MiracleLinux 7 : kernel-3.10.0-862.3.3.el7 (AXSA:2018-3189:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3189:05 advisory. Kernel: FPU state information leakage via lazy FPU restore CVE-2018-3665 Tenable has extracted the preceding description block directly from the MiracleLinux...

Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

[SECURITY] [DLA 1422-2] linux security update

Package : linux Version : 3.16.57-2 CVE ID : CVE-2017-5715 CVE-2017-5753 CVE-2018-1066 CVE-2018-1093 CVE-2018-1130 CVE-2018-3665 CVE-2018-5814 CVE-2018-9422 CVE-2018-10853 CVE-2018-10940 CVE-2018-11506 CVE-2018-12233 CVE-2018-1000204 Debian Bug : 898165 The previous update to linux failed to buil...

Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

FreeBSD : FreeBSD -- Lazy FPU State Restore Information Disclosure (4e07d94f-75a5-11e8-85d1-a4badb2f4699)

A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Impact : Any local thread can potentially read FPU state information from other threads running on the host. This could include...

FreeBSD-SA-18:07.lazyfpu

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:07.lazyfpu Security Advisory The FreeBSD Project Topic: Lazy FPU State Restore Information Disclosure Category: core Module: kernel Announced: 2018-06-21...

Debian DSA-4232-1 : xen - security update

This update provides mitigations for the 'lazy FPU' vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU. For additional information please refer to...

[SECURITY] [DSA 4232-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4232-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 20, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4232-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Kernel: FPU state information leakage via lazy FPU restore

A Floating Point Unit FPU state information leakage flaw was found in the way the Linux kernel saved and restored the FPU state during task switch. Linux kernels that follow the "Lazy FPU Restore" scheme are vulnerable to the FPU state information leakage issue. An unprivileged local attacker cou...

Speculative register leakage from lazy FPU context switching

ISSUE DESCRIPTION x86 has a hardware mechanism for lazy FPU context switching. On a task switch, %cr0.ts Task Switched gets set, and the next instruction to touch floating point state raises an NM No Math, later known as Device Not Available exception. Traditionally, FPU state has been large in...