K95275140: OS Kernel and SMM mode L1 Terminal Fault vulnerability CVE-2018-3620

Security Advisory Description Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis...

K31300402: Virtual Machine Manager L1 Terminal Fault vulnerability CVE-2018-3646

Security Advisory Description Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a...

K54252492: Side-channel processor vulnerability CVE-2018-3693

Security Advisory Description Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. CVE-2018-3693 also known as Spectre ...

K35558453: Intel SGX L1 Terminal Fault vulnerability CVE-2018-3615

Security Advisory Description Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...

SUSE CVE-2018-3620

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0)

The version of AOS installed on the remote host is prior to 6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.20)

The version of AOS installed on the remote host is prior to 5.20. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.20 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application...

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

Information disclosure

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...

CVE-2021-44421

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

CVE-2021-44421

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

Null pointer dereference

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

CVE-2021-44421

CVE-2021-44421 affects Occlum prior to 0.26.0 for Intel SGX. The pointer-validation logic in util/mem_util.rs acts as a confused deputy, allowing a local attacker to access unauthorized information via side-channel analysis. A fix is available in Occlum 0.26.0 and later; upgrade to mitigate.

CVE-2021-44421

The pointer-validation logic in util/memutil.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis...

PT-2021-7846 · Qualcomm · Qualcomm

Name of the Vulnerable Software and Affected Versions: Linux Networking Firmware affected versions not specified Description: The issue is related to insufficient protection of service data during side channel analysis in the Linux Networking Firmware, specifically affecting Qualcomm embedded...

Debian DLA-2743-1 : amd64-microcode - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2743 advisory. It was discovered that systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an...

openSUSE 15 Security Update : spectre-meltdown-checker (openSUSE-SU-2021:1212-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1212-1 advisory. - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker...

openSUSE 15 Security Update : spectre-meltdown-checker (openSUSE-SU-2021:2861-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:2861-1 advisory. - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker...