CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. (Speculative execution is an automatic and inherent CPU performance optimization used in all modern processors.) Successful exploitation may allow for information disclosure.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2017-5753 (Bounds Check bypass), CVE-2017-5754 (Rogue data cache load) to these issues.

Column 5 of the following table lists the action required to mitigate the vulnerability in each release, if a solution is available.

ibm 27

redhatcve 1

suse 5

openvas 20

huawei 2

nessus 64

seebug 1

nvidia 7

mageia 1

redhat 23

symantec 3

securelist 1

thn 2

virtuozzo 4

ubuntu 7

lenovo 2

qualysblog 6

threatpost 3

vmware 1

f5 1

arista 1

paloalto 1

malwarebytes 2

kitploit 1

cloudfoundry 1

cisco 1

centos 3

citrix 1

talosblog 1

oraclelinux 2

veeam 1

cert 1

xen 1

googleprojectzero 1

ibm

Security Bulletin: PowerKVM has released updates in response to the vulnerabilities known as Spectre and Meltdown.

2018-06-18 01:41:07

Security Bulletin: Aspera Products and the Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)

2018-12-08 04:55:34

Security Bulletin: IBM Spectrum Protect Plus has released instructions for obtaining an update in response to the vulnerabilities known as Spectre and Meltdown

2018-06-17 15:48:44

redhatcve

CVE-2017-5715

2021-07-20 18:54:09

suse

Security update for the Linux Kernel (important)

2018-01-16 21:08:59

Security update for the Linux Kernel (important)

2018-01-16 21:08:19

Security update for the Linux Kernel (important)

2018-01-11 18:10:26

openvas

Ubuntu Update for linux-azure USN-3541-2

2018-01-23 00:00:00

CentOS Update for kernel CESA-2018:0512 centos6

2018-03-15 00:00:00

Ubuntu Update for linux USN-3540-1

2018-01-23 00:00:00

huawei

Security Advisory - CPU Vulnerabilities Meltdown and Spectre

2018-06-06 00:00:00

Security Advisory - CPU Vulnerabilities 'Meltdown' and 'Spectre'

2018-01-06 00:00:00

nessus

Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-006)

2018-02-05 00:00:00

RHEL 7 : kernel (RHSA-2018:0182) (Meltdown) (Spectre)

2018-01-25 00:00:00

Ubuntu 17.10 : Linux kernel vulnerabilities (USN-3597-1) (Meltdown) (Spectre)

2018-03-15 00:00:00

seebug

Reading privileged memory with a side-channel (Meltdown & Spectre)

2018-01-04 00:00:00

nvidia

Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, and Tegra K1 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-05 00:00:00

Security Bulletin: NVIDIA Jetson TX2 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-05 00:00:00

Security Notice: CPU Speculative Side Channel Vulnerabilities

2018-01-03 00:00:00

mageia

Updated nvidia-current packages mitigates security issues

2018-01-13 17:28:36

redhat

(RHSA-2018:0091) Important: Red Hat CloudForms 4.5 security update

2018-01-15 21:33:25

(RHSA-2018:0089) Important: Red Hat CloudForms 4.1 security update

2018-01-15 21:33:19

(RHSA-2018:0020) Important: kernel security update

2018-01-04 15:05:39

symantec

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

2018-01-08 08:00:00

Multiple CPU Hardware CVE-2017-5753 Information Disclosure Vulnerability

2018-01-03 00:00:00

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

2018-01-03 00:00:00

securelist

IT threat evolution Q1 2018

2018-05-14 10:00:08

thn

[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks

2018-01-04 21:18:00

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

2018-01-03 19:34:00

virtuozzo

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2018-01-06 00:00:00

Important product update: Fixes for Meltdown and Spectre exploits in virtual machines; Virtuozzo 6.0 Update 12 Hotfix 21 (6.0.12-3698)

2018-02-01 00:00:00

Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 3.10.0-693.11.6.vz7.40.4, Virtuozzo 7.0 Update 6 Hotfix 3 (7.0.6-710)

2018-01-08 00:00:00

ubuntu

Firefox vulnerabilities

2018-01-05 00:00:00

Linux kernel vulnerabilities

2018-03-15 00:00:00

Linux kernel (Xenial HWE) vulnerabilities

2018-01-23 00:00:00

lenovo

Reading Privileged Memory with a Side Channel - Lenovo Support US

2018-10-24 12:22:52

Reading Privileged Memory with a Side Channel - US

2018-10-24 12:22:52

qualysblog

Apple in the InfoSec Spotlight, as GitHub Falls Prey to Amplified DDoS Attack

2018-03-02 14:48:53

Meltdown/Spectre and Qualys Cloud Platform

2018-01-09 02:36:19

Processor Vulnerabilities – Meltdown and Spectre

2018-01-04 02:17:43

threatpost

Experts Weigh In On Spectre Patch Challenges

2018-01-07 23:21:34

Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts

2018-01-04 13:01:52

Google Releases Spectre PoC Exploit For Chrome

2021-03-16 14:01:06

vmware

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

2018-02-08 00:00:00

Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

2018-01-04 04:46:00

arista

Security Advisory 0031

2018-01-03 00:00:00

paloalto

Information about Meltdown and Spectre findings

2018-01-04 00:00:00

malwarebytes

Meltdown and Spectre fallout: patching problems persist

2018-01-11 14:00:00

Meltdown and Spectre: what you need to know

2018-01-04 15:53:24

kitploit

Spectre-Meltdown-Checker - Spectre & Meltdown Vulnerability/Mitigation Checker For Linux

2018-01-08 12:43:00

cloudfoundry

USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2018-01-23 00:00:00

cisco

CPU Side-Channel Information Disclosure Vulnerabilities

2018-01-04 22:20:00

centos

kernel, perf, python security update

2018-01-04 11:36:27

kernel, perf, python security update

2018-01-04 19:46:26

kernel, perf, python security update

2018-03-14 14:47:28

citrix

Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

2018-01-03 04:00:00

talosblog

Meltdown and Spectre

2018-01-08 09:16:00

oraclelinux

Unbreakable Enterprise kernel security update

2018-01-19 00:00:00

kernel security update

2018-01-04 00:00:00

veeam

Meltdown and Spectre vulnerabilities

2018-01-09 00:00:00

cert

CPU hardware vulnerable to side-channel attacks

2018-01-04 00:00:00

xen

Information leak via side effects of speculative execution

2018-01-03 22:29:00

googleprojectzero

Reading privileged memory with a side-channel

2018-01-03 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.976 High

EPSS

Percentile

100.0%

JSON

Related for VMSA-2018-0007