USN-3540-1 linux, linux-aws, linux-euclid vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

microcode_ctl security update

2.1-22.5.0.3 - Revert Intel 20180108 microcode for CPUIDs: CVE-2017-5715 306c3 06-3c-03 rev 0x23, Haswell; 306d4 06-3d-04 rev 0x28, Broadwell; 306f2 06-3f-02 rev 0x3b, Haswell; 306f4 06-3f-04 rev 0x10, Haswell; 306e4 06-3e-04 rev 0x42a, Ivy Bridge; 40651 06-45-01 rev 0x21, Haswell; 40661 06-46-01...

microcode_ctl security update

CentOS Errata and Security Advisory CESA-2018:0093 The microcodectl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has...

RedHat Update for microcode_ctl RHSA-2018:0093-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Critical Patch Update - January 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.4.111 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...

Meltdown and Spectre fallout: patching problems persist

Last week, the disclosure by multiple teams from Graz and Pennsylvania University, Rambus, Data61, Cyberus Technology, and Google Project Zero of vulnerabilities under the aliases Meltdown and Spectre rocked the security world, sending vendors scurrying to create patches, if at all possible, and...

SUSE-SU-2018:0041-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - Add microcodeamdfam17h.bin bsc1068032 CVE-2017-5715 This new firmware enables the Indirect Branch Control IBC feature on AMD family 17h processor to mitigate an attack on the branch predictor that could lead to information disclosure...

(RHSA-2018:0040) Important: microcode_ctl security update

The microcodectl packages provide microcode updates for Intel and AMD processors. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary...

[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks

Recently uncovered two huge processor vulnerabilities called Meltdown and Spectre have taken the whole world by storm, while vendors are rushing out to patch the vulnerabilities in its products. The issues apply to all modern processors and affect nearly all operating systems Windows, Linux,...

Immunity Canvas: SPECTRE_FILE_LEAK

Name| spectrefileleak ---|--- CVE| CVE-2017-5753 Exploit Pack| CANVAS Description| Spectre File Leak Notes| CVE Name: CVE-2017-5753 Notes: This module gives an unpriviledged user the ability to dump a file from the kernel memory. A common scenario is to dump the /etc/shadow or kerberos tickets...

Spectre Vulnerability in CPU Processor Kernel

CPU hardware is a set of firmware that runs in the CPU Central Processing Unit to manage and control the CPU. The Spectre vulnerability exists in the CPU processor kernel, where an attacker can use a malicious application to gain access to private data that should be quarantined due to Intel's...

Meltdown vulnerability in CPU processor kernel (CNVD-2018-00304)

CPU hardware is a set of firmware that runs in the CPU Central Processing Unit to manage and control the CPU. A Meltdown vulnerability exists in the CPU processor kernel that "melts" the security boundaries implemented by the hardware, allowing low-privileged user-level applications to "cross the...

Security Bulletin: NVIDIA SHIELD TV Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA SHIELD TV Response to CPU Speculative Side Channel Vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero's January 3, 2018, publication of novel information disclosure attacks...

Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected AMD FXtm-8320 Eight-Core Processor AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G ARM Cortex...

rubygems: No size limit in summary length of gem spec

It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

Microsoft Windows Information Disclosure Vulnerability (CNVD-2018-00784)

Microsoft Windows 7 SP1 and others are a series of operating systems from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows that originates when the its:// protocol processor unnecessarily sends traffic to a remote site to determine the request...

Important kernel update: CVE-2017-8824 and other; Virtuozzo ReadyKernel patch 39.1 for Virtuozzo 7.0.6

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6. Vulnerability id: CVE-2017-8824 dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resourc...

Buffer overflow

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attack...