Reading Privileged Memory with a Side Channel - Lenovo Support US

No description provided...

Reading Privileged Memory with a Side Channel - US

Lenovo Security Advisory: LEN-18282 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory, circumventing expected privilege levels. Severity: High Scope of Impact: Industry-wide CVE Identifier: “Spectre” CVE-2017-5753, CVE-2017-5715 “Meltdown”...

SUSE SLES12 Security Update : Recommended update for ucode-intel (SUSE-SU-2018:1935-2) (Spectre)

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

SUSE-SU-2018:1935-2 Recommended update for ucode-intel

The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083. More information on:...

SUSE-SU-2018:1661-2 Security update for ucode-intel

This update for ucode-intel fixes the following issues: Update to version 20180425 bsc1091836 Fix provided for: - GLK B0 6-7a-1/01 0000001e-00000022 Pentium Silver N/J5xxx, Celeron N/J4xxx - Name microcodes which are not allowed to load late with a .early suffix...

macOS < 10.14 Multiple Vulnerabilities

The remote host is running a version of Mac OS X that is prior to 10.13.6 or is not macOS 10.14. It is, therefore, affected by multiple vulnerabilities in the following components : - afpserver - AppleGraphicsControl - Application Firewall - App Store - APR - ATS - Auto Unlock - Bluetooth -...

New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants

Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available for preorder on Tuesday. they’re built t...

kernel security and bug fix update

3.10.0-862.14.4.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-862.14.4 - scsi Revert: lpfc: Fix port initialization failure Radomir Vrbovsky...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1236)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware...

Debian DLA-1506-1 : intel-microcode security update (Foreshadow) (Spectre)

Security researchers identified speculative execution side-channel methods which have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors processors and operating systems. This update requires an update to the intel-microcode package,...

[SECURITY] [DLA 1506-1] intel-microcode security update

Package : intel-microcode Version : 3.20180807a.1deb8u1 CVE ID : CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 CVE-2018-3639, CVE-2018-3640, CVE-2017-5715 Security researchers identified speculative execution side-channel methods which have the potential to improperly gather sensitive data from...

[SECURITY] [DSA 4273-2] intel-microcode security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4273-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 16, 2018 https://www.debian.org/security/faq -...

DLA-1506-1 intel-microcode - security update

Bulletin has no description...

DSA-4273-2 intel-microcode - security update

Bulletin has no description...

Debian: Security Advisory (DLA-1506-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unbreakable Enterprise kernel security update

4.1.12-124.19.1 - x86/entry/64: Ensure %ebx handling correct in xenfailsafecallback George Kennedy Orabug: 28402927 CVE-2018-14678 - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andi Kleen Orabug: 28488808 CVE-2018-3620 - x86/speculation/l1tf: Suggest what to do on systems with t...

Debian DLA-1481-1 : linux-4.9 security update (Foreshadow)

Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...