241 matches found
Information Disclosure
amd64-microcode:stretch is vulnerable to information disclosure. Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis...
SUSE: Security Advisory (SUSE-SU-2018:2409-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Summary: Updated Recommendations Section 04/04/2018 Today a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’...
SUSE: Security Advisory (SUSE-SU-2018:2410-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2401-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1582-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1378-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2410-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Releases Spectre PoC Exploit For Chrome
Google has released proof-of-concept PoC exploit code, which leverages the Spectre attack against the Chrome browser to leak data from websites. Three years after the Spectre attack was first disclosed, researchers with Google have now released a demonstration website that leverages the attack,...
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1325) (Spectre)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are...
CVE-2020-1459
An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application. Th...
Information disclosure
An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application. Th...
CVE-2020-1459
CVE-2020-1459 is a Windows ARM information-disclosure vulnerability tied to speculative-execution side-channel behavior (straight-line speculation). The issue requires local privileges to run a crafted app to exfiltrate data. The provided documents state that Microsoft’s security update bypasses ...
Windows ARM Information Disclosure Vulnerability
An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application. Th...
ARM Armv8-A Information Disclosure Vulnerability
ARM Armv8-A is a processor architecture from ARM UK. A security vulnerability exists in Arm Armv8-A. A local attacker could exploit this vulnerability with side-channel analysis to cause an information disclosure...
CVE-2020-13844
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...
Design/Logic Flaw
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...
CVE-2020-13844
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...
CVE-2020-13844
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...
CVE-2020-13844
CVE-2020-13844 relates to Arm Armv8-A core implementations where speculative execution past unconditional changes in control flow can lead to information disclosure via a side-channel (straight-line speculation). The impact is information disclosure with local access; no remote vector is describe...