Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1637)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1236)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1638)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2274)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RancherOS < 1.1.3 Information Disclosure

The remote host is running a version of RancherOS that is prior to v1.1.3, hence is vulnerable to local privilege-escalation vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Systems with microprocessors utilizing speculative execution and indirect branch...

EulerOS 2.0 SP2 : libvirt (EulerOS-SA-2019-2468)

According to the versions of the libvirt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4710)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4710 advisory. - fork: record starttime late David Herrmann Orabug: 29850581 CVE-2019-6133 - x86/retpoline/ia32entry: Convert to non-speculative calls Ankur Arora...

CVE-2018-13906

The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industri...

CVE-2018-13906

CVE-2018-13906 involves a timing side-channel in the HMAC authentication of messages from QSEE on Qualcomm Snapdragon platforms, affecting a wide range of Snapdragon Auto/Compute/Connectivity/IoT/Wearables/Networking devices (many Snapdragon SoCs listed). Root cause: timing leakage allows an atta...

F5 Networks BIG-IP : Virtual Machine Manager L1 Terminal Fault vulnerability (K31300402)

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. CVE-2018-3646al...

F5 Networks BIG-IP : OS Kernel and SMM mode L1 Terminal Fault vulnerability (K95275140)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.2.2 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K95275140 advisory. - Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-618) (Foreshadow)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-10853: A flaw was found in KVM in which certain instructions such as sgdt/sidt call segmentedwritestd doesn't propagate access correctly. As such, during userspa...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-398) (Spectre)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are...

openSUSE Security Update : xen (openSUSE-2019-631) (Foreshadow)

This update for xen fixes the following security issues : - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest O...

openSUSE Security Update : qemu (openSUSE-2019-426) (Spectre)

This update for qemu fixes the following issues : This security issue was fixed : - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-536) (Spectre)

The openSUSE Leap 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-13406: An integer overflow in the uvesafbsetcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges...

CVE-2018-11845

CVE-2018-11845 describes the use of non-time-constant comparison functions in Qualcomm Snapdragon components (across numerous Snapdragon Auto/Compute/Connectivity lines and device families such as MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SDs 210–835, SD 8CX, and related SKU...

CVE-2018-11845

Usage of non-time-constant comparison functions can lead to information leakage through side channel analysis in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2018-11845

Usage of non-time-constant comparison functions can lead to information leakage through side channel analysis in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...