50 matches found
Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Spectre variants 4 and 3a (CVE-2018-3639 CVE-2018-3640)
Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x, Flex and BladeCenter systems in response to the vulnerabilities referred to as Spectre variants 4 and 3a. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow...
F5 Networks BIG-IP : RSRE Variant 3a vulnerability (K51801290)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K51801290 advisory. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may...
K51801290: RSRE Variant 3a vulnerability CVE-2018-3640
Security Advisory Description Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Rea...
Mageia: Security Advisory (MGASA-2018-0322)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: This Power Hardware Management Console (HMC) Security Bulletin is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-3639 (Variant 4) and CVE-2018-3640 (Variant 3a).
Summary In response to recently reported security vulnerabilities, this Power HMC Security Bulletin is released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-3639 and CVE-2018-3640. Vulnerability Details CVEID: CVE-2018-3639 CVEID: CVE-2018-3640 Workarounds and Mitigation...
Security Bulletin: This Power Hardware Management Console (HMC) update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown).
Summary In response to recently reported security vulnerabilities, this Power HMC update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5715 CVEID: CVE-2017-5753 CVEID:...
SUSE: Security Advisory (SUSE-SU-2018:2076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Q2 2018 Speculative Execution Side Channel Update
Summary: Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors’ processors and operating systems. Intel is committed to product and...
SUSE: Security Advisory (SUSE-SU-2018:1935-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2331-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2331-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1935-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Windows Speculative Execution Configuration Check
Binary data microsoftwindowsspecexecution.nbin...
Security Bulletin: IBM PureApplication Service is affected by vulnerabilities (CVE-2018-3639, CVE-2018-3640)
Summary IBM has released Version 2.2.5.3 for IBM PureApplication Service, which includes IBM OS Images for Red Hat Linux Systems, as well as AIX-based and Windows-based deployments, in response to CVE-2018-3639 and CVE-2018-3640. IBM PureApplication Service has addressed the following...
openSUSE Security Update : ucode-intel (openSUSE-2019-622) (Foreshadow) (Spectre)
ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and is part of the mitigations for CVE-2018-3639 Spectre v4 and CVE-2018-3646 L1 Terminal fault. bsc1104134 bsc1087082 bsc1087083 bsc1089343 Processor Identifier Version Products Mode...
Security Updates for Windows 10 / Windows Server 2019 (February 2019) (Spectre) (Meltdown) (Foreshadow)
The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities: - Spectre Variant 3a CVE-2018-3640: Rogue System Register Read RSRE. - Spectre Variant 4 CVE-2018-3639: Speculative Store Bypass SSB - L1TF CVE-2018-3620,...
Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)
Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...
Security Bulletin: IBM QRadar SIEM is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)
Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...
Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)
Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...