28 matches found
EUVD-2019-19177
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-9815
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to...
kernel: Spectre v2 SMT mitigations problem
It was found that the Linux Kernel still left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. The kernel failed to protect applications that attempted to protect against Spectre v2 leaving them open to attack from other processes...
Odd number CPU shows 100% CPU Utilization after disabling Hyperthreading.
After disabling the hyper-threading, the odd number CPU, example CPU 1,3,5 etc.. consistently shows 100% CPU utilization, the even number CPU is normal...
SUSE CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)
A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
Design/Logic Flaw
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
UBUNTU-CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
CVE-2019-9815
CVE-2019-9815 describes a timing-attack similar to Spectre when hyperthreading is not disabled. Affected: macOS content threads (macOS 10.14.5 introduces a sysctl option to disable hyperthreading for untrusted code on the main or worker JavaScript threads), and affected Firefox/Thunderbird versio...
CVE-2019-9815
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...
SUSE-SU-2019:1458-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird was updated to 60.7.0. Attachment pane of Write window no longer focussed when attaching files using a keyboard shortcut These security issues were fixed MFSA 2019-15 bsc1135824: CVE-2019-9815: Disable hyperthreadi...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2019:1388-1)
This update for MozillaFirefox fixes the following issues : Security issues fixed : CVE-2019-11691: Use-after-free in XMLHttpRequest CVE-2019-11692: Use-after-free removing listeners in the event listener manager CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux CVE-2019-11694:...
Mozilla Firefox < 67.0
The version of Firefox installed on the remote Windows host is prior to 67.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-13 advisory. - A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results ...
Security vulnerabilities fixed in Thunderbird 60.7 — Mozilla
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...