130 matches found
IBM Power processor information disclosure vulnerability
The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in IBM Power9 processor, which can be exploited by an attacker to obtain sensitive information from data in the L1 cache under the right circumstances...
IBM i 安全漏洞
The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in IBM Power9 processor, which can be exploited by an attacker to obtain sensitive information from data in the L1 cache under the right circumstances...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that L1 guest could access L0's APIC register values via L2 guest when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.
...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested=1 virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to...
USN-4303-1 linux, linux-aws, linux-kvm vulnerability
Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information...
The vulnerability of the way predictor implementation in AMD processor CPUs’ L1D data cache allows attackers to restore the encryption key in vulnerable AES implementations, reduce the effectiveness of ASLR protection, or extract data from the processor’s core.
The vulnerability of the way predictor implementation in AMD processors’ L1D cache involves collisions with the hash function used to calculate tags, which are used to locate a channel in the L1D cache. Exploiting this vulnerability can allow an attacker to recover encryption keys in vulnerable A...
The vulnerability of the way predictor implementation in AMD CPUs’ L1D cache architecture allows a hacker to gain access to memory on the same CPU’s physical core.
The vulnerability of the way predictor’s implementation for first-level cache data on AMD CPUs’ L1D cache relates to the fact that accessing the same memory cell from a different virtual address may cause that cell to be evicted from the L1D cache. Exploiting this vulnerability could allow a remo...
9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research. Known as "Take A Way," the new potential attack vectors leverage the L1 data L1D cache way predictor in...
The vulnerability of Intel processors, caused by data leakage from the L1D cache, allows attackers to disclose protected information.
The vulnerability of Intel processors stems from a data leak from the L1D cache. Exploiting this vulnerability can allow an attacker to disclose protected information...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...
hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...