hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

CVE-2020-4788

CVE-2020-4788 affects IBM Power9 processors (AIX 7.1, 7.2, and VIOS 3.1) and allows a local attacker to obtain sensitive information from data in the L1 cache under extenuating circumstances. The connected IBM advisory lists remediation through iFixes/APARs: AIX 7.1.5.x (APAR IJ28229 family), AIX...

IBM i 安全漏洞

The IBM Power System is a Power processor-based server computer from IBM in the United States. A security vulnerability exists in IBM Power9 processor, which can be exploited by an attacker to obtain sensitive information from data in the L1 cache under the right circumstances...

Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs

The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...

Microsoft's Making a Secure PC Chip—With Intel and AMD's Help

The Pluton security processor will give the software giant an even more prominent role in locking down Windows hardware...

Security update for ucode-intel (moderate)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2020:1923-1 Rating: moderate References: 1170446 1173594 Cross-References: CVE-2020-8695 CVE-2020-8698 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Descriptio...

Denial of Service Vulnerability in the MP3009 Processor of the Schneider Tricon Safety Instrumented System (CNVD-2020-67123)

The Tricon Safety Instrumented System is a safety instrumented system from Schneider Electric Co. The MP3009 module is the processor module for the Schneider Tricon Safety Instrumented System. A denial of service vulnerability exists in the MP3009 processor of the Schneider Tricon Safety...

Denial of Service Vulnerability in the MP3009 Processor of the Schneider Tricon Safety Instrumented System (CNVD-2020-67122)

The Tricon Safety Instrumented System is a safety instrumented system from Schneider Electric Co. The MP3009 module is the processor module for the Schneider Tricon Safety Instrumented System. A denial of service vulnerability exists in the MP3009 processor of the Schneider Tricon Safety...

Denial of Service Vulnerability in the MP3009 Processor of the Schneider Tricon Safety Instrumented System (CNVD-2020-67121)

The Tricon Safety Instrumented System is a safety instrumented system from Schneider Electric Co. The MP3009 module is the processor module for the Schneider Tricon Safety Instrumented System. A denial of service vulnerability exists in the MP3009 processor of the Schneider Tricon Safety...

CVE-2020-12335

Improper permissions in the installer for the IntelR Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-12335

Improper permissions in the installer for the IntelR Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-12335

The vulnerability CVE-2020-12335 affects Intel® Processor Identification Utility before version 6.4.0603. The issue is described as improper permissions in the installer that may allow an authenticated local user to escalate privileges. This is supported by the Intel advisory (INTEL-SA-00419), wh...

CVE-2020-12335

Improper permissions in the installer for the IntelR Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-8694

Insufficient access control in the Linux kernel driver for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2020-8694

CVE-2020-8694 affects the Linux kernel powercap/RAPL subsystem. The issue allows a local, unprivileged attacker to read CPU energy meters by default, enabling information disclosure between processes or from kernel to user space. Public documents describe the root cause as insufficient access con...

CVE-2020-8694

Insufficient access control in the Linux kernel driver for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

System Management Mode deep dive: How SMM isolation hardens the platform

Ensuring that the platform firmware is healthy and trustworthy is fundamental to guaranteeing that powerful platform security features like Hypervisor-protected code integrity HVCI and Windows Defender Credential Guard are functioning as expected. Windows 10 achieves this by leveraging a...

Ubuntu: Security Advisory (USN-4628-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...

hw: Fast forward store predictor

A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...