[SECURITY] [DLA 1481-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.110-3+deb9u4deb8u1 CVE ID : CVE-2018-3620 CVE-2018-3646 Debian Bug : 906769 Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode vulnerabilities (USN-3756-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3756-1 advisory. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is...

Ubuntu: Security Advisory (USN-3756-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3756-1 intel-microcode vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

Security Updates for Windows 10 / Windows Server 2016 (August 2018) (Spectre) (Meltdown) (Foreshadow)

The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address Rogue System Register Read RSRE, Speculative Store Bypass SSB, L1 Terminal Fault L1TF, and Branch Target Injection vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if...

[SECURITY] [DSA 4279-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4279-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 20, 2018 https://www.debian.org/security/faq -...

Debian DSA-4279-1 : linux - security update (Foreshadow)

Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX...

Updated microcode packages fix security vulnerabilities

This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX may...

MGASA-2018-0344 Updated microcode packages fix security vulnerabilities

This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...

MGASA-2018-0346 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX m...

MGASA-2018-0345 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.65 and adds fixes and mitigations for the now publically known security issue affecting Intel processors called L1 Terminal Fault L1TF: Systems with microprocessors utilizing speculative execution and Intel Software Guard Extensions Intel SGX may...

Debian: Security Advisory (DSA-4279-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4273-1 : intel-microcode - security update (Spectre)

This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support needed to address 'Spectre v4' and fixes for'Spectre v3a'. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4273...

[SECURITY] [DSA 4273-1] intel-microcode security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4273-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2018 https://www.debian.org/security/faq -...

Speculation Attack Against Intel's SGX

Another speculative-execution attack against Intel's SGX. At a high level, SGX is a new feature in modern Intel CPUs which allows computers to protect users' data even if the entire system falls under the attacker's control. While it was previously believed that SGX is resilient to speculative...

DSA-4273-1 intel-microcode - security update

Bulletin has no description...

Security Bulletin: IBM QRadar SIEM has released 7.3.1 Patch 4, and 7.2.8 Patch 13 in response to the vulnerabilities known as Spectre and Meltdown.

Summary IBM has released the following 7.3.1 Patch 4, and 7.2.8 Patch 13 for IBM QRadar SIEM in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754 Vulnerability Details CVEID: CVE-2017-5753 CVEID: CVE-2017-5715 CVEID: CVE-2017-5754 Affected Products and Versions IBM QRadar SIEM 7.3.0 –...

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...