Debian: Security Advisory (DSA-4273-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-3646

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis...

CVE-2018-3615

Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...

HPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)

Potential Security Impact Unauthorized exposure of privileged data from memory. Source: HP, HP Product Security Response Team PSRT, Intel Reported By: Intel VULNERABILITY SUMMARY A new speculative execution side channel variant has been discovered called L1 Terminal Fault L1TF. There are no repor...

CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

UBUNTU-CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

DEBIAN-CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

Information disclosure

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

CVE-2016-8637

A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryptio...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.144/: Upgraded. This kernel update enables additional mitigations for spectrev2 IBPB and IBRSFW. It also enables reporting on the...

[SECURITY] [DLA 1446-1] intel-microcode security update

Package : intel-microcode Version : 3.20180703.2deb8u1 CVE ID : CVE-2018-3639 CVE-2018-3640 Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with...

Debian DLA-1446-1 : intel-microcode security update (Spectre)

Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors processors and operating systems. This update requires an update to the...

DLA-1446-1 intel-microcode - security update

Bulletin has no description...

SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2018:2076-1) (Spectre)

This update for microcodectl fixes the following issues: The Intel CPU Microcode bundle was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083 More details can be found on:...

SUSE-SU-2018:2076-1 Security update for microcode_ctl

This update for microcodectl fixes the following issues: The Intel CPU Microcode bundle was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and helps mitigating CVE-2018-3639 Spectre v4 bsc1100147 bsc1087082 bsc1087083 More details can be found on:...

Debian: Security Advisory (DLA-1446-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2018-0322 Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...

Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...