Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-3594-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3594-1 advisory. USN-3542-1 mitigated CVE-2017-5715 Spectre Variant 2 for the amd64 architecture in Ubuntu 14.04 LTS. This update provides the compiler-based retpoline kernel...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU update (USN-3560-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3560-1 advisory. It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel...

Ubuntu: Security Advisory (USN-3561-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3560-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0383-1) (Spectre)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of...

USN-3560-1: QEMU update

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This...

Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-006)

According to the versions of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence o...

The Effects of the Spectre and Meltdown Vulnerabilities

On January 3, the world learned about a series of major security vulnerabilities in modern microprocessors. Called Spectre and Meltdown, these vulnerabilities were discovered by several different researchers last summer, disclosed to the microprocessors' manufacturers, and patched­ -- at least to...

Apple Mac OS X Speculative Execution Side-Channel Vulnerability-Meltdown (HT208465)

Apple Mac OS X is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3540-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3540-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3540-2 advisory. USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware...

Ubuntu 17.10 : linux vulnerabilities (USN-3541-1) (Meltdown) (Spectre)

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

A week in security (January 8 – January 14)

It's very early in the year, yet everyone has already had a complete meltdown pun intended over a number of serious vulnerabilities found in legacy and modern microprocessors. Last week, rightly so, vendors released patches for hardware and OSes to help mitigate these threats. However, problems i...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update provided the upstream 4.14.13 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...

Ubuntu: Security Advisory (USN-3531-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3522-4: Linux kernel (Xenial HWE) regression

USN-3522-2 fixed a vulnerability in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS to address Meltdown CVE-2017-5754. Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience...

USN-3525-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

Ubuntu: Security Advisory (USN-3524-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-3524-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3524-1 advisory. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel...

Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown)

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...