28 matches found
K70675920: August 2018 Intel security vulnerability announcement
Security Advisory Description On 14-Aug-2018, Intel announced the discovery of the following vulnerabilities: CVE-2018-3615 Foreshadow CVE-2018-3620 Foreshadow-NG CVE-2018-3646 Foreshadow-NG For the complete announcement from Intel, refer to the following link: Note : The following link takes you...
Mageia: Security Advisory (MGASA-2018-0344)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0345)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0346)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Windows Speculative Execution Configuration Check
Binary data microsoftwindowsspecexecution.nbin...
Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)
Summary There are multiple vulnerabilities that affect the IBM OS Image for Red Hat Linux Systems in IBM PureApplication System. IBM has released Version 2.2.5.3 for IBM PureApplication System, in response to CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646. The products that are identified for th...
Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private Cloud Foundry (CVE-2018-3646, CVE-2018-3615, CVE-2018-3620)
Summary IBM Cloud Private Cloud Foundry is vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-3646 DESCRIPTION: Multiple Intel CPU's could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction executio...
Security Bulletin: IBM API Connect is affected by Foreshadow Spectre Variant vulnerability (CVE-2018-3646 CVE-2018-3615 CVE-2018-3620)
Summary API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-3646 DESCRIPTION: Multiple Intel CPU's could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting...
[SECURITY] [DLA 1506-1] intel-microcode security update
Package : intel-microcode Version : 3.20180807a.1deb8u1 CVE ID : CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 CVE-2018-3639, CVE-2018-3640, CVE-2017-5715 Security researchers identified speculative execution side-channel methods which have the potential to improperly gather sensitive data from...
Security Updates for Windows 10 / Windows Server 2016 (August 2018) (Spectre) (Meltdown) (Foreshadow)
The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address Rogue System Register Read RSRE, Speculative Store Bypass SSB, L1 Terminal Fault L1TF, and Branch Target Injection vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if...
Updated microcode packages fix security vulnerabilities
This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX m...
MGASA-2018-0344 Updated microcode packages fix security vulnerabilities
This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...
Information about L1 Terminal Fault findings
Palo Alto Networks is aware of recent vulnerability disclosures, known as L1 Terminal Fault, that affect modern CPU architectures. At this time, our findings show that these vulnerabilities pose no increased risk to Palo Alto Networks PAN-OS devices. CVE-2018-3615, CVE-2018-3620, and CVE-2017-364...
L1 Terminal Fault Side Channel Vulnerabilities - US
Lenovo Security Advisory: LEN-24163 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels Severity: High Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 Summary...
Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered
2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...
Amazon Linux 2 : kernel (ALAS-2018-1058) (Foreshadow)
Fixes for L1Terminal Fault security issues : L1 Terminal Fault-OS/ SMM : Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page...
Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
Overview Intel processors are vulnerable to one or more L1 data cache information disclosure and terminal fault attacks via a speculative execution side channel. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Description Speculative...
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...
Intel CPUs Undermined By Fresh Speculative Execution Flaws
UPDATE Three new speculative execution design flaws in Intel CPUs were disclosed today, this time impacting Intel’s Software Guard Extensions SGX technology, its OS and system management mode SMM and hypervisor software. The three vulnerabilities would allow attacks on Intel Core and Xeon...