K31085564: Spectre SWAPGS gadget vulnerability CVE-2019-1125

Security Advisory Description An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. CVE-2019-1125 also known as Spect...

Ubuntu: Security Advisory (USN-4095-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2019-226-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0220)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0221)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:14157-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : kernel (CESA-2019:2411)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2411 advisory. - kernel: hw: Spectre SWAPGS gadget vulnerability CVE-2019-1125 - kernel: broken permission and object lifetime handling for PTRACETRACEME CVE-2019-132...

F5 Networks BIG-IP : Spectre SWAPGS gadget vulnerability (K31085564)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.2.7 / 15.0.1.4 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K31085564 advisory. An information disclosure vulnerability exists when certain central processing unit...

Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction

An information disclosure vulnerability exists when certain x86-64-bit central processing units CPU speculatively access memory, this vulnerability uses the SWAPGS instruction in the CPU. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially...

Windows Kernel - Information Disclosure Vulnerability

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

Exploit for CVE-2019-1125

PoC for the SWAPGS attack CVE-2019-1125https://nvd.nist.go...

Windows Kernel - Information Disclosure

Windows Kernel - Information Disclosure PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant ...

Microsoft Windows Kernel - Information Disclosure

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

Unbreakable Enterprise kernel security update

2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.41.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379626 - ieee802154: enforce CAPNETRAW for raw sockets Allen Pais Orabug: 30444947 CVE-2019-17053 - mISDN: enforce CAPNETRAW for raw sockets Ori Nimron Orabug: 30445159...

MGASA-2019-0333 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. A...

kernel: hw: Spectre SWAPGS gadget vulnerability

A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel...

RHEL 7 : kernel (RHSA-2019:3220)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3220 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: vhostnet: infinite loop while...

kernel: hw: Spectre SWAPGS gadget vulnerability

A Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel...

RHEL 7 : Red Hat Virtualization (RHSA-2019:3011)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3011 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...