vulnerabilities: - Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is...

Oracle Linux 8 : kernel (ELSA-2019-1167)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1167 advisory. - arm64 arm64/speculation: Support 'mitigations=' cmdline option Josh Poimboeuf 1698809 1698896 1699001 1690338 1690360 1690351 CVE-2018-12130...

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2019:1805-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

USN-3977-3: Intel Microcode update

USN-3977-1 and USN-3977-2 provided mitigations for Microarchitectural Data Sampling MDS vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for the Intel Sandy Bridge processor family Ke Sun,...

hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4675)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4675 advisory. - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786788 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4672)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4672 advisory. - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786787 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory...

ALPINE-CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

DEBIAN-CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

Information disclosure

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2019-11091

CVE-2019-11091 describes Microarchitectural Data Sampling Uncacheable Memory (MDSUM): uncacheable memory on some Intel microprocessors with speculative execution may leak information via a side channel. Public advisories (ALAS2-2019-1274, ALAS-2019-1260, DEBIAN DSA-4602-1/DSA-4564-1) confirm the ...

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

CVE-2019-11091

Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:...

SUSE SLES11 Security Update : xen (SUSE-SU-2019:14063-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...