ID SUSE-SA:2001:09 Type suse Reporter Suse Modified 2001-03-27T17:03:00
Description
A bug in joe(1), a userfriendly text editor, was found by Christer Ãberg of Wkit Security AB a few weeks ago. After starting joe(1) it tries to open its configuration file joerc in the current directory, the users home directory and some other locations. joe(1) doesn't check the ownership of joerc when trying the current directory. An attacker could place a malicious joerc file in a public writeable directory, like /tmp, to execute commands with the privilege of any user (including root), which runs joe while being in this directory.
{"bulletinFamily": "unix", "id": "SUSE-SA:2001:09", "lastseen": "2016-09-04T11:28:41", "description": "A bug in joe(1), a userfriendly text editor, was found by Christer \u00c3\u0096berg of Wkit Security AB a few weeks ago. After starting joe(1) it tries to open its configuration file joerc in the current directory, the users home directory and some other locations. joe(1) doesn't check the ownership of joerc when trying the current directory. An attacker could place a malicious joerc file in a public writeable directory, like /tmp, to execute commands with the privilege of any user (including root), which runs joe while being in this directory.", "cvelist": [], "viewCount": 26, "published": "2001-03-27T17:03:00", "href": "http://lists.opensuse.org/opensuse-security-announce/2001-03/msg00014.html", "references": [], "reporter": "Suse", "edition": 1, "cvss": {"score": 0.0, "vector": "NONE"}, "title": "local privilege escalation in joe", "modified": "2001-03-27T17:03:00", "enchantments": {"score": {"value": 1.9, "vector": "NONE", "modified": "2016-09-04T11:28:41", "rev": 2}, "dependencies": {"references": [{"type": "github", "idList": ["GHSA-PRFQ-F66G-43MP"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0494-1", "OPENSUSE-SU-2020:0493-1"]}, {"type": "talosblog", "idList": ["TALOSBLOG:8DD56469CDD2D7969FA528C234B8414F"]}, {"type": "threatpost", "idList": ["THREATPOST:21DF66AF86275791A0EC6202B8ACAE10"]}, {"type": "mskb", "idList": ["KB2250444", "KB2986475", "KB937287", "KB982639", "KB2904266", "KB2400367", "KB2905616", "KB2529939", "KB2919355", "KB2582113"]}], "modified": "2016-09-04T11:28:41", "rev": 2}, "vulnersScore": 1.9}, "type": "suse", "affectedPackage": [{"arch": "i386", "packageFilename": "joe-2.8-302.i386.rpm", "OSVersion": "6.2", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-302", "OS": "openSUSE"}, {"arch": "sparc", "packageFilename": "joe-2.8-292.sparc.rpm", "OSVersion": "7.0", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-292", "OS": "openSUSE"}, {"arch": "i386", "packageFilename": "joe-2.8-300.i386.rpm", "OSVersion": "7.1", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-300", "OS": "openSUSE"}, {"arch": "i386", "packageFilename": "joe-2.8-305.i386.rpm", "OSVersion": "6.1", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-305", "OS": "openSUSE"}, {"arch": "alpha", "packageFilename": "joe-2.8-296.alpha.rpm", "OSVersion": "7.0", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-296", "OS": "openSUSE"}, {"arch": "ppc", "packageFilename": "joe-2.8-273.ppc.rpm", "OSVersion": "6.4", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-273", "OS": "openSUSE"}, {"arch": "alpha", "packageFilename": "joe-2.8-295.alpha.rpm", "OSVersion": "6.1", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-295", "OS": "openSUSE"}, {"arch": "i386", "packageFilename": "joe-2.8-303.i386.rpm", "OSVersion": "6.4", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-303", "OS": "openSUSE"}, {"arch": "i386", "packageFilename": "joe-2.8-302.i386.rpm", "OSVersion": "6.3", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-302", "OS": "openSUSE"}, {"arch": "alpha", "packageFilename": "joe-2.8-293.alpha.rpm", "OSVersion": "6.3", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-293", "OS": "openSUSE"}, {"arch": "sparc", "packageFilename": "joe-2.8-290.sparc.rpm", "OSVersion": "7.1", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-290", "OS": "openSUSE"}, {"arch": "i386", "packageFilename": "joe-2.8-304.i386.rpm", "OSVersion": "7.0", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-304", "OS": "openSUSE"}, {"arch": "ppc", "packageFilename": "joe-2.8-274.ppc.rpm", "OSVersion": "7.0", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-274", "OS": "openSUSE"}, {"arch": "alpha", "packageFilename": "joe-2.8-293.alpha.rpm", "OSVersion": "6.4", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-293", "OS": "openSUSE"}, {"arch": "ppc", "packageFilename": "joe-2.8-272.ppc.rpm", "OSVersion": "7.1", "operator": "lt", "packageName": "joe", "packageVersion": "2.8-272", "OS": "openSUSE"}]}
{"redhat": [{"lastseen": "2020-11-23T19:28:52", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.\n* Add README file to the documentation directory.\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n* Add SUMMARY.intel-ucode file", "modified": "2020-11-23T23:53:12", "published": "2020-11-23T23:42:23", "id": "RHSA-2020:5190", "href": "https://access.redhat.com/errata/RHSA-2020:5190", "type": "redhat", "title": "(RHSA-2020:5190) Moderate: microcode_ctl security, bug fix, and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:31:22", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n\n* Add a README file to the documentation directory.\n\n(BZ#1890355, BZ#1890356, BZ#1893236, BZ#1893241)", "modified": "2020-11-23T23:47:19", "published": "2020-11-23T23:41:54", "id": "RHSA-2020:5189", "href": "https://access.redhat.com/errata/RHSA-2020:5189", "type": "redhat", "title": "(RHSA-2020:5189) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:30:43", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.\n\n* Add README file to the documentation directory.\n\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n\n* Add SUMMARY.intel-ucode file", "modified": "2020-11-23T23:47:28", "published": "2020-11-23T23:41:18", "id": "RHSA-2020:5188", "href": "https://access.redhat.com/errata/RHSA-2020:5188", "type": "redhat", "title": "(RHSA-2020:5188) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:29:47", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201027 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n* Add README file to the documentation directory.\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n* Add SUMMARY.intel-ucode file containing metadata information from\n the microcode file headers.", "modified": "2020-11-23T22:41:22", "published": "2020-11-23T22:34:39", "id": "RHSA-2020:5186", "href": "https://access.redhat.com/errata/RHSA-2020:5186", "type": "redhat", "title": "(RHSA-2020:5186) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:30:20", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201027 release, addresses:\n\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n\n* Add README file to the documentation directory.\n\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n\n* Add SUMMARY.intel-ucode file containing metadata information from\n the microcode file headers.", "modified": "2020-11-23T22:46:47", "published": "2020-11-23T22:32:43", "id": "RHSA-2020:5185", "href": "https://access.redhat.com/errata/RHSA-2020:5185", "type": "redhat", "title": "(RHSA-2020:5185) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:29:55", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-202010112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n\n* Add a README file to the documentation directory.\n\n(BZ#1890355, BZ#1890356, BZ#1893237, BZ#1893242)", "modified": "2020-11-23T22:27:40", "published": "2020-11-23T22:19:29", "id": "RHSA-2020:5184", "href": "https://access.redhat.com/errata/RHSA-2020:5184", "type": "redhat", "title": "(RHSA-2020:5184) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:30:35", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.\n\n* Add README file to the documentation directory.\n\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n\n* Add SUMMARY.intel-ucode file", "modified": "2020-11-23T22:30:07", "published": "2020-11-23T22:18:23", "id": "RHSA-2020:5183", "href": "https://access.redhat.com/errata/RHSA-2020:5183", "type": "redhat", "title": "(RHSA-2020:5183) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:29:32", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.\n* Add README file to the documentation directory.\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n* Add SUMMARY.intel-ucode file", "modified": "2020-11-23T22:27:36", "published": "2020-11-23T22:17:44", "id": "RHSA-2020:5182", "href": "https://access.redhat.com/errata/RHSA-2020:5182", "type": "redhat", "title": "(RHSA-2020:5182) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T19:29:43", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8695", "CVE-2020-8696", "CVE-2020-8698"], "description": "The microcode_ctl packages provide microcode updates for Intel.\n\nSecurity Fix(es):\n\n* hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695)\n\n* hw: Vector Register Leakage-Active (CVE-2020-8696)\n\n* hw: Fast forward store predictor (CVE-2020-8698)\n\nBug Fix(es) and Enhancement(s):\n* Update Intel CPU microcode to microcode-20201112 release, addresses:\n - Addition of 06-55-0b/0xbf (CPX-SP A1) microcode at revision 0x700001e;\n - Addition of 06-8a-01/0x10 (LKF B2/B3) microcode at revision 0x28;\n - Addition of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode at revision 0x68;\n - Addition of 06-a5-02/0x20 (CML-H R1) microcode at revision 0xe0;\n - Addition of 06-a5-03/0x22 (CML-S 6+2 G1) microcode at revision 0xe0;\n - Addition of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode at revision 0xe0;\n - Addition of 06-a6-01/0x80 (CML-U 6+2 v2 K0) microcode at revision\n 0xe0;\n - Update of 06-4e-03/0xc0 (SKL-U/U 2+3e/Y D0/K1) microcode (in\n intel-06-4e-03/intel-ucode/06-4e-03) from revision 0xdc up to 0xe2;\n - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in\n intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006906 up\n to 0x2006a08;\n - Update of 06-5e-03/0x36 (SKL-H/S/Xeon E3 N0/R0/S0) microcode (in\n intel-06-5e-03/intel-ucode/06-5e-03) from revision 0xdc up to 0xe2;\n - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xd6 up\n to 0xe0;\n - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)\n microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from\n revision 0xd6 up to 0xde;\n - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xd6 up\n to 0xde;\n - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in\n intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xd6 up\n to 0xde;\n - Update of 06-3f-02/0x6f (HSX-E/EN/EP/EP 4S C0/C1/M1/R2) microcode\n from revision 0x43 up to 0x44;\n - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000157\n up to 0x1000159;\n - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4002f01\n up to 0x4003003;\n - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision\n 0x5002f01 up to 0x5003003;\n - Update of 06-5c-09/0x03 (APL D0) microcode from revision 0x38 up\n to 0x40;\n - Update of 06-5c-0a/0x03 (APL B1/F1) microcode from revision 0x16 up\n to 0x1e;\n - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x32 up\n to 0x34;\n - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x16 up\n to 0x18;\n - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0x78\n up to 0xa0;\n - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xca\n up to 0xe0.\n* Disable 06-8c-01 (TGL-UP3/UP4 B1) microcode update by default.\n* Add README file to the documentation directory.\n* Add publicly-sourced codenames list to supply to gen_provides.sh; update\n the latter to handle the somewhat different format.\n* Add SUMMARY.intel-ucode file", "modified": "2020-11-23T22:30:08", "published": "2020-11-23T22:16:53", "id": "RHSA-2020:5181", "href": "https://access.redhat.com/errata/RHSA-2020:5181", "type": "redhat", "title": "(RHSA-2020:5181) Moderate: microcode_ctl security, bug fix and enhancement update", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-11-23T09:29:06", "bulletinFamily": "unix", "cvelist": ["CVE-2020-27216"], "description": "Eclipse is an integrated development environment (IDE).\n\nThe rh-eclipse packages have been upgraded to version 4.17, which is based on the Eclipse Foundation's 2020-09 release train.\n\nFor instructions on how to use rh-eclipse, see Using Eclipse linked from the References section.\n\nSecurity Fix(es):\n\n* jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Changes chapter in the Using Eclipse guide linked from the References section.", "modified": "2020-11-23T13:55:08", "published": "2020-11-23T13:51:52", "id": "RHSA-2020:5168", "href": "https://access.redhat.com/errata/RHSA-2020:5168", "type": "redhat", "title": "(RHSA-2020:5168) Moderate: rh-eclipse security, bug fix and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "kitploit": [{"lastseen": "2020-11-22T05:22:09", "bulletinFamily": "tools", "cvelist": ["CVE-2019-8518", "CVE-2019-5831", "CVE-2019-11707", "CVE-2020-13991", "CVE-2019-9791", "CVE-2019-5853", "CVE-2020-13622", "CVE-2019-9813", "CVE-2019-8558", "CVE-2020-13649", "CVE-2018-4299", "CVE-2019-8820", "CVE-2018-12386", "CVE-2019-9792", "CVE-2020-15656", "CVE-2020-13623", "CVE-2019-8622", "CVE-2019-8611", "CVE-2019-8672", "CVE-2019-8678", "CVE-2019-5847", "CVE-2019-5841", "CVE-2020-6512", "CVE-2020-3901", "CVE-2019-8671", "CVE-2019-8765", "CVE-2019-9816", "CVE-2020-14163", "CVE-2018-4359", "CVE-2019-8685", "CVE-2019-8623"], "description": "[  ](<https://1.bp.blogspot.com/-baywoaHmuas/X7dY6GbwC1I/AAAAAAAAUbo/jDpqwD_-UOkhzq98AhL8_vvWCKH3TlBvwCNcBGAsYHQ/s781/Fuzzilli.png>)\n\n \n\n\nA (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language (\"FuzzIL\") which can be mutated and translated to JavaScript. \n\n \n\n\n** Usage ** \n\n\nThe basic steps to use this fuzzer are: \n\n 1. Download the source code for one of the supported JavaScript engines. See the [ Targets/ ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Targets> \"Targets/\" ) directory for the list of supported JavaScript engines. \n 2. Apply the corresponding patches from the target's directory. Also see the README.md in that directory. \n 3. Compile the engine with coverage [ instrumentation ](<https://www.kitploit.com/search/label/Instrumentation> \"instrumentation\" ) (requires clang >= 4.0) as described in the README. \n 4. Compile the fuzzer: ` swift build [-c release] ` . \n 5. Run the fuzzer: ` swift run [-c release] FuzzilliCli --profile=<profile> [other cli options] /path/to/jsshell ` . See also ` swift run FuzzilliCli --help ` . \n\nBuilding and running Fuzzilli and the supported JavaScript engines inside Docker and on Google Compute Engine is [ also supported ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Cloud> \"also supported\" ) . \n\n \n** Hacking ** \n\n\nCheck out [ main.swift ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/FuzzilliCli/main.swift> \"main.swift\" ) to see a usage example of the Fuzzilli library and play with the various configuration options. Next, take a look at [ Fuzzer.swift ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer.swift\" ) for the highlevel fuzzing logic. From there dive into any part that seems interesting. \n\nPatches, additions, other contributions etc. to this project are very welcome! However, do quickly check [ the notes for contributors ](<https://github.com/googleprojectzero/fuzzilli/blob/master/CONTRIBUTING.md> \"the notes for contributors\" ) . Fuzzilli roughly follows [ Google's code style guide for swift ](<https://google.github.io/swift/> \"Google's code style guide for swift\" ) . \n\nIt would be much appreciated if you could send a short note (possibly including a CVE number) to [email protected] or open a pull request for any [ vulnerability ](<https://www.kitploit.com/search/label/Vulnerability> \"vulnerability\" ) found with the help of this project so it can be included in the [ bug showcase ](<https://github.com/googleprojectzero/fuzzilli#bug-showcase> \"bug showcase\" ) section. Other than that you can of course claim any bug bounty, CVE credits, etc. for the [ vulnerabilities ](<https://www.kitploit.com/search/label/vulnerabilities> \"vulnerabilities\" ) :) \n\n \n** Concept ** \n\n\nWhen fuzzing for core interpreter bugs, e.g. in JIT compilers, semantic correctness of generated programs becomes a concern. This is in contrast to most other scenarios, e.g. fuzzing of runtime APIs, in which case semantic correctness can easily be worked around by wrapping the generated code in try-catch constructs. There are different possibilities to achieve an acceptable rate of semantically correct samples, one of them being a mutational approach in which all samples in the corpus are also semantically valid. In that case, each mutation only has a small chance of turning a valid sample into an invalid one. \n\nTo implement a mutation-based JavaScript fuzzer, mutations to JavaScript code have to be defined. Instead of mutating the AST, or other syntactic elements of a program, a custom intermediate language (IL) is defined on which mutations to the control and data flow of a program can more directly be performed. This IL is afterwards translated to JavaScript for execution. The intermediate language looks roughly as follows: \n \n \n v0 <\u2212 LoadInteger '0' \n v1 <\u2212 LoadInteger '10' \n v2 <\u2212 LoadInteger '1' \n v3 <\u2212 LoadInteger '0' \n BeginFor v0, '<', v1, '+', v2 \u2212> v4 \n v6 <\u2212 BinaryOperation v3, '+', v4 \n Reassign v3, v6 \n EndFor \n v7 <\u2212 LoadString 'Result: ' \n v8 <\u2212 BinaryOperation v7, '+', v3 \n v9 <\u2212 LoadGlobal 'console' \n v10 <\u2212 CallMethod v9, 'log', [v8] \n \n\nWhich can e.g. be trivially translated to the following JavaScript code: \n \n \n const v0 = 0; \n const v1 = 10; \n const v2 = 1; \n let v3 = 0; \n for (let v4 = v0; v4 < v1; v4 = v4 + v2) { \n const v6 = v3 + v4; \n v3 = v6; \n } \n const v7 = \"Result: \"; \n const v8 = v7 + v3; \n const v9 = console; \n const v10 = v9.log(v8); \n \n\nOr to the following JavaScript code by inlining intermediate expressions: \n \n \n let v3 = 0; \n for (let v4 = 0; v4 < 10; v4++) { \n v3 = v3 + v4; \n } \n console.log(\"Result: \" + v3); \n \n\nFuzzIL has a number of properties: \n\n * A FuzzIL program is simply a list of instructions. \n * A FuzzIL instruction is an operation together with input and output variables and potentially one or more parameters (enclosed in single quotes in the notation above). \n * Inputs to instructions are always variables, there are no immediate values. \n * Every output of an instruction is a new variable, and existing variables can only be reassigned through dedicated operations such as the ` Reassign ` instruction. \n * Every variable is defined before it is used. \n\nA number of mutations can then be performed on these programs: \n\n * [ InputMutator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/InputMutator.swift> \"InputMutator\" ) : replaces input variables of instructions with different ones to mutate the dataflow of the program. \n * [ CodeGenMutator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/CodeGenMutator.swift> \"CodeGenMutator\" ) : generates code and inserts it somewhere in the mutated program. Code is generated either by running a [ code generator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/CodeGenerators.swift> \"code generator\" ) or by copying some instructions from another program in the corpus (splicing). \n * [ CombineMutator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/CombineMutator.swift> \"CombineMutator\" ) : inserts a program from the corpus into a random position in the mutated program. \n * [ OperationMutator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators/OperationMutator.swift> \"OperationMutator\" ) : mutates the parameters of operations, for example replacing an integer constant with a different one. \n * and more... \n \n** Implementation ** \n\n\nThe fuzzer is implemented in [ Swift ](<https://swift.org/> \"Swift\" ) , with some parts (e.g. coverage measurements, socket interactions, etc.) implemented in C. \n\n \n** Architecture ** \n\n\nA fuzzer instance (implemented in [ Fuzzer.swift ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer.swift\" ) ) is made up of the following central components: \n\n * [ MutationFuzzer ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/MutationFuzzer.swift> \"MutationFuzzer\" ) : produces new programs from existing ones by applying [ mutations ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Mutators> \"mutations\" ) . Afterwards executes the produced samples and evaluates them. \n * [ ScriptRunner ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Execution> \"ScriptRunner\" ) : executes programs of the target language. \n * [ Corpus ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/Corpus.swift> \"Corpus\" ) : stores interesting samples and supplies them to the core fuzzer. \n * [ Environment ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/JavaScriptEnvironment.swift> \"Environment\" ) : has knowledge of the runtime environment, e.g. the available builtins, property names, and methods. \n * [ Minimizer ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Minimization/Minimizer.swift> \"Minimizer\" ) : minimizes crashing and interesting programs. \n * [ Evaluator ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Evaluation> \"Evaluator\" ) : evaluates whether a sample is interesting according to some metric, e.g. code coverage. \n * [ Lifter ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Lifting> \"Lifter\" ) : translates a FuzzIL program to the target language (JavaScript). \n\nFurthermore, a number of modules are optionally available: \n\n * [ Statistics ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/Statistics.swift> \"Statistics\" ) : gathers various pieces of statistical information. \n * [ NetworkWorker/NetworkMaster ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/NetworkSync.swift> \"NetworkWorker/NetworkMaster\" ) : synchronize multiple instances over the network. \n * [ ThreadWorker/ThreadMaster ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/ThreadSync.swift> \"ThreadWorker/ThreadMaster\" ) : synchronize multiple instances within the same process. \n * [ Storage ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/Storage.swift> \"Storage\" ) : stores crashing programs to disk. \n\nThe fuzzer is event-driven, with most of the interactions between different classes happening through events. Events are dispatched e.g. as a result of a crash or an interesting program being found, a new program being executed, a log message being generated and so on. See [ Events.swift ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/Events.swift> \"Events.swift\" ) for the full list of events. The event mechanism effectively decouples the various components of the fuzzer and makes it easy to implement additional modules. \n\nA FuzzIL program can be built up using a [ ProgramBuilder ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Core/ProgramBuilder.swift> \"ProgramBuilder\" ) instance. A ProgramBuilder provides methods to create and append new instructions, append instructions from another program, retrieve existing variables, query the execution context at the current position (e.g. whether it is inside a loop), and more. \n\n \n** Execution ** \n\n\nFuzzilli uses a custom execution mode called [ REPRL (read-eval-print-reset-loop) ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Execution/REPRL.swift> \"REPRL \\(read-eval-print-reset-loop\\)\" ) . For that, the target engine is modified to accept a script input over pipes and/or shared memory, execute it, then reset its internal state and wait for the next script. This removes the overhead from process creation and to a large part from the engine ininitializaiton. \n\n \n** Scalability ** \n\n\nThere is one [ Fuzzer ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Fuzzer.swift> \"Fuzzer\" ) instance per target process. This enables synchronous execution of programs and thereby simplifies the implementation of various algorithms such as consecutive mutations and minimization. Moreover, it avoids the need to implement thread-safe access to internal state, e.g. the corpus. Each fuzzer instance has its own [ DispatchQueue ](<https://developer.apple.com/documentation/dispatch/dispatchqueue> \"DispatchQueue\" ) , conceptually corresponding to a single thread. As a rule of thumb, every interaction with a Fuzzer instance must happen on that instance\u2019s dispatch queue. This guarantees thread-safety as the queue is serial. For more details see [ the docs ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Docs/ProcessingModel.md>) . \n\nTo scale, fuzzer instances can become workers, in which case they report newly found interesting samples and [ crashes ](<https://www.kitploit.com/search/label/Crashes> \"crashes\" ) to a master instance. In turn, the master instances also synchronize their corpus with the workers. Communication between masters and workers can happen in different ways, each implemented as a module: \n\n * [ Inter-thread communication ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/ThreadSync.swift> \"Inter-thread communication\" ) : synchronize instances in the same process by enqueuing tasks to the other fuzzer\u2019s DispatchQueue. \n * Inter-process communication (TODO): synchronize instances over an IPC channel. \n * [ Inter-machine communication ](<https://github.com/googleprojectzero/fuzzilli/blob/master/Sources/Fuzzilli/Modules/NetworkSync.swift> \"Inter-machine communication\" ) : synchronize instances over a simple TCP-based protocol. \n\nThis design allows the fuzzer to scale to many cores on a single machine as well as to many different machines. As one master instance can quickly become overloaded if too many workers send programs to it, it is also possible to configure multiple tiers of master instances, e.g. one master instance, 16 intermediate masters connected to the master, and 256 workers connected to the intermediate masters. \n\n \n** Resources ** \n\n\nFurther resources about this fuzzer: \n\n * A [ presentation ](<https://saelo.github.io/presentations/offensivecon_19_fuzzilli.pdf> \"presentation\" ) about Fuzzilli given at Offensive Con 2019. \n * The [ master's thesis ](<https://saelo.github.io/papers/thesis.pdf> \"master's thesis\" ) for which the initial implementation was done. \n * A [ blogpost ](<https://sensepost.com/blog/2020/the-hunt-for-chromium-issue-1072171/> \"blogpost\" ) by Sensepost about using Fuzzilli to find a bug in v8 \n * A [ blogpost ](<https://blog.doyensec.com/2020/09/09/fuzzilli-jerryscript.html> \"blogpost\" ) by Doyensec about fuzzing the JerryScript engine with Fuzzilli \n \n** Bug Showcase ** \n\n\nThe following is a list of some of the bugs found with the help of Fuzzilli. Only bugs with security impact are included in the list. Special thanks to all users of Fuzzilli who have reported bugs found by it! \n\n \n** WebKit/JavaScriptCore ** \n\n\n * [ Issue 185328 ](<https://bugs.webkit.org/show_bug.cgi?id=185328> \"Issue 185328\" ) : DFG [ Compiler ](<https://www.kitploit.com/search/label/Compiler> \"Compiler\" ) uses incorrect output register for NumberIsInteger operation \n * [ CVE-2018-4299 ](<https://www.zerodayinitiative.com/advisories/ZDI-18-1081/> \"CVE-2018-4299\" ) : performProxyCall leaks internal object to script \n * [ CVE-2018-4359 ](<https://bugs.webkit.org/show_bug.cgi?id=187451> \"CVE-2018-4359\" ) : compileMathIC produces incorrect machine code \n * [ CVE-2019-8518 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1775> \"CVE-2019-8518\" ) : OOB access in FTL JIT due to LICM moving array access before the bounds check \n * [ CVE-2019-8558 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1783> \"CVE-2019-8558\" ) : CodeBlock UaF due to dangling Watchpoints \n * [ CVE-2019-8611 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1788> \"CVE-2019-8611\" ) : AIR optimization incorrectly removes assignment to register \n * [ CVE-2019-8623 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1789> \"CVE-2019-8623\" ) : Loop-invariant code motion (LICM) in DFG JIT leaves stack variable uninitialized \n * [ CVE-2019-8622 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1802> \"CVE-2019-8622\" ) : DFG's doesGC() is incorrect about the HasIndexedProperty operation's behaviour on StringObjects \n * [ CVE-2019-8671 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1822> \"CVE-2019-8671\" ) : DFG: Loop-invariant code motion (LICM) leaves object property access unguarded \n * [ CVE-2019-8672 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1825> \"CVE-2019-8672\" ) : JSValue use-after-free in ValueProfiles \n * [ CVE-2019-8678 ](<https://bugs.webkit.org/show_bug.cgi?id=198259> \"CVE-2019-8678\" ) : JSC fails to run haveABadTime() when some prototypes are modified, leading to type confusions \n * [ CVE-2019-8685 ](<https://bugs.webkit.org/show_bug.cgi?id=197691> \"CVE-2019-8685\" ) : JSPropertyNameEnumerator uses wrong structure IDs \n * [ CVE-2019-8765 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1915> \"CVE-2019-8765\" ) : GetterSetter type confusion during DFG compilation \n * [ CVE-2019-8820 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1924> \"CVE-2019-8820\" ) : Type confusion during bailout when reconstructing arguments objects \n * [ CVE-2020-3901 ](<https://bugs.webkit.org/show_bug.cgi?id=206805> \"CVE-2020-3901\" ) : GetterSetter type confusion in FTL JIT code (due to not always safe LICM) \n \n** Gecko/Spidermonkey ** \n\n\n * [ CVE-2018-12386 ](<https://ssd-disclosure.com/archives/3765/ssd-advisory-firefox-javascript-type-confusion-rce> \"CVE-2018-12386\" ) : IonMonkey register allocation bug leads to type confusions \n * [ CVE-2019-9791 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1791> \"CVE-2019-9791\" ) : IonMonkey's type inference is incorrect for constructors entered via OSR \n * [ CVE-2019-9792 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1794> \"CVE-2019-9792\" ) : IonMonkey leaks JS_OPTIMIZED_OUT magic value to script \n * [ CVE-2019-9816 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1808> \"CVE-2019-9816\" ) : unexpected ObjectGroup in ObjectGroupDispatch operation \n * [ CVE-2019-9813 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1810> \"CVE-2019-9813\" ) : IonMonkey compiled code fails to update inferred property types, leading to type confusions \n * [ CVE-2019-11707 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1820> \"CVE-2019-11707\" ) : IonMonkey incorrectly predicts return type of Array.prototype.pop, leading to type confusions \n * [ CVE-2020-15656 ](<https://bugzilla.mozilla.org/show_bug.cgi?id=1647293> \"CVE-2020-15656\" ) : Type confusion for special arguments in IonMonkey \n \n** Chromium/v8 ** \n\n\n * [ Issue 939316 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1799> \"Issue 939316\" ) : Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct \n * [ Issue 944062 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1809> \"Issue 944062\" ) : JSCallReducer::ReduceArrayIndexOfIncludes fails to insert Map checks \n * [ CVE-2019-5831 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=950328> \"CVE-2019-5831\" ) : Incorrect map processing in V8 \n * [ Issue 944865 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=944865> \"Issue 944865\" ) : Invalid value representation in V8 \n * [ CVE-2019-5841 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=969588> \"CVE-2019-5841\" ) : Bug in inlining heuristic \n * [ CVE-2019-5847 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=972921> \"CVE-2019-5847\" ) : V8 sealed/frozen elements cause crash \n * [ CVE-2019-5853 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=976627> \"CVE-2019-5853\" ) : Memory corruption in regexp length check \n * [ Issue 992914 ](<https://bugs.chromium.org/p/project-zero/issues/detail?id=1923> \"Issue 992914\" ) : Map migration doesn't respect element kinds, leading to type confusion \n * [ CVE-2020-6512 ](<https://bugs.chromium.org/p/chromium/issues/detail?id=1084820> \"CVE-2020-6512\" ) : Type Confusion in V8 \n \n** [ Duktape ](<https://github.com/svaarala/duktape> \"Duktape\" ) ** \n\n\n * [ Issue 2323 ](<https://github.com/svaarala/duktape/pull/2323> \"Issue 2323\" ) : Unstable valstack pointer in putprop \n * [ Issue 2320 ](<https://github.com/svaarala/duktape/pull/2320> \"Issue 2320\" ) : Memcmp pointer overflow in string builtin \n \n** [ JerryScript ](<https://github.com/jerryscript-project/jerryscript> \"JerryScript\" ) ** \n\n\n * [ CVE-2020-13991 ](<https://github.com/jerryscript-project/jerryscript/issues/3858> \"CVE-2020-13991\" ) : Incorrect release of spread arguments \n * [ Issue 3784 ](<https://github.com/jerryscript-project/jerryscript/issues/3784> \"Issue 3784\" ) : Memory corruption due to incorrect property enumeration \n * [ CVE-2020-13623 ](<https://github.com/jerryscript-project/jerryscript/issues/3785> \"CVE-2020-13623\" ) : Stack overflow via property keys for Proxy objects \n * [ CVE-2020-13649 (1) ](<https://github.com/jerryscript-project/jerryscript/issues/3786> \"CVE-2020-13649 \\(1\\)\" ) : Memory corruption due to error handling in case of OOM \n * [ CVE-2020-13649 (2) ](<https://github.com/jerryscript-project/jerryscript/issues/3788> \"CVE-2020-13649 \\(2\\)\" ) : Memory corruption due to error handling in case of OOM \n * [ CVE-2020-13622 ](<https://github.com/jerryscript-project/jerryscript/issues/3787> \"CVE-2020-13622\" ) : Memory corruption due to incorrect handling of property keys for Proxy objects \n * [ CVE-2020-14163 ](<https://github.com/jerryscript-project/jerryscript/issues/3804> \"CVE-2020-14163\" ) : Memory corruption due to race condition triggered by garbage collection when adding key/value pairs \n * [ Issue 3813 ](<https://github.com/jerryscript-project/jerryscript/issues/3813> \"Issue 3813\" ) : Incorrect error handling in SerializeJSONProperty function \n * [ Issue 3814 ](<https://github.com/jerryscript-project/jerryscript/issues/3814> \"Issue 3814\" ) : Unexpected Proxy object in ecma_op_function_has_instance assertion \n * [ Issue 3836 ](<https://github.com/jerryscript-project/jerryscript/issues/3836> \"Issue 3836\" ) : Memory corruption due to incorrect TypedArray initialization \n * [ Issue 3837 ](<https://github.com/jerryscript-project/jerryscript/issues/3837> \"Issue 3837\" ) : Memory corruption due to incorrect memory handling in getOwnPropertyDescriptor \n \n** Disclaimer ** \n\n\nThis is not an officially supported Google product. \n\n \n \n\n\n** [ Download Fuzzilli ](<https://github.com/googleprojectzero/fuzzilli> \"Download Fuzzilli\" ) **\n", "edition": 1, "modified": "2020-11-21T20:30:00", "published": "2020-11-21T20:30:00", "id": "KITPLOIT:8766743662298222785", "href": "http://www.kitploit.com/2020/11/fuzzilli-javascript-engine-fuzzer.html", "title": "Fuzzilli - A JavaScript Engine Fuzzer", "type": "kitploit", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "rst": [{"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0h8yo[.]icu** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-09-10T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-10T00:00:00", "id": "RST:F09822A9-6EC6-3415-9DFB-DF51E5721B72", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0h8yo.icu", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0m4[.]ru** in [RST Threat Feed](https://rstcloud.net/profeed) with score **3**.\n First seen: 2019-12-15T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 178[.]238.239.10\nWhois:\n Created: 2017-09-19 04:31:19, \n Registrar: unknown, \n Registrant: Private Person.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:99833F70-39A1-3348-A438-11A0CE36825B", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0m4.ru", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0nlinestore[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **3**.\n First seen: 2019-12-15T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 3[.]223.115.185 and CNAME records: hdredirect-lb7-5a03e1c2772e1c9c.elb.us-east-1.amazonaws.com.\nWhois:\n Created: 2018-09-07 18:47:11, \n Registrar: TurnCommerce Inc DBA NameBrightcom, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:43A18D3D-BEC1-35D3-BB1A-62727883E426", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0nlinestore.com", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0nofds9z2mlpinb[.]ru** in [RST Threat Feed](https://rstcloud.net/profeed) with score **3**.\n First seen: 2019-12-15T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 104[.]24.109.85,104.24.108.85,172.67.204.238\nWhois:\n Created: 2019-02-26 03:59:09, \n Registrar: PNRU, \n Registrant: Private Person.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:D55A533D-1C44-3FE6-8C6E-5123EE4C26C1", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0nofds9z2mlpinb.ru", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0p3[.]ru** in [RST Threat Feed](https://rstcloud.net/profeed) with score **3**.\n First seen: 2019-12-15T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 104[.]31.71.149,104.31.70.149,172.67.148.186\nWhois:\n Created: 2016-11-03 09:32:32, \n Registrar: unknown, \n Registrant: Private Person.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:09577DC4-8814-34F5-A8AE-E11421F90467", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0p3.ru", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **0p417-v35zrwjk9[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2019-12-15T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nWhois:\n Created: 2019-09-10 10:33:58, \n Registrar: GMO Internet Inc dba Onamaecom, \n Registrant: unknown.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2019-12-15T00:00:00", "id": "RST:A9075A8A-BCA9-3F66-9D9B-CE5FA4D4B733", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 0p417-v35zrwjk9.com", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **10002[.]lin580.com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **20**.\n First seen: 2020-09-28T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **malware**.\nWhois:\n Created: 2020-04-24 07:04:24, \n Registrar: Wixcom Ltd, \n Registrant: unknown.\nIOC could be a **False Positive** (Domain not resolved, but Whois records found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-28T00:00:00", "id": "RST:FDA403AF-2E24-3AD6-A260-64CAF2671EAF", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 10002.lin580.com", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101freshclick[.]com** in [RST Threat Feed](https://rstcloud.net/profeed) with score **32**.\n First seen: 2020-11-01T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **spam**.\nDomain has DNS A records: 192[.]5.6.30\nWhois:\n Created: 2020-09-01 16:31:42, \n Registrar: NameCheap Inc, \n Registrant: unknown.\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-11-01T00:00:00", "id": "RST:E9DDE5C0-545A-3CE8-A026-8810F506EADE", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 101freshclick.com", "type": "rst", "cvss": {}}, {"lastseen": "2020-11-20T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **10qbbc5l5e[.]xyz** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-09-10T03:00:00, Last seen: 2020-11-20T03:00:00.\n IOC tags: **generic**.\nIOC could be a **False Positive** (Domain not resolved. Whois records not found).\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-09-10T00:00:00", "id": "RST:6278D723-234B-3284-8A40-3F261F16EEEE", "href": "", "published": "2020-11-21T00:00:00", "title": "RST Threat feed. IOC: 10qbbc5l5e.xyz", "type": "rst", "cvss": {}}]}
