60 matches found
Check Point Response to Intel Microarchitectural Data Sampling Vulnerabilities (Fallout, RIDL, Zombieload) (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
Symptoms - Researchers have released information about several vulnerabilities in Intel processors: Under certain conditions, data in microarchitectural structures that the currently-running software does not have permission to access may be speculatively accessed by faulting or assisting load or...
RHEL 7 : libvirt (RHSA-2019:1186)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1186 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems...
Debian DSA-4444-1 : linux - security update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures buffers. This flaw could allow an attacker controlling an unprivileged process to read sensitive...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0018) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote OracleVM system is missing necessary patches to address critical security updates : - x86/mds: Add empty commit for CVE-2019-11091 Konrad Rzeszutek Wilk Orabug: 29721935 CVE-2019-11091 - x86/microcode: Add loader version file in debugfs Boris Ostrovsky Orabug: 29754165 - x86/microcode:...
Ubuntu 14.04 LTS : linux vulnerabilities (USN-3983-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2019:1248-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
This update for xen fixes the following issues : Four new speculative execution information leak issues have been identified in Intel CPUs. bsc1111331 CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling MFBDS...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-3977-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3977-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan...
Ubuntu 16.04 LTS / 18.04 LTS : QEMU update (USN-3978-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3978-1 advisory. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik,...
OracleVM 3.4 : xen (OVMSA-2019-0016) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=3885a020649df84b883ea20d11ca15b7d7640201 - BUILDINFO: QEMU upstream...
Ubuntu 19.04 : Linux kernel vulnerabilities (USN-3979-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
Ubuntu 18.10 : Linux kernel vulnerabilities (USN-3980-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
May 2019 Patch Tuesday – 79 Vulns, 22 Critical, RDP RCE, MDS Attacks, Adobe Vulns
This month's Microsoft Patch Tuesday addresses 79 vulnerabilities with 22 of them labeled as Critical. Of the 22 Critical vulns, 18 are for scripting engines and browsers. The remaining 4 are remote code execution RCE in Remote Desktop, DHCP Server, GDI+, and Word. Microsoft also released guidanc...
Intel CPUs Impacted By New Class of Spectre-Like Attacks
A new class of side channel vulnerabilities impacting all modern Intel chips have been disclosed, which can use speculative execution to potentially leak sensitive data from a system’s CPU. Intel said that the newest class of vulnerabilities, dubbed Microarchitectural Data Sampling MDS, consist o...
Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - US
Lenovo Security Advisory: LEN-26696 Potential Impact: Information disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12127 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12130 -...
Microarchitectural Data Sampling (MDS) Side Channel Vulnerabilities - Lenovo Support US
No description provided...
HPSBHF03618 rev. 8 - Intel Microarchitectural Data Sampling Security Updates
Potential Security Impact Information Disclosure Source : HP, HP Product Security Response Team PSRT Reported By : Intel VULNERABILITY SUMMARY Potential security vulnerabilities in Intel CPUs may allow information disclosure. Researchers have referred to these vulnerabilities as ZombieLoad, RIDL,...
KB4499181: Windows 10 Version 1703 May 2019 Security Update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
The remote Windows host is missing security update 4499181. It is, therefore, affected by multiple vulnerabilities : - A new subclass of speculative execution side channel vulnerabilities, known as Microarchitectural Data Sampling, exist in Windows. An attacker who successfully exploited these...
RHEL 7 : qemu-kvm (RHSA-2019:1185)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1185 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...
KB4499175: Windows 7 and Windows Server 2008 R2 May 2019 Security Update (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (BlueKeep)
The remote Windows host is missing security update 4499175 or cumulative update 4499164. It is, therefore, affected by multiple vulnerabilities : - A new subclass of speculative execution side channel vulnerabilities, known as Microarchitectural Data Sampling, exist in Windows. An attacker who...
RHEL 7 : kernel (RHSA-2019:1168)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1168 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw was found in the implementation...