62 matches found
Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190514) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Security Fixes : - A flaw was found in the implementation of the 'fill buffer', a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data fro...
Scientific Linux Security Update : kernel on SL7.x x86_64 (20190514) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Security Fixes : - A flaw was found in the implementation of the 'fill buffer', a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data fro...
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20190514) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Security Fixes : - A flaw was found in the implementation of the 'fill buffer', a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data fro...
Debian DSA-4447-1 : intel-microcode - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. To fully resolve these vulnerabilities it is also necessary to update the Linux kernel packages as released in DSA 4444. C Tenable Network...
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20190514) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Security Fixes : - A flaw was found in the implementation of the 'fill buffer', a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data fro...
Oracle Linux 7 : libvirt (ELSA-2019-1177)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1177 advisory. - qemu: Don't cache microcode version CVE-2018-12127, CVE-2018-12126, CVE-2018-12130 - cpux86: Do not cache microcode version CVE-2018-12126,...
Fedora 29 : kernel / kernel-headers (2019-e6bf55e821) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The 5.0.16 stable updates contain a number of important fixes across the tree. Most importantly, these updates address the kernel portion of the MDS CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Scientific Linux Security Update : libvirt on SL7.x x86_64 (20190514) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Security Fixes : - A flaw was found in the implementation of the 'fill buffer', a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data fro...
Debian DLA-1787-1 : linux-4.9 security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures buffers. This flaw could allow an attacker controlling an unprivileged process to read sensitive...
[SECURITY] [DSA 4447-1] intel-microcode security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4447-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2019 https://www.debian.org/security/faq -...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:1248-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-3977-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3977-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan...
Amazon Linux 2 : kernel (ALAS-2019-1205) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Fill Buffer Data Sampling MFBDS CVE-2018-12130 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12127 - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091 MSBDS leaks Store...
RHEL 7 : libvirt (RHSA-2019:1186)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1186 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems...
Amazon Linux AMI : kernel (ALAS-2019-1205) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Fill Buffer Data Sampling MFBDS CVE-2018-12130 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12127 - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091 MSBDS leaks Store...
Debian DSA-4444-1 : linux - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures buffers. This flaw could allow an attacker controlling an unprivileged process to read sensitive...
Ubuntu 14.04 LTS : linux vulnerabilities (USN-3983-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
Ubuntu 16.04 LTS / 18.04 LTS : QEMU update (USN-3978-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3978-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik,...
Ubuntu 18.10 : Linux kernel vulnerabilities (USN-3980-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
HPSBHF03618 rev. 8 - Intel Microarchitectural Data Sampling Security Updates
Potential Security Impact Information Disclosure Source : HP, HP Product Security Response Team PSRT Reported By : Intel VULNERABILITY SUMMARY Potential security vulnerabilities in Intel CPUs may allow information disclosure. Researchers have referred to these vulnerabilities as ZombieLoad, RIDL,...