ID CVE-2017-5753
Summary Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Vulnerable Configurations
  • Intel Atom C C2308
    cpe:2.3:h:intel:atom_c:c2308
  • Intel Atom C C2316
    cpe:2.3:h:intel:atom_c:c2316
  • Intel Atom C C2338
    cpe:2.3:h:intel:atom_c:c2338
  • Intel Atom C C2350
    cpe:2.3:h:intel:atom_c:c2350
  • Intel Atom C C2358
    cpe:2.3:h:intel:atom_c:c2358
  • Intel Atom C C2508
    cpe:2.3:h:intel:atom_c:c2508
  • Intel Atom C C2516
    cpe:2.3:h:intel:atom_c:c2516
  • Intel Atom C C2518
    cpe:2.3:h:intel:atom_c:c2518
  • Intel Atom C C2530
    cpe:2.3:h:intel:atom_c:c2530
  • Intel Atom C C2538
    cpe:2.3:h:intel:atom_c:c2538
  • Intel Atom C C2550
    cpe:2.3:h:intel:atom_c:c2550
  • Intel Atom C C2558
    cpe:2.3:h:intel:atom_c:c2558
  • Intel Atom C C2718
    cpe:2.3:h:intel:atom_c:c2718
  • Intel Atom C C2730
    cpe:2.3:h:intel:atom_c:c2730
  • Intel Atom C C2738
    cpe:2.3:h:intel:atom_c:c2738
  • Intel Atom C C2750
    cpe:2.3:h:intel:atom_c:c2750
  • Intel Atom C C2758
    cpe:2.3:h:intel:atom_c:c2758
  • Intel Atom C C3308
    cpe:2.3:h:intel:atom_c:c3308
  • Intel Atom C C3338
    cpe:2.3:h:intel:atom_c:c3338
  • Intel Atom C C3508
    cpe:2.3:h:intel:atom_c:c3508
  • Intel Atom C C3538
    cpe:2.3:h:intel:atom_c:c3538
  • Intel Atom C C3558
    cpe:2.3:h:intel:atom_c:c3558
  • Intel Atom C C3708
    cpe:2.3:h:intel:atom_c:c3708
  • Intel Atom C C3750
    cpe:2.3:h:intel:atom_c:c3750
  • Intel Atom C C3758
    cpe:2.3:h:intel:atom_c:c3758
  • Intel Atom C C3808
    cpe:2.3:h:intel:atom_c:c3808
  • Intel Atom C C3830
    cpe:2.3:h:intel:atom_c:c3830
  • Intel Atom C C3850
    cpe:2.3:h:intel:atom_c:c3850
  • Intel Atom C C3858
    cpe:2.3:h:intel:atom_c:c3858
  • Intel Atom C C3950
    cpe:2.3:h:intel:atom_c:c3950
  • Intel Atom C C3955
    cpe:2.3:h:intel:atom_c:c3955
  • Intel Atom C C3958
    cpe:2.3:h:intel:atom_c:c3958
  • Intel Atom E E3805
    cpe:2.3:h:intel:atom_e:e3805
  • Intel Atom E E3815
    cpe:2.3:h:intel:atom_e:e3815
  • Intel Atom E E3825
    cpe:2.3:h:intel:atom_e:e3825
  • Intel Atom E E3826
    cpe:2.3:h:intel:atom_e:e3826
  • Intel Atom E E3827
    cpe:2.3:h:intel:atom_e:e3827
  • Intel Atom E E3845
    cpe:2.3:h:intel:atom_e:e3845
  • Intel Atom X3 C3130
    cpe:2.3:h:intel:atom_x3:c3130
  • Intel Atom X3 C3200RK
    cpe:2.3:h:intel:atom_x3:c3200rk
  • Intel Atom X3 C3205RK
    cpe:2.3:h:intel:atom_x3:c3205rk
  • Intel Atom X3 C3230RK
    cpe:2.3:h:intel:atom_x3:c3230rk
  • Intel Atom X3 C3235RK
    cpe:2.3:h:intel:atom_x3:c3235rk
  • Intel Atom X3 C3265RK
    cpe:2.3:h:intel:atom_x3:c3265rk
  • Intel Atom X3 C3295RK
    cpe:2.3:h:intel:atom_x3:c3295rk
  • Intel Atom X3 C3405
    cpe:2.3:h:intel:atom_x3:c3405
  • Intel Atom X3 C3445
    cpe:2.3:h:intel:atom_x3:c3445
  • Intel Atom Z Z2420
    cpe:2.3:h:intel:atom_z:z2420
  • Intel Atom Z Z2460
    cpe:2.3:h:intel:atom_z:z2460
  • Intel Atom Z Z2480
    cpe:2.3:h:intel:atom_z:z2480
  • Intel Atom Z Z2520
    cpe:2.3:h:intel:atom_z:z2520
  • Intel Atom Z Z2560
    cpe:2.3:h:intel:atom_z:z2560
  • Intel Atom Z Z2580
    cpe:2.3:h:intel:atom_z:z2580
  • Intel Atom Z Z2760
    cpe:2.3:h:intel:atom_z:z2760
  • Intel Atom Z Z3460
    cpe:2.3:h:intel:atom_z:z3460
  • Intel Atom Z Z3480
    cpe:2.3:h:intel:atom_z:z3480
  • Intel Atom Z Z3530
    cpe:2.3:h:intel:atom_z:z3530
  • Intel Atom Z Z3560
    cpe:2.3:h:intel:atom_z:z3560
  • Intel Atom Z Z3570
    cpe:2.3:h:intel:atom_z:z3570
  • Intel Atom Z Z3580
    cpe:2.3:h:intel:atom_z:z3580
  • Intel Atom Z Z3590
    cpe:2.3:h:intel:atom_z:z3590
  • Intel Atom Z Z3735D
    cpe:2.3:h:intel:atom_z:z3735d
  • Intel Atom Z Z3735E
    cpe:2.3:h:intel:atom_z:z3735e
  • Intel Atom Z Z3735F
    cpe:2.3:h:intel:atom_z:z3735f
  • Intel Atom Z Z3735G
    cpe:2.3:h:intel:atom_z:z3735g
  • Intel Atom Z Z3736F
    cpe:2.3:h:intel:atom_z:z3736f
  • Intel Atom Z Z3736G
    cpe:2.3:h:intel:atom_z:z3736g
  • Intel Atom Z Z3740
    cpe:2.3:h:intel:atom_z:z3740
  • Intel Atom Z Z3740D
    cpe:2.3:h:intel:atom_z:z3740d
  • Intel Atom Z Z3745
    cpe:2.3:h:intel:atom_z:z3745
  • Intel Atom Z Z3745D
    cpe:2.3:h:intel:atom_z:z3745d
  • Intel Atom Z Z3770
    cpe:2.3:h:intel:atom_z:z3770
  • Intel Atom Z Z3770D
    cpe:2.3:h:intel:atom_z:z3770d
  • Intel Atom Z Z3775
    cpe:2.3:h:intel:atom_z:z3775
  • Intel Atom Z Z3775D
    cpe:2.3:h:intel:atom_z:z3775d
  • Intel Atom Z Z3785
    cpe:2.3:h:intel:atom_z:z3785
  • Intel Atom Z Z3795
    cpe:2.3:h:intel:atom_z:z3795
  • Intel Celeron J J1750
    cpe:2.3:h:intel:celeron_j:j1750
  • Intel Celeron J J1800
    cpe:2.3:h:intel:celeron_j:j1800
  • Intel Celeron J J1850
    cpe:2.3:h:intel:celeron_j:j1850
  • Intel Celeron J J1900
    cpe:2.3:h:intel:celeron_j:j1900
  • Intel Celeron J J3060
    cpe:2.3:h:intel:celeron_j:j3060
  • Intel Celeron J J3160
    cpe:2.3:h:intel:celeron_j:j3160
  • Intel Celeron J J3355
    cpe:2.3:h:intel:celeron_j:j3355
  • Intel Celeron J J3455
    cpe:2.3:h:intel:celeron_j:j3455
  • Intel Celeron J J4005
    cpe:2.3:h:intel:celeron_j:j4005
  • Intel Celeron J J4105
    cpe:2.3:h:intel:celeron_j:j4105
  • Intel Celeron N N2805
    cpe:2.3:h:intel:celeron_n:n2805
  • Intel Celeron N N2806
    cpe:2.3:h:intel:celeron_n:n2806
  • Intel Celeron N N2807
    cpe:2.3:h:intel:celeron_n:n2807
  • Intel Celeron N N2808
    cpe:2.3:h:intel:celeron_n:n2808
  • Intel Celeron N N2810
    cpe:2.3:h:intel:celeron_n:n2810
  • Intel Celeron N N2815
    cpe:2.3:h:intel:celeron_n:n2815
  • Intel Celeron N N2820
    cpe:2.3:h:intel:celeron_n:n2820
  • Intel Celeron N N2830
    cpe:2.3:h:intel:celeron_n:n2830
  • Intel Celeron N N2840
    cpe:2.3:h:intel:celeron_n:n2840
  • Intel Celeron N N2910
    cpe:2.3:h:intel:celeron_n:n2910
  • Intel Celeron N N2920
    cpe:2.3:h:intel:celeron_n:n2920
  • Intel Celeron N N2930
    cpe:2.3:h:intel:celeron_n:n2930
  • Intel Celeron N N2940
    cpe:2.3:h:intel:celeron_n:n2940
  • Intel Celeron N N3000
    cpe:2.3:h:intel:celeron_n:n3000
  • Intel Celeron N N3010
    cpe:2.3:h:intel:celeron_n:n3010
  • Intel Celeron N N3050
    cpe:2.3:h:intel:celeron_n:n3050
  • Intel Celeron N N3060
    cpe:2.3:h:intel:celeron_n:n3060
  • Intel Celeron N N3150
    cpe:2.3:h:intel:celeron_n:n3150
  • Intel Celeron N N3160
    cpe:2.3:h:intel:celeron_n:n3160
  • Intel Celeron N N3350
    cpe:2.3:h:intel:celeron_n:n3350
  • Intel Celeron N N3450
    cpe:2.3:h:intel:celeron_n:n3450
  • Intel Celeron N N4000
    cpe:2.3:h:intel:celeron_n:n4000
  • Intel Celeron N N4100
    cpe:2.3:h:intel:celeron_n:n4100
  • Intel Core I3 330E
    cpe:2.3:h:intel:core_i3:330e
  • Intel Core I3 330M
    cpe:2.3:h:intel:core_i3:330m
  • Intel Core I3 330UM
    cpe:2.3:h:intel:core_i3:330um
  • Intel Core I3 350M
    cpe:2.3:h:intel:core_i3:350m
  • Intel Core I3 370M
    cpe:2.3:h:intel:core_i3:370m
  • Intel Core I3 380M
    cpe:2.3:h:intel:core_i3:380m
  • Intel Core I3 380UM
    cpe:2.3:h:intel:core_i3:380um
  • Intel Core I3 390M
    cpe:2.3:h:intel:core_i3:390m
  • Intel Core I3 530
    cpe:2.3:h:intel:core_i3:530
  • Intel Core I3 540
    cpe:2.3:h:intel:core_i3:540
  • Intel Core I3 550
    cpe:2.3:h:intel:core_i3:550
  • Intel Core I3 560
    cpe:2.3:h:intel:core_i3:560
  • Intel Core I3 2100
    cpe:2.3:h:intel:core_i3:2100
  • Intel Core I3 2100T
    cpe:2.3:h:intel:core_i3:2100t
  • Intel Core I3 2102
    cpe:2.3:h:intel:core_i3:2102
  • Intel Core I3 2105
    cpe:2.3:h:intel:core_i3:2105
  • Intel Core I3 2115C
    cpe:2.3:h:intel:core_i3:2115c
  • Intel Core I3 2120
    cpe:2.3:h:intel:core_i3:2120
  • Intel Core I3 2120T
    cpe:2.3:h:intel:core_i3:2120t
  • Intel Core I3 2125
    cpe:2.3:h:intel:core_i3:2125
  • Intel Core I3 2130
    cpe:2.3:h:intel:core_i3:2130
  • Intel Core I3 2310E
    cpe:2.3:h:intel:core_i3:2310e
  • Intel Core I3 2310M
    cpe:2.3:h:intel:core_i3:2310m
  • Intel Core I3 2312M
    cpe:2.3:h:intel:core_i3:2312m
  • Intel Core I3 2328M
    cpe:2.3:h:intel:core_i3:2328m
  • Intel Core I3 2330E
    cpe:2.3:h:intel:core_i3:2330e
  • Intel Core I3 2330M
    cpe:2.3:h:intel:core_i3:2330m
  • Intel Core I3 2340UE
    cpe:2.3:h:intel:core_i3:2340ue
  • Intel Core I3 2348M
    cpe:2.3:h:intel:core_i3:2348m
  • Intel Core I3 2350M
    cpe:2.3:h:intel:core_i3:2350m
  • Intel Core I3 2357M
    cpe:2.3:h:intel:core_i3:2357m
  • Intel Core I3 2365M
    cpe:2.3:h:intel:core_i3:2365m
  • Intel Core I3 2367M
    cpe:2.3:h:intel:core_i3:2367m
  • Intel Core I3 2370M
    cpe:2.3:h:intel:core_i3:2370m
  • Intel Core I3 2375M
    cpe:2.3:h:intel:core_i3:2375m
  • Intel Core I3 2377M
    cpe:2.3:h:intel:core_i3:2377m
  • Intel Core I3 3110M
    cpe:2.3:h:intel:core_i3:3110m
  • Intel Core I3 3115C
    cpe:2.3:h:intel:core_i3:3115c
  • Intel Core I3 3120M
    cpe:2.3:h:intel:core_i3:3120m
  • Intel Core I3 3120ME
    cpe:2.3:h:intel:core_i3:3120me
  • Intel Core I3 3130M
    cpe:2.3:h:intel:core_i3:3130m
  • Intel Core I3 3210
    cpe:2.3:h:intel:core_i3:3210
  • Intel Core I3 3217U
    cpe:2.3:h:intel:core_i3:3217u
  • Intel Core I3 3217UE
    cpe:2.3:h:intel:core_i3:3217ue
  • Intel Core I3 3220
    cpe:2.3:h:intel:core_i3:3220
  • Intel Core I3 3220T
    cpe:2.3:h:intel:core_i3:3220t
  • Intel Core I3 3225
    cpe:2.3:h:intel:core_i3:3225
  • Intel Core I3 3227U
    cpe:2.3:h:intel:core_i3:3227u
  • Intel Core I3 3229Y
    cpe:2.3:h:intel:core_i3:3229y
  • Intel Core I3 3240
    cpe:2.3:h:intel:core_i3:3240
  • Intel Core I3 3240T
    cpe:2.3:h:intel:core_i3:3240t
  • Intel Core I3 3245
    cpe:2.3:h:intel:core_i3:3245
  • Intel Core I3 3250
    cpe:2.3:h:intel:core_i3:3250
  • Intel Core I3 3250T
    cpe:2.3:h:intel:core_i3:3250t
  • Intel Core I3 4000M
    cpe:2.3:h:intel:core_i3:4000m
  • Intel Core I3 4005U
    cpe:2.3:h:intel:core_i3:4005u
  • Intel Core I3 4010U
    cpe:2.3:h:intel:core_i3:4010u
  • Intel Core I3 4010Y
    cpe:2.3:h:intel:core_i3:4010y
  • Intel Core I3 4012Y
    cpe:2.3:h:intel:core_i3:4012y
  • Intel Core I3 4020Y
    cpe:2.3:h:intel:core_i3:4020y
  • Intel Core I3 4025U
    cpe:2.3:h:intel:core_i3:4025u
  • Intel Core I3 4030U
    cpe:2.3:h:intel:core_i3:4030u
  • Intel Core I3 4030Y
    cpe:2.3:h:intel:core_i3:4030y
  • Intel Core I3 4100E
    cpe:2.3:h:intel:core_i3:4100e
  • Intel Core I3 4100M
    cpe:2.3:h:intel:core_i3:4100m
  • Intel Core I3 4100U
    cpe:2.3:h:intel:core_i3:4100u
  • Intel Core I3 4102E
    cpe:2.3:h:intel:core_i3:4102e
  • Intel Core I3 4110E
    cpe:2.3:h:intel:core_i3:4110e
  • Intel Core I3 4110M
    cpe:2.3:h:intel:core_i3:4110m
  • Intel Core I3 4112E
    cpe:2.3:h:intel:core_i3:4112e
  • Intel Core I3 4120U
    cpe:2.3:h:intel:core_i3:4120u
  • Intel Core I3 4130
    cpe:2.3:h:intel:core_i3:4130
  • Intel Core I3 4130T
    cpe:2.3:h:intel:core_i3:4130t
  • Intel Core I3 4150
    cpe:2.3:h:intel:core_i3:4150
  • Intel Core I3 4150T
    cpe:2.3:h:intel:core_i3:4150t
  • Intel Core I3 4158U
    cpe:2.3:h:intel:core_i3:4158u
  • Intel Core I3 4160
    cpe:2.3:h:intel:core_i3:4160
  • Intel Core I3 4160T
    cpe:2.3:h:intel:core_i3:4160t
  • Intel Core I3 4170
    cpe:2.3:h:intel:core_i3:4170
  • Intel Core I3 4170T
    cpe:2.3:h:intel:core_i3:4170t
  • Intel Core I3 4330
    cpe:2.3:h:intel:core_i3:4330
  • Intel Core I3 4330T
    cpe:2.3:h:intel:core_i3:4330t
  • Intel Core I3 4330TE
    cpe:2.3:h:intel:core_i3:4330te
  • Intel Core I3 4340
    cpe:2.3:h:intel:core_i3:4340
  • Intel Core I3 4340TE
    cpe:2.3:h:intel:core_i3:4340te
  • Intel Core I3 4350
    cpe:2.3:h:intel:core_i3:4350
  • Intel Core I3 4350T
    cpe:2.3:h:intel:core_i3:4350t
  • Intel Core I3 4360
    cpe:2.3:h:intel:core_i3:4360
  • Intel Core I3 4360T
    cpe:2.3:h:intel:core_i3:4360t
  • Intel Core I3 4370
    cpe:2.3:h:intel:core_i3:4370
  • Intel Core I3 4370T
    cpe:2.3:h:intel:core_i3:4370t
  • Intel Core I3 5005U
    cpe:2.3:h:intel:core_i3:5005u
  • Intel Core I3 5010U
    cpe:2.3:h:intel:core_i3:5010u
  • Intel Core I3 5015U
    cpe:2.3:h:intel:core_i3:5015u
  • Intel Core I3 5020U
    cpe:2.3:h:intel:core_i3:5020u
  • Intel Core I3 5157U
    cpe:2.3:h:intel:core_i3:5157u
  • Intel Core I3 6006U
    cpe:2.3:h:intel:core_i3:6006u
  • Intel Core I3 6098P
    cpe:2.3:h:intel:core_i3:6098p
  • Intel Core I3 6100
    cpe:2.3:h:intel:core_i3:6100
  • Intel Core I3 6100E
    cpe:2.3:h:intel:core_i3:6100e
  • Intel Core I3 6100H
    cpe:2.3:h:intel:core_i3:6100h
  • Intel Core I3 6100T
    cpe:2.3:h:intel:core_i3:6100t
  • Intel Core I3 6100TE
    cpe:2.3:h:intel:core_i3:6100te
  • Intel Core I3 6100U
    cpe:2.3:h:intel:core_i3:6100u
  • Intel Core I3 6102E
    cpe:2.3:h:intel:core_i3:6102e
  • Intel Core I3 6157U
    cpe:2.3:h:intel:core_i3:6157u
  • Intel Core I3 6167U
    cpe:2.3:h:intel:core_i3:6167u
  • Intel Core I3 6300
    cpe:2.3:h:intel:core_i3:6300
  • Intel Core I3 6300T
    cpe:2.3:h:intel:core_i3:6300t
  • Intel Core I3 6320
    cpe:2.3:h:intel:core_i3:6320
  • Intel Core I3 8100
    cpe:2.3:h:intel:core_i3:8100
  • Intel Core I3 8350K
    cpe:2.3:h:intel:core_i3:8350k
  • Intel Core I5 430M
    cpe:2.3:h:intel:core_i5:430m
  • Intel Core I5 430UM
    cpe:2.3:h:intel:core_i5:430um
  • Intel Core I5 450M
    cpe:2.3:h:intel:core_i5:450m
  • Intel Core I5 460M
    cpe:2.3:h:intel:core_i5:460m
  • Intel Core I5 470UM
    cpe:2.3:h:intel:core_i5:470um
  • Intel Core I5 480M
    cpe:2.3:h:intel:core_i5:480m
  • Intel Core I5 520E
    cpe:2.3:h:intel:core_i5:520e
  • Intel Core I5 520M
    cpe:2.3:h:intel:core_i5:520m
  • Intel Core I5 520UM
    cpe:2.3:h:intel:core_i5:520um
  • Intel Core I5 540M
    cpe:2.3:h:intel:core_i5:540m
  • Intel Core I5 540UM
    cpe:2.3:h:intel:core_i5:540um
  • Intel Core I5 560M
    cpe:2.3:h:intel:core_i5:560m
  • Intel Core I5 560UM
    cpe:2.3:h:intel:core_i5:560um
  • Intel Core I5 580M
    cpe:2.3:h:intel:core_i5:580m
  • Intel Core I5 650
    cpe:2.3:h:intel:core_i5:650
  • Intel Core I5 655K
    cpe:2.3:h:intel:core_i5:655k
  • Intel Core I5 660
    cpe:2.3:h:intel:core_i5:660
  • Intel Core I5 661
    cpe:2.3:h:intel:core_i5:661
  • Intel Core I5 670
    cpe:2.3:h:intel:core_i5:670
  • Intel Core I5 680
    cpe:2.3:h:intel:core_i5:680
  • Intel Core I5 750
    cpe:2.3:h:intel:core_i5:750
  • Intel Core I5 750S
    cpe:2.3:h:intel:core_i5:750s
  • Intel Core I5 760
    cpe:2.3:h:intel:core_i5:760
  • Intel Core I5 2300
    cpe:2.3:h:intel:core_i5:2300
  • Intel Core I5 2310
    cpe:2.3:h:intel:core_i5:2310
  • Intel Core I5 2320
    cpe:2.3:h:intel:core_i5:2320
  • Intel Core I5 2380P
    cpe:2.3:h:intel:core_i5:2380p
  • Intel Core I5 2390T
    cpe:2.3:h:intel:core_i5:2390t
  • Intel Core I5 2400
    cpe:2.3:h:intel:core_i5:2400
  • Intel Core I5 2400S
    cpe:2.3:h:intel:core_i5:2400s
  • Intel Core I5 2405S
    cpe:2.3:h:intel:core_i5:2405s
  • Intel Core I5 2410M
    cpe:2.3:h:intel:core_i5:2410m
  • Intel Core I5 2430M
    cpe:2.3:h:intel:core_i5:2430m
  • Intel Core I5 2435M
    cpe:2.3:h:intel:core_i5:2435m
  • Intel Core I5 2450M
    cpe:2.3:h:intel:core_i5:2450m
  • Intel Core I5 2450P
    cpe:2.3:h:intel:core_i5:2450p
  • Intel Core I5 2467M
    cpe:2.3:h:intel:core_i5:2467m
  • Intel Core I5 2500
    cpe:2.3:h:intel:core_i5:2500
  • Intel Core I5 2500K
    cpe:2.3:h:intel:core_i5:2500k
  • Intel Core I5 2500S
    cpe:2.3:h:intel:core_i5:2500s
  • Intel Core I5 2500T
    cpe:2.3:h:intel:core_i5:2500t
  • Intel Core I5 2510E
    cpe:2.3:h:intel:core_i5:2510e
  • Intel Core I5 2515E
    cpe:2.3:h:intel:core_i5:2515e
  • Intel Core I5 2520M
    cpe:2.3:h:intel:core_i5:2520m
  • Intel Core I5 2537M
    cpe:2.3:h:intel:core_i5:2537m
  • Intel Core I5 2540M
    cpe:2.3:h:intel:core_i5:2540m
  • Intel Core I5 2550K
    cpe:2.3:h:intel:core_i5:2550k
  • Intel Core I5 2557M
    cpe:2.3:h:intel:core_i5:2557m
  • Intel Core I5 3210M
    cpe:2.3:h:intel:core_i5:3210m
  • Intel Core I5 3230M
    cpe:2.3:h:intel:core_i5:3230m
  • Intel Core I5 3317U
    cpe:2.3:h:intel:core_i5:3317u
  • Intel Core I5 3320M
    cpe:2.3:h:intel:core_i5:3320m
  • Intel Core I5 3330
    cpe:2.3:h:intel:core_i5:3330
  • Intel Core I5 3330S
    cpe:2.3:h:intel:core_i5:3330s
  • Intel Core I5 3337U
    cpe:2.3:h:intel:core_i5:3337u
  • Intel Core I5 3339Y
    cpe:2.3:h:intel:core_i5:3339y
  • Intel Core I5 3340
    cpe:2.3:h:intel:core_i5:3340
  • Intel Core I5 3340M
    cpe:2.3:h:intel:core_i5:3340m
  • Intel Core I5 3340S
    cpe:2.3:h:intel:core_i5:3340s
  • Intel Core I5 3350P
    cpe:2.3:h:intel:core_i5:3350p
  • Intel Core I5 3360M
    cpe:2.3:h:intel:core_i5:3360m
  • Intel Core I5 3380M
    cpe:2.3:h:intel:core_i5:3380m
  • Intel Core I5 3427U
    cpe:2.3:h:intel:core_i5:3427u
  • Intel Core I5 3437U
    cpe:2.3:h:intel:core_i5:3437u
  • Intel Core I5 3439Y
    cpe:2.3:h:intel:core_i5:3439y
  • Intel Core I5 3450
    cpe:2.3:h:intel:core_i5:3450
  • Intel Core I5 3450S
    cpe:2.3:h:intel:core_i5:3450s
  • Intel Core I5 3470
    cpe:2.3:h:intel:core_i5:3470
  • Intel Core I5 3470S
    cpe:2.3:h:intel:core_i5:3470s
  • Intel Core I5 3470T
    cpe:2.3:h:intel:core_i5:3470t
  • Intel Core I5 3475S
    cpe:2.3:h:intel:core_i5:3475s
  • Intel Core I5 3550
    cpe:2.3:h:intel:core_i5:3550
  • Intel Core I5 3550S
    cpe:2.3:h:intel:core_i5:3550s
  • Intel Core I5 3570
    cpe:2.3:h:intel:core_i5:3570
  • Intel Core I5 3570K
    cpe:2.3:h:intel:core_i5:3570k
  • Intel Core I5 3570S
    cpe:2.3:h:intel:core_i5:3570s
  • Intel Core I5 3570T
    cpe:2.3:h:intel:core_i5:3570t
  • Intel Core I5 3610ME
    cpe:2.3:h:intel:core_i5:3610me
  • Intel Core I5 4200H
    cpe:2.3:h:intel:core_i5:4200h
  • Intel Core I5 4200M
    cpe:2.3:h:intel:core_i5:4200m
  • Intel Core I5 4200U
    cpe:2.3:h:intel:core_i5:4200u
  • Intel Core I5 4200Y
    cpe:2.3:h:intel:core_i5:4200y
  • Intel Core I5 4202Y
    cpe:2.3:h:intel:core_i5:4202y
  • Intel Core I5 4210H
    cpe:2.3:h:intel:core_i5:4210h
  • Intel Core I5 4210M
    cpe:2.3:h:intel:core_i5:4210m
  • Intel Core I5 4210U
    cpe:2.3:h:intel:core_i5:4210u
  • Intel Core I5 4210Y
    cpe:2.3:h:intel:core_i5:4210y
  • Intel Core I5 4220Y
    cpe:2.3:h:intel:core_i5:4220y
  • Intel Core I5 4250U
    cpe:2.3:h:intel:core_i5:4250u
  • Intel Core I5 4258U
    cpe:2.3:h:intel:core_i5:4258u
  • Intel Core I5 4260U
    cpe:2.3:h:intel:core_i5:4260u
  • Intel Core I5 4278U
    cpe:2.3:h:intel:core_i5:4278u
  • Intel Core I5 4288U
    cpe:2.3:h:intel:core_i5:4288u
  • Intel Core I5 4300M
    cpe:2.3:h:intel:core_i5:4300m
  • Intel Core I5 4300U
    cpe:2.3:h:intel:core_i5:4300u
  • Intel Core I5 4300Y
    cpe:2.3:h:intel:core_i5:4300y
  • Intel Core I5 4302Y
    cpe:2.3:h:intel:core_i5:4302y
  • Intel Core I5 4308U
    cpe:2.3:h:intel:core_i5:4308u
  • Intel Core I5 4310M
    cpe:2.3:h:intel:core_i5:4310m
  • Intel Core I5 4310U
    cpe:2.3:h:intel:core_i5:4310u
  • Intel Core I5 4330M
    cpe:2.3:h:intel:core_i5:4330m
  • Intel Core I5 4340M
    cpe:2.3:h:intel:core_i5:4340m
  • Intel Core I5 4350U
    cpe:2.3:h:intel:core_i5:4350u
  • Intel Core I5 4360U
    cpe:2.3:h:intel:core_i5:4360u
  • Intel Core I5 4400E
    cpe:2.3:h:intel:core_i5:4400e
  • Intel Core I5 4402E
    cpe:2.3:h:intel:core_i5:4402e
  • Intel Core I5 4402EC
    cpe:2.3:h:intel:core_i5:4402ec
  • Intel Core I5 4410E
    cpe:2.3:h:intel:core_i5:4410e
  • Intel Core I5 4422E
    cpe:2.3:h:intel:core_i5:4422e
  • Intel Core I5 4430
    cpe:2.3:h:intel:core_i5:4430
  • Intel Core I5 4430S
    cpe:2.3:h:intel:core_i5:4430s
  • Intel Core I5 4440
    cpe:2.3:h:intel:core_i5:4440
  • Intel Core I5 4440S
    cpe:2.3:h:intel:core_i5:4440s
  • Intel Core I5 4460
    cpe:2.3:h:intel:core_i5:4460
  • Intel Core I5 4460S
    cpe:2.3:h:intel:core_i5:4460s
  • Intel Core I5 4460T
    cpe:2.3:h:intel:core_i5:4460t
  • Intel Core I5 4570
    cpe:2.3:h:intel:core_i5:4570
  • Intel Core I5 4570R
    cpe:2.3:h:intel:core_i5:4570r
  • Intel Core I5 4570S
    cpe:2.3:h:intel:core_i5:4570s
  • Intel Core I5 4570T
    cpe:2.3:h:intel:core_i5:4570t
  • Intel Core I5 4570TE
    cpe:2.3:h:intel:core_i5:4570te
  • Intel Core I5 4590
    cpe:2.3:h:intel:core_i5:4590
  • Intel Core I5 4590S
    cpe:2.3:h:intel:core_i5:4590s
  • Intel Core I5 4590T
    cpe:2.3:h:intel:core_i5:4590t
  • Intel Core I5 4670
    cpe:2.3:h:intel:core_i5:4670
  • Intel Core I5 4670K
    cpe:2.3:h:intel:core_i5:4670k
  • Intel Core I5 4670R
    cpe:2.3:h:intel:core_i5:4670r
  • Intel Core I5 4670S
    cpe:2.3:h:intel:core_i5:4670s
  • Intel Core I5 4670T
    cpe:2.3:h:intel:core_i5:4670t
  • Intel Core I5 4690
    cpe:2.3:h:intel:core_i5:4690
  • Intel Core I5 4690K
    cpe:2.3:h:intel:core_i5:4690k
  • Intel Core I5 4690S
    cpe:2.3:h:intel:core_i5:4690s
  • Intel Core I5 4690T
    cpe:2.3:h:intel:core_i5:4690t
  • Intel Core I5 5200U
    cpe:2.3:h:intel:core_i5:5200u
  • Intel Core I5 5250U
    cpe:2.3:h:intel:core_i5:5250u
  • Intel Core I5 5257U
    cpe:2.3:h:intel:core_i5:5257u
  • Intel Core I5 5287U
    cpe:2.3:h:intel:core_i5:5287u
  • Intel Core I5 5300U
    cpe:2.3:h:intel:core_i5:5300u
  • Intel Core I5 5350H
    cpe:2.3:h:intel:core_i5:5350h
  • Intel Core I5 5350U
    cpe:2.3:h:intel:core_i5:5350u
  • Intel Core I5 5575R
    cpe:2.3:h:intel:core_i5:5575r
  • Intel Core I5 5675C
    cpe:2.3:h:intel:core_i5:5675c
  • Intel Core I5 5675R
    cpe:2.3:h:intel:core_i5:5675r
  • Intel Core I5 6200U
    cpe:2.3:h:intel:core_i5:6200u
  • Intel Core I5 6260U
    cpe:2.3:h:intel:core_i5:6260u
  • Intel Core I5 6267U
    cpe:2.3:h:intel:core_i5:6267u
  • Intel Core I5 6287U
    cpe:2.3:h:intel:core_i5:6287u
  • Intel Core I5 6300HQ
    cpe:2.3:h:intel:core_i5:6300hq
  • Intel Core I5 6300U
    cpe:2.3:h:intel:core_i5:6300u
  • Intel Core I5 6350HQ
    cpe:2.3:h:intel:core_i5:6350hq
  • Intel Core I5 6360U
    cpe:2.3:h:intel:core_i5:6360u
  • Intel Core I5 6400
    cpe:2.3:h:intel:core_i5:6400
  • Intel Core I5 6400T
    cpe:2.3:h:intel:core_i5:6400t
  • Intel Core I5 6402P
    cpe:2.3:h:intel:core_i5:6402p
  • Intel Core I5 6440EQ
    cpe:2.3:h:intel:core_i5:6440eq
  • Intel Core I5 6440HQ
    cpe:2.3:h:intel:core_i5:6440hq
  • Intel Core I5 6442EQ
    cpe:2.3:h:intel:core_i5:6442eq
  • Intel Core I5 6500
    cpe:2.3:h:intel:core_i5:6500
  • Intel Core I5 6500T
    cpe:2.3:h:intel:core_i5:6500t
  • Intel Core I5 6500TE
    cpe:2.3:h:intel:core_i5:6500te
  • Intel Core I5 6585R
    cpe:2.3:h:intel:core_i5:6585r
  • Intel Core I5 6600
    cpe:2.3:h:intel:core_i5:6600
  • Intel Core I5 6600K
    cpe:2.3:h:intel:core_i5:6600k
  • Intel Core I5 6600T
    cpe:2.3:h:intel:core_i5:6600t
  • Intel Core I5 6685R
    cpe:2.3:h:intel:core_i5:6685r
  • Intel Core I5 8250U
    cpe:2.3:h:intel:core_i5:8250u
  • Intel Core I5 8350U
    cpe:2.3:h:intel:core_i5:8350u
  • Intel Core I5 8400
    cpe:2.3:h:intel:core_i5:8400
  • Intel Core I5 8600K
    cpe:2.3:h:intel:core_i5:8600k
  • Intel Core I7 7Y75
    cpe:2.3:h:intel:core_i7:7y75
  • Intel Core I7 610E
    cpe:2.3:h:intel:core_i7:610e
  • Intel Core I7 620LE
    cpe:2.3:h:intel:core_i7:620le
  • Intel Core I7 620LM
    cpe:2.3:h:intel:core_i7:620lm
  • Intel Core I7 620M
    cpe:2.3:h:intel:core_i7:620m
  • Intel Core I7 620UE
    cpe:2.3:h:intel:core_i7:620ue
  • Intel Core I7 620UM
    cpe:2.3:h:intel:core_i7:620um
  • Intel Core I7 640LM
    cpe:2.3:h:intel:core_i7:640lm
  • Intel Core I7 640M
    cpe:2.3:h:intel:core_i7:640m
  • Intel Core I7 640UM
    cpe:2.3:h:intel:core_i7:640um
  • Intel Core I7 660LM
    cpe:2.3:h:intel:core_i7:660lm
  • Intel Core I7 660UE
    cpe:2.3:h:intel:core_i7:660ue
  • Intel Core I7 660UM
    cpe:2.3:h:intel:core_i7:660um
  • Intel Core I7 680UM
    cpe:2.3:h:intel:core_i7:680um
  • Intel Core I7 720QM
    cpe:2.3:h:intel:core_i7:720qm
  • Intel Core I7 740QM
    cpe:2.3:h:intel:core_i7:740qm
  • Intel Core I7 820QM
    cpe:2.3:h:intel:core_i7:820qm
  • Intel Core I7 840QM
    cpe:2.3:h:intel:core_i7:840qm
  • Intel Core I7 860
    cpe:2.3:h:intel:core_i7:860
  • Intel Core I7 860S
    cpe:2.3:h:intel:core_i7:860s
  • Intel Core I7 870
    cpe:2.3:h:intel:core_i7:870
  • Intel Core I7 870S
    cpe:2.3:h:intel:core_i7:870s
  • Intel Core I7 875K
    cpe:2.3:h:intel:core_i7:875k
  • Intel Core I7 880
    cpe:2.3:h:intel:core_i7:880
  • Intel Core I7 920
    cpe:2.3:h:intel:core_i7:920
  • Intel Core I7 920XM
    cpe:2.3:h:intel:core_i7:920xm
  • Intel Core I7 930
    cpe:2.3:h:intel:core_i7:930
  • Intel Core I7 940
    cpe:2.3:h:intel:core_i7:940
  • Intel Core I7 940XM
    cpe:2.3:h:intel:core_i7:940xm
  • Intel Core I7 950
    cpe:2.3:h:intel:core_i7:950
  • Intel Core I7 960
    cpe:2.3:h:intel:core_i7:960
  • Intel Core I7 965
    cpe:2.3:h:intel:core_i7:965
  • Intel Core I7 970
    cpe:2.3:h:intel:core_i7:970
  • Intel Core I7 975
    cpe:2.3:h:intel:core_i7:975
  • Intel Core I7 980
    cpe:2.3:h:intel:core_i7:980
  • Intel Core I7 980X
    cpe:2.3:h:intel:core_i7:980x
  • Intel Core I7 990X
    cpe:2.3:h:intel:core_i7:990x
  • Intel Core I7 2600
    cpe:2.3:h:intel:core_i7:2600
  • Intel Core I7 2600K
    cpe:2.3:h:intel:core_i7:2600k
  • Intel Core I7 2600S
    cpe:2.3:h:intel:core_i7:2600s
  • Intel Core I7 2610UE
    cpe:2.3:h:intel:core_i7:2610ue
  • Intel Core I7 2617M
    cpe:2.3:h:intel:core_i7:2617m
  • Intel Core I7 2620M
    cpe:2.3:h:intel:core_i7:2620m
  • Intel Core I7 2629M
    cpe:2.3:h:intel:core_i7:2629m
  • Intel Core I7 2630QM
    cpe:2.3:h:intel:core_i7:2630qm
  • Intel Core I7 2635QM
    cpe:2.3:h:intel:core_i7:2635qm
  • Intel Core I7 2637M
    cpe:2.3:h:intel:core_i7:2637m
  • Intel Core I7 2640M
    cpe:2.3:h:intel:core_i7:2640m
  • Intel Core I7 2649M
    cpe:2.3:h:intel:core_i7:2649m
  • Intel Core I7 2655LE
    cpe:2.3:h:intel:core_i7:2655le
  • Intel Core I7 2657M
    cpe:2.3:h:intel:core_i7:2657m
  • Intel Core I7 2670QM
    cpe:2.3:h:intel:core_i7:2670qm
  • Intel Core I7 2675QM
    cpe:2.3:h:intel:core_i7:2675qm
  • Intel Core I7 2677M
    cpe:2.3:h:intel:core_i7:2677m
  • Intel Core I7 2700K
    cpe:2.3:h:intel:core_i7:2700k
  • Intel Core I7 2710QE
    cpe:2.3:h:intel:core_i7:2710qe
  • Intel Core I7 2715QE
    cpe:2.3:h:intel:core_i7:2715qe
  • Intel Core I7 2720QM
    cpe:2.3:h:intel:core_i7:2720qm
  • Intel Core I7 2760QM
    cpe:2.3:h:intel:core_i7:2760qm
  • Intel Core I7 2820QM
    cpe:2.3:h:intel:core_i7:2820qm
  • Intel Core I7 2860QM
    cpe:2.3:h:intel:core_i7:2860qm
  • Intel Core I7 2920XM
    cpe:2.3:h:intel:core_i7:2920xm
  • Intel Core I7 2960XM
    cpe:2.3:h:intel:core_i7:2960xm
  • Intel Core I7 3517U
    cpe:2.3:h:intel:core_i7:3517u
  • Intel Core I7 3517UE
    cpe:2.3:h:intel:core_i7:3517ue
  • Intel Core I7 3520M
    cpe:2.3:h:intel:core_i7:3520m
  • Intel Core I7 3537U
    cpe:2.3:h:intel:core_i7:3537u
  • Intel Core I7 3540M
    cpe:2.3:h:intel:core_i7:3540m
  • Intel Core I7 3555LE
    cpe:2.3:h:intel:core_i7:3555le
  • Intel Core I7 3610QE
    cpe:2.3:h:intel:core_i7:3610qe
  • Intel Core I7 3610QM
    cpe:2.3:h:intel:core_i7:3610qm
  • Intel Core I7 3612QE
    cpe:2.3:h:intel:core_i7:3612qe
  • Intel Core I7 3612QM
    cpe:2.3:h:intel:core_i7:3612qm
  • Intel Core I7 3615QE
    cpe:2.3:h:intel:core_i7:3615qe
  • Intel Core I7 3615QM
    cpe:2.3:h:intel:core_i7:3615qm
  • Intel Core I7 3630QM
    cpe:2.3:h:intel:core_i7:3630qm
  • Intel Core I7 3632QM
    cpe:2.3:h:intel:core_i7:3632qm
  • Intel Core I7 3635QM
    cpe:2.3:h:intel:core_i7:3635qm
  • Intel Core I7 3667U
    cpe:2.3:h:intel:core_i7:3667u
  • Intel Core I7 3687U
    cpe:2.3:h:intel:core_i7:3687u
  • Intel Core I7 3689Y
    cpe:2.3:h:intel:core_i7:3689y
  • Intel Core I7 3720QM
    cpe:2.3:h:intel:core_i7:3720qm
  • Intel Core I7 3740QM
    cpe:2.3:h:intel:core_i7:3740qm
  • Intel Core I7 3770
    cpe:2.3:h:intel:core_i7:3770
  • Intel Core I7 3770K
    cpe:2.3:h:intel:core_i7:3770k
  • Intel Core I7 3770S
    cpe:2.3:h:intel:core_i7:3770s
  • Intel Core I7 3770T
    cpe:2.3:h:intel:core_i7:3770t
  • Intel Core I7 3820QM
    cpe:2.3:h:intel:core_i7:3820qm
  • Intel Core I7 3840QM
    cpe:2.3:h:intel:core_i7:3840qm
  • Intel Core I7 4500U
    cpe:2.3:h:intel:core_i7:4500u
  • Intel Core I7 4510U
    cpe:2.3:h:intel:core_i7:4510u
  • Intel Core I7 4550U
    cpe:2.3:h:intel:core_i7:4550u
  • Intel Core I7 4558U
    cpe:2.3:h:intel:core_i7:4558u
  • Intel Core I7 4578U
    cpe:2.3:h:intel:core_i7:4578u
  • Intel Core I7 4600M
    cpe:2.3:h:intel:core_i7:4600m
  • Intel Core I7 4600U
    cpe:2.3:h:intel:core_i7:4600u
  • Intel Core I7 4610M
    cpe:2.3:h:intel:core_i7:4610m
  • Intel Core I7 4610Y
    cpe:2.3:h:intel:core_i7:4610y
  • Intel Core I7 4650U
    cpe:2.3:h:intel:core_i7:4650u
  • Intel Core I7 4700EC
    cpe:2.3:h:intel:core_i7:4700ec
  • Intel Core I7 4700EQ
    cpe:2.3:h:intel:core_i7:4700eq
  • Intel Core I7 4700HQ
    cpe:2.3:h:intel:core_i7:4700hq
  • Intel Core I7 4700MQ
    cpe:2.3:h:intel:core_i7:4700mq
  • Intel Core I7 4702EC
    cpe:2.3:h:intel:core_i7:4702ec
  • Intel Core I7 4702HQ
    cpe:2.3:h:intel:core_i7:4702hq
  • Intel Core I7 4702MQ
    cpe:2.3:h:intel:core_i7:4702mq
  • Intel Core I7 4710HQ
    cpe:2.3:h:intel:core_i7:4710hq
  • Intel Core I7 4710MQ
    cpe:2.3:h:intel:core_i7:4710mq
  • Intel Core I7 4712HQ
    cpe:2.3:h:intel:core_i7:4712hq
  • Intel Core I7 4712MQ
    cpe:2.3:h:intel:core_i7:4712mq
  • Intel Core I7 4720HQ
    cpe:2.3:h:intel:core_i7:4720hq
  • Intel Core I7 4722HQ
    cpe:2.3:h:intel:core_i7:4722hq
  • Intel Core I7 4750HQ
    cpe:2.3:h:intel:core_i7:4750hq
  • Intel Core I7 4760HQ
    cpe:2.3:h:intel:core_i7:4760hq
  • Intel Core I7 4765T
    cpe:2.3:h:intel:core_i7:4765t
  • Intel Core I7 4770
    cpe:2.3:h:intel:core_i7:4770
  • Intel Core I7 4770HQ
    cpe:2.3:h:intel:core_i7:4770hq
  • Intel Core I7 4770K
    cpe:2.3:h:intel:core_i7:4770k
  • Intel Core I7 4770R
    cpe:2.3:h:intel:core_i7:4770r
  • Intel Core I7 4770S
    cpe:2.3:h:intel:core_i7:4770s
  • Intel Core I7 4770T
    cpe:2.3:h:intel:core_i7:4770t
  • Intel Core I7 4770TE
    cpe:2.3:h:intel:core_i7:4770te
  • Intel Core I7 4771
    cpe:2.3:h:intel:core_i7:4771
  • Intel Core I7 4785T
    cpe:2.3:h:intel:core_i7:4785t
  • Intel Core I7 4790
    cpe:2.3:h:intel:core_i7:4790
  • Intel Core I7 4790K
    cpe:2.3:h:intel:core_i7:4790k
  • Intel Core I7 4790S
    cpe:2.3:h:intel:core_i7:4790s
  • Intel Core I7 4790T
    cpe:2.3:h:intel:core_i7:4790t
  • Intel Core I7 4800MQ
    cpe:2.3:h:intel:core_i7:4800mq
  • Intel Core I7 4810MQ
    cpe:2.3:h:intel:core_i7:4810mq
  • Intel Core I7 4850HQ
    cpe:2.3:h:intel:core_i7:4850hq
  • Intel Core I7 4860HQ
    cpe:2.3:h:intel:core_i7:4860hq
  • Intel Core I7 4870HQ
    cpe:2.3:h:intel:core_i7:4870hq
  • Intel Core I7 4900MQ
    cpe:2.3:h:intel:core_i7:4900mq
  • Intel Core I7 4910MQ
    cpe:2.3:h:intel:core_i7:4910mq
  • Intel Core I7 4950HQ
    cpe:2.3:h:intel:core_i7:4950hq
  • Intel Core I7 4960HQ
    cpe:2.3:h:intel:core_i7:4960hq
  • Intel Core I7 4980HQ
    cpe:2.3:h:intel:core_i7:4980hq
  • Intel Core I7 5500U
    cpe:2.3:h:intel:core_i7:5500u
  • Intel Core I7 5550U
    cpe:2.3:h:intel:core_i7:5550u
  • Intel Core I7 5557U
    cpe:2.3:h:intel:core_i7:5557u
  • Intel Core I7 5600U
    cpe:2.3:h:intel:core_i7:5600u
  • Intel Core I7 5650U
    cpe:2.3:h:intel:core_i7:5650u
  • Intel Core I7 5700EQ
    cpe:2.3:h:intel:core_i7:5700eq
  • Intel Core I7 5700HQ
    cpe:2.3:h:intel:core_i7:5700hq
  • Intel Core I7 5750HQ
    cpe:2.3:h:intel:core_i7:5750hq
  • Intel Core I7 5775C
    cpe:2.3:h:intel:core_i7:5775c
  • Intel Core I7 5775R
    cpe:2.3:h:intel:core_i7:5775r
  • Intel Core I7 5850EQ
    cpe:2.3:h:intel:core_i7:5850eq
  • Intel Core I7 5850HQ
    cpe:2.3:h:intel:core_i7:5850hq
  • Intel Core I7 5950HQ
    cpe:2.3:h:intel:core_i7:5950hq
  • Intel Core I7 7500U
    cpe:2.3:h:intel:core_i7:7500u
  • Intel Core I7 7560U
    cpe:2.3:h:intel:core_i7:7560u
  • Intel Core I7 7567U
    cpe:2.3:h:intel:core_i7:7567u
  • Intel Core I7 7600U
    cpe:2.3:h:intel:core_i7:7600u
  • Intel Core I7 7660U
    cpe:2.3:h:intel:core_i7:7660u
  • Intel Core I7 7700
    cpe:2.3:h:intel:core_i7:7700
  • Intel Core I7 7700HQ
    cpe:2.3:h:intel:core_i7:7700hq
  • Intel Core I7 7700K
    cpe:2.3:h:intel:core_i7:7700k
  • Intel Core I7 7700T
    cpe:2.3:h:intel:core_i7:7700t
  • Intel Core I7 7820EQ
    cpe:2.3:h:intel:core_i7:7820eq
  • Intel Core I7 7820HK
    cpe:2.3:h:intel:core_i7:7820hk
  • Intel Core I7 7820HQ
    cpe:2.3:h:intel:core_i7:7820hq
  • Intel Core I7 7920HQ
    cpe:2.3:h:intel:core_i7:7920hq
  • Intel Core I7 8550U
    cpe:2.3:h:intel:core_i7:8550u
  • Intel Core I7 8650U
    cpe:2.3:h:intel:core_i7:8650u
  • Intel Core I7 8700
    cpe:2.3:h:intel:core_i7:8700
  • Intel Core I7 8700K
    cpe:2.3:h:intel:core_i7:8700k
  • Intel Core M 5Y10
    cpe:2.3:h:intel:core_m:5y10
  • Intel Core M 5Y10A
    cpe:2.3:h:intel:core_m:5y10a
  • Intel Core M 5Y10C
    cpe:2.3:h:intel:core_m:5y10c
  • Intel Core M 5Y31
    cpe:2.3:h:intel:core_m:5y31
  • Intel Core M 5Y51
    cpe:2.3:h:intel:core_m:5y51
  • Intel Core M 5Y70
    cpe:2.3:h:intel:core_m:5y70
  • Intel Core M 5Y71
    cpe:2.3:h:intel:core_m:5y71
  • Intel Core M3 6Y30
    cpe:2.3:h:intel:core_m3:6y30
  • Intel Core M3 7Y30
    cpe:2.3:h:intel:core_m3:7y30
  • Intel Core M3 7Y32
    cpe:2.3:h:intel:core_m3:7y32
  • Intel Core M5 6Y54
    cpe:2.3:h:intel:core_m5:6y54
  • Intel Core M5 6Y57
    cpe:2.3:h:intel:core_m5:6y57
  • Intel Core M7 6Y75
    cpe:2.3:h:intel:core_m7:6y75
  • Intel Pentium J J2850
    cpe:2.3:h:intel:pentium_j:j2850
  • Intel Pentium J J2900
    cpe:2.3:h:intel:pentium_j:j2900
  • Intel Pentium J J3710
    cpe:2.3:h:intel:pentium_j:j3710
  • Intel Pentium J J4205
    cpe:2.3:h:intel:pentium_j:j4205
  • Intel Pentium N N3510
    cpe:2.3:h:intel:pentium_n:n3510
  • Intel Pentium N N3520
    cpe:2.3:h:intel:pentium_n:n3520
  • Intel Pentium N N3530
    cpe:2.3:h:intel:pentium_n:n3530
  • Intel Pentium N N3540
    cpe:2.3:h:intel:pentium_n:n3540
  • Intel Pentium N N3700
    cpe:2.3:h:intel:pentium_n:n3700
  • Intel Pentium N N3710
    cpe:2.3:h:intel:pentium_n:n3710
  • Intel Pentium N N4200
    cpe:2.3:h:intel:pentium_n:n4200
  • Intel Xeon E5502
    cpe:2.3:h:intel:xeon:e5502
  • Intel Xeon E5503
    cpe:2.3:h:intel:xeon:e5503
  • Intel Xeon E5504
    cpe:2.3:h:intel:xeon:e5504
  • Intel Xeon E5506
    cpe:2.3:h:intel:xeon:e5506
  • Intel Xeon E5507
    cpe:2.3:h:intel:xeon:e5507
  • Intel Xeon E5520
    cpe:2.3:h:intel:xeon:e5520
  • Intel Xeon E5530
    cpe:2.3:h:intel:xeon:e5530
  • Intel Xeon E5540
    cpe:2.3:h:intel:xeon:e5540
  • Intel Xeon E5603
    cpe:2.3:h:intel:xeon:e5603
  • Intel Xeon E5606
    cpe:2.3:h:intel:xeon:e5606
  • Intel Xeon E5607
    cpe:2.3:h:intel:xeon:e5607
  • Intel Xeon E5620
    cpe:2.3:h:intel:xeon:e5620
  • Intel Xeon E5630
    cpe:2.3:h:intel:xeon:e5630
  • Intel Xeon E5640
    cpe:2.3:h:intel:xeon:e5640
  • Intel Xeon E5645
    cpe:2.3:h:intel:xeon:e5645
  • Intel Xeon E5649
    cpe:2.3:h:intel:xeon:e5649
  • Intel Xeon E6510
    cpe:2.3:h:intel:xeon:e6510
  • Intel Xeon E6540
    cpe:2.3:h:intel:xeon:e6540
  • Intel Xeon E7520
    cpe:2.3:h:intel:xeon:e7520
  • Intel Xeon E7530
    cpe:2.3:h:intel:xeon:e7530
  • Intel Xeon E7540
    cpe:2.3:h:intel:xeon:e7540
  • Intel Xeon EC5509
    cpe:2.3:h:intel:xeon:ec5509
  • Intel Xeon EC5539
    cpe:2.3:h:intel:xeon:ec5539
  • Intel Xeon EC5549
    cpe:2.3:h:intel:xeon:ec5549
  • Intel Xeon L3406
    cpe:2.3:h:intel:xeon:l3406
  • Intel Xeon L3426
    cpe:2.3:h:intel:xeon:l3426
  • Intel Xeon L5506
    cpe:2.3:h:intel:xeon:l5506
  • Intel Xeon L5508
    cpe:2.3:h:intel:xeon:l5508
  • Intel Xeon L5518
    cpe:2.3:h:intel:xeon:l5518
  • Intel Xeon L5520
    cpe:2.3:h:intel:xeon:l5520
  • Intel Xeon L5530
    cpe:2.3:h:intel:xeon:l5530
  • Intel Xeon L5609
    cpe:2.3:h:intel:xeon:l5609
  • Intel Xeon L5618
    cpe:2.3:h:intel:xeon:l5618
  • Intel Xeon L5630
    cpe:2.3:h:intel:xeon:l5630
  • Intel Xeon L5638
    cpe:2.3:h:intel:xeon:l5638
  • Intel Xeon L5640
    cpe:2.3:h:intel:xeon:l5640
  • Intel Xeon L7545
    cpe:2.3:h:intel:xeon:l7545
  • Intel Xeon L7555
    cpe:2.3:h:intel:xeon:l7555
  • Intel Xeon LC5518
    cpe:2.3:h:intel:xeon:lc5518
  • Intel Xeon LC5528
    cpe:2.3:h:intel:xeon:lc5528
  • Intel Xeon W3670
    cpe:2.3:h:intel:xeon:w3670
  • Intel Xeon W3680
    cpe:2.3:h:intel:xeon:w3680
  • Intel Xeon W3690
    cpe:2.3:h:intel:xeon:w3690
  • Intel Xeon W5580
    cpe:2.3:h:intel:xeon:w5580
  • Intel Xeon W5590
    cpe:2.3:h:intel:xeon:w5590
  • Intel Xeon X3430
    cpe:2.3:h:intel:xeon:x3430
  • Intel Xeon X3440
    cpe:2.3:h:intel:xeon:x3440
  • Intel Xeon X3450
    cpe:2.3:h:intel:xeon:x3450
  • Intel Xeon X3460
    cpe:2.3:h:intel:xeon:x3460
  • Intel Xeon X3470
    cpe:2.3:h:intel:xeon:x3470
  • Intel Xeon X3480
    cpe:2.3:h:intel:xeon:x3480
  • Intel Xeon X5550
    cpe:2.3:h:intel:xeon:x5550
  • Intel Xeon X5560
    cpe:2.3:h:intel:xeon:x5560
  • Intel Xeon X5570
    cpe:2.3:h:intel:xeon:x5570
  • Intel Xeon X5647
    cpe:2.3:h:intel:xeon:x5647
  • Intel Xeon X5650
    cpe:2.3:h:intel:xeon:x5650
  • Intel Xeon X5660
    cpe:2.3:h:intel:xeon:x5660
  • Intel Xeon X5667
    cpe:2.3:h:intel:xeon:x5667
  • Intel Xeon X5670
    cpe:2.3:h:intel:xeon:x5670
  • Intel Xeon X5672
    cpe:2.3:h:intel:xeon:x5672
  • Intel Xeon X5675
    cpe:2.3:h:intel:xeon:x5675
  • Intel Xeon X5677
    cpe:2.3:h:intel:xeon:x5677
  • Intel Xeon X5680
    cpe:2.3:h:intel:xeon:x5680
  • Intel Xeon X5687
    cpe:2.3:h:intel:xeon:x5687
  • Intel Xeon X5690
    cpe:2.3:h:intel:xeon:x5690
  • Intel Xeon X6550
    cpe:2.3:h:intel:xeon:x6550
  • Intel Xeon X7542
    cpe:2.3:h:intel:xeon:x7542
  • Intel Xeon X7550
    cpe:2.3:h:intel:xeon:x7550
  • Intel Xeon X7560
    cpe:2.3:h:intel:xeon:x7560
  • Intel Xeon Bronze 3104
    cpe:2.3:h:intel:xeon_bronze:3104
  • Intel Xeon Bronze 3106
    cpe:2.3:h:intel:xeon_bronze:3106
  • Intel Xeon E3 1105C
    cpe:2.3:h:intel:xeon_e3:1105c
  • Intel Xeon E3 1105C V2
    cpe:2.3:h:intel:xeon_e3:1105c_v2
  • Intel Xeon E3 1125C
    cpe:2.3:h:intel:xeon_e3:1125c
  • Intel Xeon E3 1125C V2
    cpe:2.3:h:intel:xeon_e3:1125c_v2
  • Intel Xeon E3 1220
    cpe:2.3:h:intel:xeon_e3:1220
  • Intel Xeon E3 1220 V2
    cpe:2.3:h:intel:xeon_e3:1220_v2
  • Intel Xeon E3 1220 V3
    cpe:2.3:h:intel:xeon_e3:1220_v3
  • Intel Xeon E3 1220 V5
    cpe:2.3:h:intel:xeon_e3:1220_v5
  • Intel Xeon E3 1220 V6
    cpe:2.3:h:intel:xeon_e3:1220_v6
  • Intel Xeon E3 1220L
    cpe:2.3:h:intel:xeon_e3:1220l
  • Intel Xeon E3 1220L V2
    cpe:2.3:h:intel:xeon_e3:1220l_v2
  • Intel Xeon E3 1220L V3
    cpe:2.3:h:intel:xeon_e3:1220l_v3
  • Intel Xeon E3 1225
    cpe:2.3:h:intel:xeon_e3:1225
  • Intel Xeon E3 1225 V2
    cpe:2.3:h:intel:xeon_e3:1225_v2
  • Intel Xeon E3 1225 V3
    cpe:2.3:h:intel:xeon_e3:1225_v3
  • Intel Xeon E3 1225 V5
    cpe:2.3:h:intel:xeon_e3:1225_v5
  • Intel Xeon E3 1225 V6
    cpe:2.3:h:intel:xeon_e3:1225_v6
  • Intel Xeon E3 1226 V3
    cpe:2.3:h:intel:xeon_e3:1226_v3
  • Intel Xeon E3 1230
    cpe:2.3:h:intel:xeon_e3:1230
  • Intel Xeon E3 1230 V2
    cpe:2.3:h:intel:xeon_e3:1230_v2
  • Intel Xeon E3 1230 V3
    cpe:2.3:h:intel:xeon_e3:1230_v3
  • Intel Xeon E3 1230 V5
    cpe:2.3:h:intel:xeon_e3:1230_v5
  • Intel Xeon E3 1230 V6
    cpe:2.3:h:intel:xeon_e3:1230_v6
  • Intel Xeon E3 1230L V3
    cpe:2.3:h:intel:xeon_e3:1230l_v3
  • Intel Xeon E3 1231 V3
    cpe:2.3:h:intel:xeon_e3:1231_v3
  • Intel Xeon E3 1235
    cpe:2.3:h:intel:xeon_e3:1235
  • Intel Xeon E3 1235L V5
    cpe:2.3:h:intel:xeon_e3:1235l_v5
  • Intel Xeon E3 1240
    cpe:2.3:h:intel:xeon_e3:1240
  • Intel Xeon E3 1240 V2
    cpe:2.3:h:intel:xeon_e3:1240_v2
  • Intel Xeon E3 1240 V3
    cpe:2.3:h:intel:xeon_e3:1240_v3
  • Intel Xeon E3 1240 V5
    cpe:2.3:h:intel:xeon_e3:1240_v5
  • Intel Xeon E3 1240 V6
    cpe:2.3:h:intel:xeon_e3:1240_v6
  • Intel Xeon E3 1240L V3
    cpe:2.3:h:intel:xeon_e3:1240l_v3
  • Intel Xeon E3 1240L V5
    cpe:2.3:h:intel:xeon_e3:1240l_v5
  • Intel Xeon E3 1241 V3
    cpe:2.3:h:intel:xeon_e3:1241_v3
  • Intel Xeon E3 1245
    cpe:2.3:h:intel:xeon_e3:1245
  • Intel Xeon E3 1245 V2
    cpe:2.3:h:intel:xeon_e3:1245_v2
  • Intel Xeon E3 1245 V3
    cpe:2.3:h:intel:xeon_e3:1245_v3
  • Intel Xeon E3 1245 V5
    cpe:2.3:h:intel:xeon_e3:1245_v5
  • Intel Xeon E3 1245 V6
    cpe:2.3:h:intel:xeon_e3:1245_v6
  • Intel Xeon E3 1246 V3
    cpe:2.3:h:intel:xeon_e3:1246_v3
  • Intel Xeon E3 1258L V4
    cpe:2.3:h:intel:xeon_e3:1258l_v4
  • Intel Xeon E3 1260L
    cpe:2.3:h:intel:xeon_e3:1260l
  • Intel Xeon E3 1260L V5
    cpe:2.3:h:intel:xeon_e3:1260l_v5
  • Intel Xeon E3 1265L V2
    cpe:2.3:h:intel:xeon_e3:1265l_v2
  • Intel Xeon E3 1265L V3
    cpe:2.3:h:intel:xeon_e3:1265l_v3
  • Intel Xeon E3 1265L V4
    cpe:2.3:h:intel:xeon_e3:1265l_v4
  • Intel Xeon E3 1268L V3
    cpe:2.3:h:intel:xeon_e3:1268l_v3
  • Intel Xeon E3 1268L V5
    cpe:2.3:h:intel:xeon_e3:1268l_v5
  • Intel Xeon E3 1270
    cpe:2.3:h:intel:xeon_e3:1270
  • Intel Xeon E3 1270 V2
    cpe:2.3:h:intel:xeon_e3:1270_v2
  • Intel Xeon E3 1270 V3
    cpe:2.3:h:intel:xeon_e3:1270_v3
  • Intel Xeon E3 1270 V5
    cpe:2.3:h:intel:xeon_e3:1270_v5
  • Intel Xeon E3 1270 V6
    cpe:2.3:h:intel:xeon_e3:1270_v6
  • Intel Xeon E3 1271 V3
    cpe:2.3:h:intel:xeon_e3:1271_v3
  • Intel Xeon E3 1275
    cpe:2.3:h:intel:xeon_e3:1275
  • Intel Xeon E3 1275 V2
    cpe:2.3:h:intel:xeon_e3:1275_v2
  • Intel Xeon E3 1275 V3
    cpe:2.3:h:intel:xeon_e3:1275_v3
  • Intel Xeon E3 1275 V5
    cpe:2.3:h:intel:xeon_e3:1275_v5
  • Intel Xeon E3 1275 V6
    cpe:2.3:h:intel:xeon_e3:1275_v6
  • Intel Xeon E3 1275L V3
    cpe:2.3:h:intel:xeon_e3:1275l_v3
  • Intel Xeon E3 1276 V3
    cpe:2.3:h:intel:xeon_e3:1276_v3
  • Intel Xeon E3 1278L V4
    cpe:2.3:h:intel:xeon_e3:1278l_v4
  • Intel Xeon E3 1280
    cpe:2.3:h:intel:xeon_e3:1280
  • Intel Xeon E3 1280 V2
    cpe:2.3:h:intel:xeon_e3:1280_v2
  • Intel Xeon E3 1280 V3
    cpe:2.3:h:intel:xeon_e3:1280_v3
  • Intel Xeon E3 1280 V5
    cpe:2.3:h:intel:xeon_e3:1280_v5
  • Intel Xeon E3 1280 V6
    cpe:2.3:h:intel:xeon_e3:1280_v6
  • Intel Xeon E3 1281 V3
    cpe:2.3:h:intel:xeon_e3:1281_v3
  • Intel Xeon E3 1285 V3
    cpe:2.3:h:intel:xeon_e3:1285_v3
  • Intel Xeon E3 1285 V4
    cpe:2.3:h:intel:xeon_e3:1285_v4
  • Intel Xeon E3 1285 V6
    cpe:2.3:h:intel:xeon_e3:1285_v6
  • Intel Xeon E3 1285L V3
    cpe:2.3:h:intel:xeon_e3:1285l_v3
  • Intel Xeon E3 1285L V4
    cpe:2.3:h:intel:xeon_e3:1285l_v4
  • Intel Xeon E3 1286 V3
    cpe:2.3:h:intel:xeon_e3:1286_v3
  • Intel Xeon E3 1286L V3
    cpe:2.3:h:intel:xeon_e3:1286l_v3
  • Intel Xeon E3 1290
    cpe:2.3:h:intel:xeon_e3:1290
  • Intel Xeon E3 1290 V2
    cpe:2.3:h:intel:xeon_e3:1290_v2
  • Intel Xeon E3 1501L V6
    cpe:2.3:h:intel:xeon_e3:1501l_v6
  • Intel Xeon E3 1501M V6
    cpe:2.3:h:intel:xeon_e3:1501m_v6
  • Intel Xeon E3 1505L V5
    cpe:2.3:h:intel:xeon_e3:1505l_v5
  • Intel Xeon E3 1505L V6
    cpe:2.3:h:intel:xeon_e3:1505l_v6
  • Intel Xeon E3 1505M V5
    cpe:2.3:h:intel:xeon_e3:1505m_v5
  • Intel Xeon E3 1505M V6
    cpe:2.3:h:intel:xeon_e3:1505m_v6
  • Intel Xeon E3 1515M V5
    cpe:2.3:h:intel:xeon_e3:1515m_v5
  • Intel Xeon E3 1535M V5
    cpe:2.3:h:intel:xeon_e3:1535m_v5
  • Intel Xeon E3 1535M V6
    cpe:2.3:h:intel:xeon_e3:1535m_v6
  • Intel Xeon E3 1545M V5
    cpe:2.3:h:intel:xeon_e3:1545m_v5
  • Intel Xeon E3 1558L V5
    cpe:2.3:h:intel:xeon_e3:1558l_v5
  • Intel Xeon E3 1565L V5
    cpe:2.3:h:intel:xeon_e3:1565l_v5
  • Intel Xeon E3 1575M V5
    cpe:2.3:h:intel:xeon_e3:1575m_v5
  • Intel Xeon E3 1578L V5
    cpe:2.3:h:intel:xeon_e3:1578l_v5
  • Intel Xeon E3 1585 V5
    cpe:2.3:h:intel:xeon_e3:1585_v5
  • Intel Xeon E3 1585L V5
    cpe:2.3:h:intel:xeon_e3:1585l_v5
  • Intel Xeon E5 1428L
    cpe:2.3:h:intel:xeon_e5:1428l
  • Intel Xeon E5 1428L V2
    cpe:2.3:h:intel:xeon_e5:1428l_v2
  • Intel Xeon E5 1428L V3
    cpe:2.3:h:intel:xeon_e5:1428l_v3
  • Intel Xeon E5 1620
    cpe:2.3:h:intel:xeon_e5:1620
  • Intel Xeon E5 1620 V2
    cpe:2.3:h:intel:xeon_e5:1620_v2
  • Intel Xeon E5 1620 V3
    cpe:2.3:h:intel:xeon_e5:1620_v3
  • Intel Xeon E5 1620 V4
    cpe:2.3:h:intel:xeon_e5:1620_v4
  • Intel Xeon E5 1630 V3
    cpe:2.3:h:intel:xeon_e5:1630_v3
  • Intel Xeon E5 1630 V4
    cpe:2.3:h:intel:xeon_e5:1630_v4
  • Intel Xeon E5 1650
    cpe:2.3:h:intel:xeon_e5:1650
  • Intel Xeon E5 1650 V2
    cpe:2.3:h:intel:xeon_e5:1650_v2
  • Intel Xeon E5 1650 V3
    cpe:2.3:h:intel:xeon_e5:1650_v3
  • Intel Xeon E5 1650 V4
    cpe:2.3:h:intel:xeon_e5:1650_v4
  • Intel Xeon E5 1660
    cpe:2.3:h:intel:xeon_e5:1660
  • Intel Xeon E5 1660 V2
    cpe:2.3:h:intel:xeon_e5:1660_v2
  • Intel Xeon E5 1660 V3
    cpe:2.3:h:intel:xeon_e5:1660_v3
  • Intel Xeon E5 1660 V4
    cpe:2.3:h:intel:xeon_e5:1660_v4
  • Intel Xeon E5 1680 V3
    cpe:2.3:h:intel:xeon_e5:1680_v3
  • Intel Xeon E5 1680 V4
    cpe:2.3:h:intel:xeon_e5:1680_v4
  • Intel Xeon E5 2403
    cpe:2.3:h:intel:xeon_e5:2403
  • Intel Xeon E5 2403 V2
    cpe:2.3:h:intel:xeon_e5:2403_v2
  • Intel Xeon E5 2407
    cpe:2.3:h:intel:xeon_e5:2407
  • Intel Xeon E5 2407 V2
    cpe:2.3:h:intel:xeon_e5:2407_v2
  • Intel Xeon E5 2408L V3
    cpe:2.3:h:intel:xeon_e5:2408l_v3
  • Intel Xeon E5 2418L
    cpe:2.3:h:intel:xeon_e5:2418l
  • Intel Xeon E5 2418L V2
    cpe:2.3:h:intel:xeon_e5:2418l_v2
  • Intel Xeon E5 2418L V3
    cpe:2.3:h:intel:xeon_e5:2418l_v3
  • Intel Xeon E5 2420
    cpe:2.3:h:intel:xeon_e5:2420
  • Intel Xeon E5 2420 V2
    cpe:2.3:h:intel:xeon_e5:2420_v2
  • Intel Xeon E5 2428L
    cpe:2.3:h:intel:xeon_e5:2428l
  • Intel Xeon E5 2428L V2
    cpe:2.3:h:intel:xeon_e5:2428l_v2
  • Intel Xeon E5 2428L V3
    cpe:2.3:h:intel:xeon_e5:2428l_v3
  • Intel Xeon E5 2430
    cpe:2.3:h:intel:xeon_e5:2430
  • Intel Xeon E5 2430 V2
    cpe:2.3:h:intel:xeon_e5:2430_v2
  • Intel Xeon E5 2430L
    cpe:2.3:h:intel:xeon_e5:2430l
  • Intel Xeon E5 2430L V2
    cpe:2.3:h:intel:xeon_e5:2430l_v2
  • Intel Xeon E5 2438L V3
    cpe:2.3:h:intel:xeon_e5:2438l_v3
  • Intel Xeon E5 2440
    cpe:2.3:h:intel:xeon_e5:2440
  • Intel Xeon E5 2440 V2
    cpe:2.3:h:intel:xeon_e5:2440_v2
  • Intel Xeon E5 2448L
    cpe:2.3:h:intel:xeon_e5:2448l
  • Intel Xeon E5 2448L V2
    cpe:2.3:h:intel:xeon_e5:2448l_v2
  • Intel Xeon E5 2450
    cpe:2.3:h:intel:xeon_e5:2450
  • Intel Xeon E5 2450 V2
    cpe:2.3:h:intel:xeon_e5:2450_v2
  • Intel Xeon E5 2450L
    cpe:2.3:h:intel:xeon_e5:2450l
  • Intel Xeon E5 2450L V2
    cpe:2.3:h:intel:xeon_e5:2450l_v2
  • Intel Xeon E5 2470
    cpe:2.3:h:intel:xeon_e5:2470
  • Intel Xeon E5 2470 V2
    cpe:2.3:h:intel:xeon_e5:2470_v2
  • Intel Xeon E5 2603
    cpe:2.3:h:intel:xeon_e5:2603
  • Intel Xeon E5 2603 V2
    cpe:2.3:h:intel:xeon_e5:2603_v2
  • Intel Xeon E5 2603 V3
    cpe:2.3:h:intel:xeon_e5:2603_v3
  • Intel Xeon E5 2603 V4
    cpe:2.3:h:intel:xeon_e5:2603_v4
  • Intel Xeon E5 2608L V3
    cpe:2.3:h:intel:xeon_e5:2608l_v3
  • Intel Xeon E5 2608L V4
    cpe:2.3:h:intel:xeon_e5:2608l_v4
  • Intel Xeon E5 2609
    cpe:2.3:h:intel:xeon_e5:2609
  • Intel Xeon E5 2609 V2
    cpe:2.3:h:intel:xeon_e5:2609_v2
  • Intel Xeon E5 2609 V3
    cpe:2.3:h:intel:xeon_e5:2609_v3
  • Intel Xeon E5 2609 V4
    cpe:2.3:h:intel:xeon_e5:2609_v4
  • Intel Xeon E5 2618L V2
    cpe:2.3:h:intel:xeon_e5:2618l_v2
  • Intel Xeon E5 2618L V3
    cpe:2.3:h:intel:xeon_e5:2618l_v3
  • Intel Xeon E5 2618L V4
    cpe:2.3:h:intel:xeon_e5:2618l_v4
  • Intel Xeon E5 2620
    cpe:2.3:h:intel:xeon_e5:2620
  • Intel Xeon E5 2620 V2
    cpe:2.3:h:intel:xeon_e5:2620_v2
  • Intel Xeon E5 2620 V3
    cpe:2.3:h:intel:xeon_e5:2620_v3
  • Intel Xeon E5 2620 V4
    cpe:2.3:h:intel:xeon_e5:2620_v4
  • Intel Xeon E5 2623 V3
    cpe:2.3:h:intel:xeon_e5:2623_v3
  • Intel Xeon E5 2623 V4
    cpe:2.3:h:intel:xeon_e5:2623_v4
  • Intel Xeon E5 2628L V2
    cpe:2.3:h:intel:xeon_e5:2628l_v2
  • Intel Xeon E5 2628L V3
    cpe:2.3:h:intel:xeon_e5:2628l_v3
  • Intel Xeon E5 2628L V4
    cpe:2.3:h:intel:xeon_e5:2628l_v4
  • Intel Xeon E5 2630
    cpe:2.3:h:intel:xeon_e5:2630
  • Intel Xeon E5 2630 V2
    cpe:2.3:h:intel:xeon_e5:2630_v2
  • Intel Xeon E5 2630 V3
    cpe:2.3:h:intel:xeon_e5:2630_v3
  • Intel Xeon E5 2630 V4
    cpe:2.3:h:intel:xeon_e5:2630_v4
  • Intel Xeon E5 2630L
    cpe:2.3:h:intel:xeon_e5:2630l
  • Intel Xeon E5 2630L V2
    cpe:2.3:h:intel:xeon_e5:2630l_v2
  • Intel Xeon E5 2630L V3
    cpe:2.3:h:intel:xeon_e5:2630l_v3
  • Intel Xeon E5 2630L V4
    cpe:2.3:h:intel:xeon_e5:2630l_v4
  • Intel Xeon E5 2637
    cpe:2.3:h:intel:xeon_e5:2637
  • Intel Xeon E5 2637 V2
    cpe:2.3:h:intel:xeon_e5:2637_v2
  • Intel Xeon E5 2637 V3
    cpe:2.3:h:intel:xeon_e5:2637_v3
  • Intel Xeon E5 2637 V4
    cpe:2.3:h:intel:xeon_e5:2637_v4
  • Intel Xeon E5 2640
    cpe:2.3:h:intel:xeon_e5:2640
  • Intel Xeon E5 2640 V2
    cpe:2.3:h:intel:xeon_e5:2640_v2
  • Intel Xeon E5 2640 V3
    cpe:2.3:h:intel:xeon_e5:2640_v3
  • Intel Xeon E5 2640 V4
    cpe:2.3:h:intel:xeon_e5:2640_v4
  • Intel Xeon E5 2643
    cpe:2.3:h:intel:xeon_e5:2643
  • Intel Xeon E5 2643 V2
    cpe:2.3:h:intel:xeon_e5:2643_v2
  • Intel Xeon E5 2643 V3
    cpe:2.3:h:intel:xeon_e5:2643_v3
  • Intel Xeon E5 2643 V4
    cpe:2.3:h:intel:xeon_e5:2643_v4
  • Intel Xeon E5 2648L
    cpe:2.3:h:intel:xeon_e5:2648l
  • Intel Xeon E5 2648L V2
    cpe:2.3:h:intel:xeon_e5:2648l_v2
  • Intel Xeon E5 2648L V3
    cpe:2.3:h:intel:xeon_e5:2648l_v3
  • Intel Xeon E5 2648L V4
    cpe:2.3:h:intel:xeon_e5:2648l_v4
  • Intel Xeon E5 2650
    cpe:2.3:h:intel:xeon_e5:2650
  • Intel Xeon E5 2650 V2
    cpe:2.3:h:intel:xeon_e5:2650_v2
  • Intel Xeon E5 2650 V3
    cpe:2.3:h:intel:xeon_e5:2650_v3
  • Intel Xeon E5 2650 V4
    cpe:2.3:h:intel:xeon_e5:2650_v4
  • Intel Xeon E5 2650L
    cpe:2.3:h:intel:xeon_e5:2650l
  • Intel Xeon E5 2650L V2
    cpe:2.3:h:intel:xeon_e5:2650l_v2
  • Intel Xeon E5 2650L V3
    cpe:2.3:h:intel:xeon_e5:2650l_v3
  • Intel Xeon E5 2650L V4
    cpe:2.3:h:intel:xeon_e5:2650l_v4
  • Intel Xeon E5 2658
    cpe:2.3:h:intel:xeon_e5:2658
  • Intel Xeon E5 2658 V2
    cpe:2.3:h:intel:xeon_e5:2658_v2
  • Intel Xeon E5 2658 V3
    cpe:2.3:h:intel:xeon_e5:2658_v3
  • Intel Xeon E5 2658 V4
    cpe:2.3:h:intel:xeon_e5:2658_v4
  • Intel Xeon E5 2658A V3
    cpe:2.3:h:intel:xeon_e5:2658a_v3
  • Intel Xeon E5 2660
    cpe:2.3:h:intel:xeon_e5:2660
  • Intel Xeon E5 2660 V2
    cpe:2.3:h:intel:xeon_e5:2660_v2
  • Intel Xeon E5 2660 V3
    cpe:2.3:h:intel:xeon_e5:2660_v3
  • Intel Xeon E5 2660 V4
    cpe:2.3:h:intel:xeon_e5:2660_v4
  • Intel Xeon E5 2665
    cpe:2.3:h:intel:xeon_e5:2665
  • Intel Xeon E5 2667
    cpe:2.3:h:intel:xeon_e5:2667
  • Intel Xeon E5 2667 V2
    cpe:2.3:h:intel:xeon_e5:2667_v2
  • Intel Xeon E5 2667 V3
    cpe:2.3:h:intel:xeon_e5:2667_v3
  • Intel Xeon E5 2667 V4
    cpe:2.3:h:intel:xeon_e5:2667_v4
  • Intel Xeon E5 2670
    cpe:2.3:h:intel:xeon_e5:2670
  • Intel Xeon E5 2670 V2
    cpe:2.3:h:intel:xeon_e5:2670_v2
  • Intel Xeon E5 2670 V3
    cpe:2.3:h:intel:xeon_e5:2670_v3
  • Intel Xeon E5 2680
    cpe:2.3:h:intel:xeon_e5:2680
  • Intel Xeon E5 2680 V2
    cpe:2.3:h:intel:xeon_e5:2680_v2
  • Intel Xeon E5 2680 V3
    cpe:2.3:h:intel:xeon_e5:2680_v3
  • Intel Xeon E5 2680 V4
    cpe:2.3:h:intel:xeon_e5:2680_v4
  • Intel Xeon E5 2683 V3
    cpe:2.3:h:intel:xeon_e5:2683_v3
  • Intel Xeon E5 2683 V4
    cpe:2.3:h:intel:xeon_e5:2683_v4
  • Intel Xeon E5 2687W
    cpe:2.3:h:intel:xeon_e5:2687w
  • Intel Xeon E5 2687W V2
    cpe:2.3:h:intel:xeon_e5:2687w_v2
  • Intel Xeon E5 2687W V3
    cpe:2.3:h:intel:xeon_e5:2687w_v3
  • Intel Xeon E5 2687W V4
    cpe:2.3:h:intel:xeon_e5:2687w_v4
  • Intel Xeon E5 2690
    cpe:2.3:h:intel:xeon_e5:2690
  • Intel Xeon E5 2690 V2
    cpe:2.3:h:intel:xeon_e5:2690_v2
  • Intel Xeon E5 2690 V3
    cpe:2.3:h:intel:xeon_e5:2690_v3
  • Intel Xeon E5 2690 V4
    cpe:2.3:h:intel:xeon_e5:2690_v4
  • Intel Xeon E5 2695 V2
    cpe:2.3:h:intel:xeon_e5:2695_v2
  • Intel Xeon E5 2695 V3
    cpe:2.3:h:intel:xeon_e5:2695_v3
  • Intel Xeon E5 2695 V4
    cpe:2.3:h:intel:xeon_e5:2695_v4
  • Intel Xeon E5 2697 V2
    cpe:2.3:h:intel:xeon_e5:2697_v2
  • Intel Xeon E5 2697 V3
    cpe:2.3:h:intel:xeon_e5:2697_v3
  • Intel Xeon E5 2697 V4
    cpe:2.3:h:intel:xeon_e5:2697_v4
  • Intel Xeon E5 2697A V4
    cpe:2.3:h:intel:xeon_e5:2697a_v4
  • Intel Xeon E5 2698 V3
    cpe:2.3:h:intel:xeon_e5:2698_v3
  • Intel Xeon E5 2698 V4
    cpe:2.3:h:intel:xeon_e5:2698_v4
  • Intel Xeon E5 2699 V3
    cpe:2.3:h:intel:xeon_e5:2699_v3
  • Intel Xeon E5 2699 V4
    cpe:2.3:h:intel:xeon_e5:2699_v4
  • Intel Xeon E5 2699A V4
    cpe:2.3:h:intel:xeon_e5:2699a_v4
  • Intel Xeon E5 2699R V4
    cpe:2.3:h:intel:xeon_e5:2699r_v4
  • Intel Xeon E5 4603
    cpe:2.3:h:intel:xeon_e5:4603
  • Intel Xeon E5 4603 V2
    cpe:2.3:h:intel:xeon_e5:4603_v2
  • Intel Xeon E5 4607
    cpe:2.3:h:intel:xeon_e5:4607
  • Intel Xeon E5 4607 V2
    cpe:2.3:h:intel:xeon_e5:4607_v2
  • Intel Xeon E5 4610
    cpe:2.3:h:intel:xeon_e5:4610
  • Intel Xeon E5 4610 V2
    cpe:2.3:h:intel:xeon_e5:4610_v2
  • Intel Xeon E5 4610 V3
    cpe:2.3:h:intel:xeon_e5:4610_v3
  • Intel Xeon E5 4610 V4
    cpe:2.3:h:intel:xeon_e5:4610_v4
  • Intel Xeon E5 4617
    cpe:2.3:h:intel:xeon_e5:4617
  • Intel Xeon E5 4620
    cpe:2.3:h:intel:xeon_e5:4620
  • Intel Xeon E5 4620 V2
    cpe:2.3:h:intel:xeon_e5:4620_v2
  • Intel Xeon E5 4620 V3
    cpe:2.3:h:intel:xeon_e5:4620_v3
  • Intel Xeon E5 4620 V4
    cpe:2.3:h:intel:xeon_e5:4620_v4
  • Intel Xeon E5 4624L V2
    cpe:2.3:h:intel:xeon_e5:4624l_v2
  • Intel Xeon E5 4627 V2
    cpe:2.3:h:intel:xeon_e5:4627_v2
  • Intel Xeon E5 4627 V3
    cpe:2.3:h:intel:xeon_e5:4627_v3
  • Intel Xeon E5 4627 V4
    cpe:2.3:h:intel:xeon_e5:4627_v4
  • Intel Xeon E5 4628L V4
    cpe:2.3:h:intel:xeon_e5:4628l_v4
  • Intel Xeon E5 4640
    cpe:2.3:h:intel:xeon_e5:4640
  • Intel Xeon E5 4640 V2
    cpe:2.3:h:intel:xeon_e5:4640_v2
  • Intel Xeon E5 4640 V3
    cpe:2.3:h:intel:xeon_e5:4640_v3
  • Intel Xeon E5 4640 V4
    cpe:2.3:h:intel:xeon_e5:4640_v4
  • Intel Xeon E5 4648 V3
    cpe:2.3:h:intel:xeon_e5:4648_v3
  • Intel Xeon E5 4650
    cpe:2.3:h:intel:xeon_e5:4650
  • Intel Xeon E5 4650 V2
    cpe:2.3:h:intel:xeon_e5:4650_v2
  • Intel Xeon E5 4650 V3
    cpe:2.3:h:intel:xeon_e5:4650_v3
  • Intel Xeon E5 4650 V4
    cpe:2.3:h:intel:xeon_e5:4650_v4
  • Intel Xeon E5 4650L
    cpe:2.3:h:intel:xeon_e5:4650l
  • Intel Xeon E5 4655 V3
    cpe:2.3:h:intel:xeon_e5:4655_v3
  • Intel Xeon E5 4655 V4
    cpe:2.3:h:intel:xeon_e5:4655_v4
  • Intel Xeon E5 4657L V2
    cpe:2.3:h:intel:xeon_e5:4657l_v2
  • Intel Xeon E5 4660 V3
    cpe:2.3:h:intel:xeon_e5:4660_v3
  • Intel Xeon E5 4660 V4
    cpe:2.3:h:intel:xeon_e5:4660_v4
  • Intel Xeon E5 4667 V3
    cpe:2.3:h:intel:xeon_e5:4667_v3
  • Intel Xeon E5 4667 V4
    cpe:2.3:h:intel:xeon_e5:4667_v4
  • Intel Xeon E5 4669 V3
    cpe:2.3:h:intel:xeon_e5:4669_v3
  • Intel Xeon E5 4669 V4
    cpe:2.3:h:intel:xeon_e5:4669_v4
  • Intel Xeon E7 2803
    cpe:2.3:h:intel:xeon_e7:2803
  • Intel Xeon E7 2820
    cpe:2.3:h:intel:xeon_e7:2820
  • Intel Xeon E7 2830
    cpe:2.3:h:intel:xeon_e7:2830
  • Intel Xeon E7 2850
    cpe:2.3:h:intel:xeon_e7:2850
  • Intel Xeon E7 2850 V2
    cpe:2.3:h:intel:xeon_e7:2850_v2
  • Intel Xeon E7 2860
    cpe:2.3:h:intel:xeon_e7:2860
  • Intel Xeon E7 2870
    cpe:2.3:h:intel:xeon_e7:2870
  • Intel Xeon E7 2870 V2
    cpe:2.3:h:intel:xeon_e7:2870_v2
  • Intel Xeon E7 2880 V2
    cpe:2.3:h:intel:xeon_e7:2880_v2
  • Intel Xeon E7 2890 V2
    cpe:2.3:h:intel:xeon_e7:2890_v2
  • Intel Xeon E7 4807
    cpe:2.3:h:intel:xeon_e7:4807
  • Intel Xeon E7 4809 V2
    cpe:2.3:h:intel:xeon_e7:4809_v2
  • Intel Xeon E7 4809 V3
    cpe:2.3:h:intel:xeon_e7:4809_v3
  • Intel Xeon E7 4809 V4
    cpe:2.3:h:intel:xeon_e7:4809_v4
  • Intel Xeon E7 4820
    cpe:2.3:h:intel:xeon_e7:4820
  • Intel Xeon E7 4820 V2
    cpe:2.3:h:intel:xeon_e7:4820_v2
  • Intel Xeon E7 4820 V3
    cpe:2.3:h:intel:xeon_e7:4820_v3
  • Intel Xeon E7 4820 V4
    cpe:2.3:h:intel:xeon_e7:4820_v4
  • Intel Xeon E7 4830
    cpe:2.3:h:intel:xeon_e7:4830
  • Intel Xeon E7 4830 V2
    cpe:2.3:h:intel:xeon_e7:4830_v2
  • Intel Xeon E7 4830 V3
    cpe:2.3:h:intel:xeon_e7:4830_v3
  • Intel Xeon E7 4830 V4
    cpe:2.3:h:intel:xeon_e7:4830_v4
  • Intel Xeon E7 4850
    cpe:2.3:h:intel:xeon_e7:4850
  • Intel Xeon E7 4850 V2
    cpe:2.3:h:intel:xeon_e7:4850_v2
  • Intel Xeon E7 4850 V3
    cpe:2.3:h:intel:xeon_e7:4850_v3
  • Intel Xeon E7 4850 V4
    cpe:2.3:h:intel:xeon_e7:4850_v4
  • Intel Xeon E7 4860
    cpe:2.3:h:intel:xeon_e7:4860
  • Intel Xeon E7 4860 V2
    cpe:2.3:h:intel:xeon_e7:4860_v2
  • Intel Xeon E7 4870
    cpe:2.3:h:intel:xeon_e7:4870
  • Intel Xeon E7 4870 V2
    cpe:2.3:h:intel:xeon_e7:4870_v2
  • Intel Xeon E7 4880 V2
    cpe:2.3:h:intel:xeon_e7:4880_v2
  • Intel Xeon E7 4890 V2
    cpe:2.3:h:intel:xeon_e7:4890_v2
  • Intel Xeon E7 8830
    cpe:2.3:h:intel:xeon_e7:8830
  • Intel Xeon E7 8837
    cpe:2.3:h:intel:xeon_e7:8837
  • Intel Xeon E7 8850
    cpe:2.3:h:intel:xeon_e7:8850
  • Intel Xeon E7 8850 V2
    cpe:2.3:h:intel:xeon_e7:8850_v2
  • Intel Xeon E7 8857 V2
    cpe:2.3:h:intel:xeon_e7:8857_v2
  • Intel Xeon E7 8860
    cpe:2.3:h:intel:xeon_e7:8860
  • Intel Xeon E7 8860 V3
    cpe:2.3:h:intel:xeon_e7:8860_v3
  • Intel Xeon E7 8860 V4
    cpe:2.3:h:intel:xeon_e7:8860_v4
  • Intel Xeon E7 8867 V3
    cpe:2.3:h:intel:xeon_e7:8867_v3
  • Intel Xeon E7 8867 V4
    cpe:2.3:h:intel:xeon_e7:8867_v4
  • Intel Xeon E7 8867L
    cpe:2.3:h:intel:xeon_e7:8867l
  • Intel Xeon E7 8870
    cpe:2.3:h:intel:xeon_e7:8870
  • Intel Xeon E7 8870 V2
    cpe:2.3:h:intel:xeon_e7:8870_v2
  • Intel Xeon E7 8870 V3
    cpe:2.3:h:intel:xeon_e7:8870_v3
  • Intel Xeon E7 8870 V4
    cpe:2.3:h:intel:xeon_e7:8870_v4
  • Intel Xeon E7 8880 V2
    cpe:2.3:h:intel:xeon_e7:8880_v2
  • Intel Xeon E7 8880 V3
    cpe:2.3:h:intel:xeon_e7:8880_v3
  • Intel Xeon E7 8880 V4
    cpe:2.3:h:intel:xeon_e7:8880_v4
  • Intel Xeon E7 8880L V2
    cpe:2.3:h:intel:xeon_e7:8880l_v2
  • Intel Xeon E7 8880L V3
    cpe:2.3:h:intel:xeon_e7:8880l_v3
  • Intel Xeon E7 8890 V2
    cpe:2.3:h:intel:xeon_e7:8890_v2
  • Intel Xeon E7 8890 V3
    cpe:2.3:h:intel:xeon_e7:8890_v3
  • Intel Xeon E7 8890 V4
    cpe:2.3:h:intel:xeon_e7:8890_v4
  • Intel Xeon E7 8891 V2
    cpe:2.3:h:intel:xeon_e7:8891_v2
  • Intel Xeon E7 8891 V3
    cpe:2.3:h:intel:xeon_e7:8891_v3
  • Intel Xeon E7 8891 V4
    cpe:2.3:h:intel:xeon_e7:8891_v4
  • Intel Xeon E7 8893 V2
    cpe:2.3:h:intel:xeon_e7:8893_v2
  • Intel Xeon E7 8893 V3
    cpe:2.3:h:intel:xeon_e7:8893_v3
  • Intel Xeon E7 8893 V4
    cpe:2.3:h:intel:xeon_e7:8893_v4
  • Intel Xeon E7 8894 V4
    cpe:2.3:h:intel:xeon_e7:8894_v4
  • Intel Xeon Gold 5115
    cpe:2.3:h:intel:xeon_gold:5115
  • Intel Xeon Gold 5118
    cpe:2.3:h:intel:xeon_gold:5118
  • Intel Xeon Gold 5119T
    cpe:2.3:h:intel:xeon_gold:5119t
  • Intel Xeon Gold 5120
    cpe:2.3:h:intel:xeon_gold:5120
  • Intel Xeon Gold 5120T
    cpe:2.3:h:intel:xeon_gold:5120t
  • Intel Xeon Gold 5122
    cpe:2.3:h:intel:xeon_gold:5122
  • Intel Xeon Gold 6126
    cpe:2.3:h:intel:xeon_gold:6126
  • Intel Xeon Gold 6126F
    cpe:2.3:h:intel:xeon_gold:6126f
  • Intel Xeon Gold 6126T
    cpe:2.3:h:intel:xeon_gold:6126t
  • Intel Xeon Gold 6128
    cpe:2.3:h:intel:xeon_gold:6128
  • Intel Xeon Gold 6130
    cpe:2.3:h:intel:xeon_gold:6130
  • Intel Xeon Gold 6130F
    cpe:2.3:h:intel:xeon_gold:6130f
  • Intel Xeon Gold 6130T
    cpe:2.3:h:intel:xeon_gold:6130t
  • Intel Xeon Gold 6132
    cpe:2.3:h:intel:xeon_gold:6132
  • Intel Xeon Gold 6134
    cpe:2.3:h:intel:xeon_gold:6134
  • Intel Xeon Gold 6134M
    cpe:2.3:h:intel:xeon_gold:6134m
  • Intel Xeon Gold 6136
    cpe:2.3:h:intel:xeon_gold:6136
  • Intel Xeon Gold 6138
    cpe:2.3:h:intel:xeon_gold:6138
  • Intel Xeon Gold 6138F
    cpe:2.3:h:intel:xeon_gold:6138f
  • Intel Xeon Gold 6138T
    cpe:2.3:h:intel:xeon_gold:6138t
  • Intel Xeon Gold 6140
    cpe:2.3:h:intel:xeon_gold:6140
  • Intel Xeon Gold 6140M
    cpe:2.3:h:intel:xeon_gold:6140m
  • Intel Xeon Gold 6142
    cpe:2.3:h:intel:xeon_gold:6142
  • Intel Xeon Gold 6142F
    cpe:2.3:h:intel:xeon_gold:6142f
  • Intel Xeon Gold 6142M
    cpe:2.3:h:intel:xeon_gold:6142m
  • Intel Xeon Gold 6144
    cpe:2.3:h:intel:xeon_gold:6144
  • Intel Xeon Gold 6146
    cpe:2.3:h:intel:xeon_gold:6146
  • Intel Xeon Gold 6148
    cpe:2.3:h:intel:xeon_gold:6148
  • Intel Xeon Gold 6148F
    cpe:2.3:h:intel:xeon_gold:6148f
  • Intel Xeon Gold 6150
    cpe:2.3:h:intel:xeon_gold:6150
  • Intel Xeon Gold 6152
    cpe:2.3:h:intel:xeon_gold:6152
  • Intel Xeon Gold 6154
    cpe:2.3:h:intel:xeon_gold:6154
  • Intel Xeon Phi 7210
    cpe:2.3:h:intel:xeon_phi:7210
  • Intel Xeon Phi 7210F
    cpe:2.3:h:intel:xeon_phi:7210f
  • Intel Xeon Phi 7230
    cpe:2.3:h:intel:xeon_phi:7230
  • Intel Xeon Phi 7230F
    cpe:2.3:h:intel:xeon_phi:7230f
  • Intel Xeon Phi 7235
    cpe:2.3:h:intel:xeon_phi:7235
  • Intel Xeon Phi 7250
    cpe:2.3:h:intel:xeon_phi:7250
  • Intel Xeon Phi 7250F
    cpe:2.3:h:intel:xeon_phi:7250f
  • Intel Xeon Phi 7285
    cpe:2.3:h:intel:xeon_phi:7285
  • Intel Xeon Phi 7290
    cpe:2.3:h:intel:xeon_phi:7290
  • Intel Xeon Phi 7290F
    cpe:2.3:h:intel:xeon_phi:7290f
  • Intel Xeon Phi 7295
    cpe:2.3:h:intel:xeon_phi:7295
  • Intel Xeon Platinum 8153
    cpe:2.3:h:intel:xeon_platinum:8153
  • Intel Xeon Platinum 8156
    cpe:2.3:h:intel:xeon_platinum:8156
  • Intel Xeon Platinum 8158
    cpe:2.3:h:intel:xeon_platinum:8158
  • Intel Xeon Platinum 8160
    cpe:2.3:h:intel:xeon_platinum:8160
  • Intel Xeon Platinum 8160F
    cpe:2.3:h:intel:xeon_platinum:8160f
  • Intel Xeon Platinum 8160M
    cpe:2.3:h:intel:xeon_platinum:8160m
  • Intel Xeon Platinum 8160T
    cpe:2.3:h:intel:xeon_platinum:8160t
  • Intel Xeon Platinum 8164
    cpe:2.3:h:intel:xeon_platinum:8164
  • Intel Xeon Platinum 8168
    cpe:2.3:h:intel:xeon_platinum:8168
  • Intel Xeon Platinum 8170
    cpe:2.3:h:intel:xeon_platinum:8170
  • Intel Xeon Platinum 8170M
    cpe:2.3:h:intel:xeon_platinum:8170m
  • Intel Xeon Platinum 8176
    cpe:2.3:h:intel:xeon_platinum:8176
  • Intel Xeon Platinum 8176F
    cpe:2.3:h:intel:xeon_platinum:8176f
  • Intel Xeon Platinum 8176M
    cpe:2.3:h:intel:xeon_platinum:8176m
  • Intel Xeon Platinum 8180
    cpe:2.3:h:intel:xeon_platinum:8180
  • Intel Xeon Silver 4108
    cpe:2.3:h:intel:xeon_silver:4108
  • Intel Xeon Silver 4109T
    cpe:2.3:h:intel:xeon_silver:4109t
  • Intel Xeon Silver 4110
    cpe:2.3:h:intel:xeon_silver:4110
  • Intel Xeon Silver 4112
    cpe:2.3:h:intel:xeon_silver:4112
  • Intel Xeon Silver 4114
    cpe:2.3:h:intel:xeon_silver:4114
  • Intel Xeon Silver 4114T
    cpe:2.3:h:intel:xeon_silver:4114t
  • Intel Xeon Silver 4116
    cpe:2.3:h:intel:xeon_silver:4116
  • Intel Xeon Silver 4116T
    cpe:2.3:h:intel:xeon_silver:4116t
  • ARM Cortex-A9
    cpe:2.3:h:arm:cortex-a:9
  • ARM Cortex-A15
    cpe:2.3:h:arm:cortex-a:15
  • ARM Cortex-A17
    cpe:2.3:h:arm:cortex-a:17
  • ARM Cortex-A57
    cpe:2.3:h:arm:cortex-a:57
  • ARM Cortex-A72
    cpe:2.3:h:arm:cortex-a:72
  • ARM Cortex-A73
    cpe:2.3:h:arm:cortex-a:73
  • ARM Cortex-A75
    cpe:2.3:h:arm:cortex-a:75
CVSS
Base: 4.7
Impact:
Exploitability:
CWE CWE-200
CAPEC
  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
  • Reusing Session IDs (aka Session Replay)
    This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.
  • Using Slashes in Alternate Encoding
    This attack targets the encoding of the Slash characters. An attacker would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the attacker many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.
exploit-db via4
description Multiple CPUs - 'Spectre' Information Disclosure. CVE-2017-5715,CVE-2017-5753. Local exploit for Multiple platform
file exploits/multiple/local/43427.c
id EDB-ID:43427
last seen 2018-01-24
modified 2018-01-03
platform multiple
port
published 2018-01-03
reporter Exploit-DB
source https://www.exploit-db.com/download/43427/
title Multiple CPUs - 'Spectre' Information Disclosure
type local
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FUSION_VMSA_2017_0021.NASL
    description The version of VMware Fusion installed on the remote macOS or Mac OS X host is 8.x prior to 8.5.9. It is, therefore, affected by multiple vulnerabilities that can allow code execution in a virtual machine via the authenticated VNC session as well as cause information disclosure from one virtual machine to another virtual machine on the same host.
    last seen 2018-01-16
    modified 2018-01-15
    plugin id 105485
    published 2017-12-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105485
    title VMware Fusion 8.x < 8.5.9 Multiple Vulnerabilities (VMSA-2017-0021) (VMSA-2018-0002) (Spectre) (macOS)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-0007.NASL
    description From Red Hat Security Advisory 2018:0007 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 105598
    published 2018-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105598
    title Oracle Linux 7 : kernel (ELSA-2018-0007) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0046.NASL
    description An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 6 and RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 7 ELS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105677
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105677
    title RHEL 6 / 7 : rhev-hypervisor7 (RHSA-2018:0046) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0040-1.NASL
    description The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753: Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. - CVE-2017-5715: Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please contact your CPU / hardware vendor for potential microcode or BIOS updates needed for this fix. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option. - CVE-2017-5754: Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. This feature is disabled on unaffected architectures. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. The following security bugs were fixed : - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bnc#1057389). - CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231). - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667). - CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer was fixed. (bnc#1072876). - CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982). - CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel didn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179). - CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel did not verify that a filesystem has a realtime device, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (bnc#1058524). - CVE-2017-15102: The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel allowed local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occurs after a race condition and a NULL pointer dereference (bnc#1066705). - CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (bnc#1068671). - CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (bnc#1062520). - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327). - CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470). - CVE-2017-16525: The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device, related to disconnection and failed setup (bnc#1066618). - CVE-2017-16527: sound/usb/mixer.c in the Linux kernel allowed local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066625). - CVE-2017-16529: The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066650). - CVE-2017-16531: drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor (bnc#1066671). - CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066693). - CVE-2017-16535: The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066700). - CVE-2017-16536: The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066606). - CVE-2017-16537: The imon_probe function in drivers/media/rc/imon.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066573). - CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel allowed local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner) (bnc#1066569). - CVE-2017-16649: The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel allowed local users to cause a denial of service (divide-by-zero error and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067085). - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702 1069708). - CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces (bnc#1071695 1074033). - CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device (bnc#1072561). - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792). - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874). - CVE-2017-7472: The KEYS subsystem in the Linux kernel allowed local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls (bnc#1034862). - CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state (bnc#1070771). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 105685
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105685
    title SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0040-1) (BlueBorne) (KRACK) (Meltdown) (Spectre)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1002.NASL
    description According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms. - Note: This issue is present in hardware and cannot be fully fixed via software update. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place. - The first two variants abuse speculative execution to perform bounds-check bypass (CVE-2017-5753), or by utilizing branch target injection (CVE-2017-5715) to cause kernel code at an address under attacker control to execute speculatively. Collectively these are known as 'Spectre'. - Variant CVE-2017-5715 fixes require CPU microcode to update.And advise to contact hardware vendors to receive the appropriate microcode for your processor. - The third variant (CVE-2017-5754) relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. Researchers have called this exploit 'Meltdown'. - Note: Upgrade and performance specifications,please see http://developer.huawei.com/ict/en/performance_update_2 .1 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105655
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105655
    title EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1002)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0010-1.NASL
    description The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please also check with your CPU / Hardware vendor for available firmware or BIOS updates. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option. - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. This is only enabled by default on affected architectures. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. The following security bugs were fixed : - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874). - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 105574
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105574
    title SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:0010-1) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0016.NASL
    description An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105532
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105532
    title RHEL 7 : kernel-rt (RHSA-2018:0016) (Meltdown) (Spectre)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180103_KERNEL_ON_SL7_X.NASL
    description Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. The performance impact of these patches may vary considerably based on workload and hardware configuration. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105535
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105535
    title Scientific Linux Security Update : kernel on SL7.x x86_64 (Meltdown) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3542-1.NASL
    description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106272
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106272
    title Ubuntu 14.04 LTS : linux vulnerabilities (USN-3542-1) (Spectre)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180125_KERNEL_ON_SL7_X.NASL
    description Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. * Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 processors. (CVE-2017-5715, Important) * Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 and PowerPC processors. (CVE-2017-5753, Important) * Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. This fix specifically addresses PowerPC processors. (CVE-2017-5754, Important)
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 106340
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106340
    title Scientific Linux Security Update : kernel on SL7.x x86_64 (Meltdown) (Spectre)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180103_KERNEL_ON_SL6_X.NASL
    description Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. The performance impact of these patches may vary considerably based on workload and hardware configuration. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105534
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105534
    title Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (Meltdown) (Spectre)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZA-2018-006.NASL
    description According to the versions of the cpupools / cpupools-features / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. - CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. - CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-09
    modified 2018-02-07
    plugin id 106587
    published 2018-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106587
    title Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-006)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0021.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: xen commit=b2a6db11ced11291a472bc1bda20ce329eda4d66 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - gnttab: don't blindly free status pages upon version change (Andrew Cooper)  [Orabug: 27571750]  (CVE-2018-7541) - memory: don't implicitly unpin for decrease-reservation (Andrew Cooper)  [Orabug: 27571737]  (CVE-2018-7540) - BUILDINFO: xen commit=873b8236e886daa3c26dae28d0c1c53d88447dc0 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xend: if secure boot is enabled don't write pci config space (Elena Ufimtseva)  [Orabug: 27533309] - BUILDINFO: xen commit=81602116e75b6bbc519366b242c71888aa1b1673 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - x86/spec_ctrl: Fix several bugs in SPEC_CTRL_ENTRY_FROM_INTR_IST (Andrew Cooper)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86: allow easier disabling of BTI mitigations (Zhenzhong Duan) [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86/boot: Make alternative patching NMI-safe (Andrew Cooper) [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - xen/cmdline: Fix parse_boolean for unadorned values (Andrew Cooper)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Optimize the context switch code a bit (Zhenzhong Duan)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Update init_speculation_mitigations to upstream's (Zhenzhong Duan)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86/entry: Avoid using alternatives in NMI/#MC paths (Andrew Cooper)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Update RSB related implementation to upstream ones (Zhenzhong Duan)  [Orabug: 27553376]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - BUILDINFO: xen commit=c6a2fe8d72a3eba01b22cbe495e60cb6837fe8d0 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - x86: Expose CPUID.7, EDX.26->27 and CPUID.0x80000008, EBX.12 (redux) (Konrad Rzeszutek Wilk)  [Orabug: 27445678] - BUILDINFO: xen commit=9657d91fcbf49798d2c5135866e1947113d536dc - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - x86/Spectre: Set thunk to THUNK_NONE if compiler support is not available (Boris Ostrovsky)  [Orabug: 27375688] - BUILDINFO: xen commit=4e5826dfcb56d3a868a9934646989f8483f03b3c - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xen: No dependencies on dracut and microcode_ctl RPMs (Boris Ostrovsky)  [Orabug: 27409718]
    last seen 2018-03-24
    modified 2018-03-22
    plugin id 107130
    published 2018-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107130
    title OracleVM 3.4 : xen (OVMSA-2018-0021) (Meltdown) (Spectre)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-4004.NASL
    description Description of changes: [4.1.12-112.14.5.el7uek] - x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825] [4.1.12-112.14.4.el7uek] - kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715} [4.1.12-112.14.3.el7uek] - userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753} - kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} {CVE-2017-5715} - x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715} - x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] {CVE-2017-5715} - Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715} - Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715} - KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715} - kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715} - Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715} - kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715} - x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715} - x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715} - x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715} - x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715} - *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715} - x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} - x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 105759
    published 2018-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105759
    title Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4004) (Spectre)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-690989736A.NASL
    description This update includes improvements to mitigate the effects of Spectre ([CVE-2017-5753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20 17-5753) and [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 7-5715)) : - Disable SharedArrayBuffers from Web API. - Reduce the precision of “high” resolution time to 1ms. Additional fixes : - Fix API documentation generation with newer gtk-doc. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 106178
    published 2018-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106178
    title Fedora 26 : webkitgtk4 (2018-690989736a) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0179-1.NASL
    description This update for wireshark to version 2.2.12 fixes the following issues : - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) - CVE-2018-5335: WCP dissector could crash (bsc#1075738) - CVE-2018-5336: Multiple dissector crashes (bsc#1075739) - CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could have lead to denial of service (bsc#1074171) This release no longer enables the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 CVE-2017-5753 - (bsc#1075748) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12 .html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 106293
    published 2018-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106293
    title SUSE SLES11 Security Update : wireshark (SUSE-SU-2018:0179-1) (Spectre)
  • NASL family Misc.
    NASL id XEN_SERVER_XSA-254.NASL
    description According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by multiple vulnerabilities. Note that Nessus has checked the changeset versions based on the xen.git change log. Nessus did not check guest hardware configurations or if patches were applied manually to the source code before a recompile and reinstall.
    last seen 2018-02-23
    modified 2018-02-22
    plugin id 106902
    published 2018-02-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106902
    title Xen Multiple Vulnerabilities (Spectre) (Meltdown) (XSA-254)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0191-1.NASL
    description This update for wireshark to version 2.2.12 fixes the following issues : - CVE-2018-5334: IxVeriWave file could crash (bsc#1075737) - CVE-2018-5335: WCP dissector could crash (bsc#1075738) - CVE-2018-5336: Multiple dissector crashes (bsc#1075739) - CVE-2017-17935: Incorrect handling of '\n' in file_read_line function could have lead to denial of service (bsc#1074171) This release no longer enables the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 CVE-2017-5753 - (bsc#1075748) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12 .html Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 106342
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106342
    title SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2018:0191-1) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3549-1.NASL
    description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 106483
    published 2018-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106483
    title Ubuntu 16.04 LTS : linux-kvm vulnerabilities (USN-3549-1) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-32.NASL
    description This update for wireshark to version 2.2.12 fixes the following issues : - CVE-2018-5334: IxVeriWave file could crash (boo#1075737) - CVE-2018-5335: WCP dissector could crash (boo#1075738) - CVE-2018-5336: Multiple dissector crashes (boo#1075739) - CVE-2017-17997: MRDISC dissector could crash (boo#1074171) This release no longers enable the Linux kernel BPF JIT compiler via the net.core.bpf_jit_enable sysctl, as this would make systems more vulnerable to Spectre variant 1 CVE-2017-5753 - (boo#1075748) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 106061
    published 2018-01-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106061
    title openSUSE Security Update : wireshark (openSUSE-2018-32) (Spectre)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1001.NASL
    description According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The recent speculative execution CVEs address three potential attacks across a wide variety of architectures and hardware platforms. - Note: This issue is present in hardware and cannot be fully fixed via software update. The nature of these vulnerabilities and their fixes introduces the possibility of reduced performance on patched systems. The performance impact depends on the hardware and the applications in place. - The first two variants abuse speculative execution to perform bounds-check bypass (CVE-2017-5753), or by utilizing branch target injection (CVE-2017-5715) to cause kernel code at an address under attacker control to execute speculatively. Collectively these are known as 'Spectre'. - Variant CVE-2017-5715 fixes require CPU microcode to update.And advise to contact hardware vendors to receive the appropriate microcode for your processor. - The third variant (CVE-2017-5754) relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. Researchers have called this exploit 'Meltdown'. - Note: Upgrade and performance specifications,please see http://developer.huawei.com/ict/en/performance_update Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105618
    published 2018-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105618
    title EulerOS 2.0 SP2 : kernel (EulerOS-SA-2018-1001)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0011.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105527
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105527
    title RHEL 6 : kernel (RHSA-2018:0011) (Meltdown) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3597-2.NASL
    description USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) for the i386, amd64, and ppc64el architectures for Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the arm64 architecture. Original advisory details : Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754) Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-24
    modified 2018-03-22
    plugin id 108372
    published 2018-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108372
    title Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3597-2) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0114-1.NASL
    description The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top. - CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106094
    published 2018-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106094
    title SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0114-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0472-1.NASL
    description This update for xen fixes several issues. These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-23
    modified 2018-02-22
    plugin id 106901
    published 2018-02-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106901
    title SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:0472-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-2.NASL
    description The openSUSE Leap 42.3 kernel was updated to 4.4.104 to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please also check with your CPU / Hardware vendor on updated firmware or BIOS images regarding this issue. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option. - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. Note that this is only done on affected platforms. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. The following security bugs were fixed : - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874). - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792). The following non-security bugs were fixed : - Add undefine _unique_build_ids (bsc#964063) - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717). - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717). - alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717). - alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717). - alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717). - alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717). - alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717). - alsa: hda: Drop useless WARN_ON() (bsc#1031717). - alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717). - alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717). - alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717). - alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717). - alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717). - alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717). - alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717). - alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717). - alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717). - alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717). - alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717). - alsa: hda/realtek - Add support for ALC1220 (bsc#1031717). - alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717). - alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717). - alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717). - alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717). - alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717). - alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717). - alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717). - alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717). - alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717). - alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717). - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717). - alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717). - alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717). - alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717). - alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717). - alsa: hda/realtek - New codec support for ALC257 (bsc#1031717). - alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717). - alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717). - alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717). - alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717). - alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717). - alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717). - alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717). - alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717). - alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717). - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717). - alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717). - alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717). - alsa: usb-audio: Add check return value for usb_string() (bsc#1031717). - alsa: usb-audio: Fix out-of-bound error (bsc#1031717). - alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717). - apei / ERST: Fix missing error handling in erst_reader() (bsc#1072556). - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382). - arm: Hide finish_arch_post_lock_switch() from modules (bsc#1068032). - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717). - asoc: twl4030: fix child-node lookup (bsc#1031717). - asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717). - autofs: fix careless error in recent commit (bnc#1012382 bsc#1065180). - bcache: Fix building error on MIPS (bnc#1012382). - bnxt_en: Do not print 'Link speed -1 no longer supported' messages (bsc#1070116). - bpf: prevent speculative execution in eBPF interpreter (bnc#1068032). - btrfs: clear space cache inode generation always (bnc#1012382). - btrfs: embed extent_changeset::range_changed to the structure (dependent patch, bsc#1031395). - btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (bsc#1031395). - btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (bsc#1031395). - btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependent patch, bsc#1031395). - btrfs: qgroup: Return actually freed bytes for qgroup release or free data (bsc#1031395). - btrfs: qgroup-test: Fix backport error in qgroup selftest (just to make CONFIG_BTRFS_FS_RUN_SANITY_TESTS pass compile). - btrfs: ulist: make the finalization function public (dependent patch, bsc#1031395). - btrfs: ulist: rename ulist_fini to ulist_release (dependent patch, bsc#1031395). - carl9170: prevent speculative execution (bnc#1068032). - ceph: drop negative child dentries before try pruning inode's alias (bsc#1073525). - Check cmdline_find_option() retval properly and use boot_cpu_has(). - cifs: Fix NULL pointer deref on SMB2_tcon() failure (bsc#1071009). - cw1200: prevent speculative execution (bnc#1068032). - drm/radeon: fix atombios on big endian (bnc#1012382). - e1000e: Fix e1000_check_for_copper_link_ich8lan return value (bsc#1073809). - eeprom: at24: check at24_read/write arguments (bnc#1012382). - Fix unsed variable warning in has_unmovable_pages (bsc#1073868). - fs: prevent speculative execution (bnc#1068032). - genwqe: Take R/W permissions into account when dealing with memory pages (bsc#1073090). - ibmvnic: Include header descriptor support for ARP packets (bsc#1073912). - ibmvnic: Increase maximum number of RX/TX queues (bsc#1073912). - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to IBMVNIC_MAX_QUEUES (bsc#1073912). - ib/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() (FATE#321231 FATE#321473 FATE#322153 FATE#322149). - ip_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246). - ipv6: prevent speculative execution (bnc#1068032). - iw_cxgb4: fix misuse of integer variable (bsc#963897,FATE#320114). - iw_cxgb4: only insert drain cqes if wq is flushed (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781). - iw_cxgb4: reflect the original WR opcode in drain cqes (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781). - iw_cxgb4: when flushing, complete all wrs in a chain (bsc#321658 FATE#1005778 bsc#321660 FATE#1005780 bsc#321661 FATE#1005781). - kabi fix for new hash_cred function (bsc#1012917). - kaiser: add 'nokaiser' boot option, using ALTERNATIVE. - kaiser: align addition to x86/mm/Makefile. - kaiser: asm/tlbflush.h handle noPGE at lower level. - kaiser: cleanups while trying for gold link. - kaiser: disabled on Xen PV. - kaiser: do not set _PAGE_NX on pgd_none. - kaiser: drop is_atomic arg to kaiser_pagetable_walk(). - kaiser: enhanced by kernel and user PCIDs. - kaiser: ENOMEM if kaiser_pagetable_walk() NULL. - kaiser: fix build and FIXME in alloc_ldt_struct(). - kaiser: fix perf crashes. - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER. - kaiser: fix unlikely error in alloc_ldt_struct(). - kaiser: KAISER depends on SMP. - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID. - kaiser: kaiser_remove_mapping() move along the pgd. - kaiser: Kernel Address Isolation. - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush. - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user. - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET. - kaiser: paranoid_entry pass cr3 need to paranoid_exit. - kaiser: PCID 0 for kernel and 128 for user. - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls. - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE. - kaiser: tidied up asm/kaiser.h somewhat. - kaiser: tidied up kaiser_add/remove_mapping slightly. - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush. - kaiser: vmstat show NR_KAISERTABLE as nr_overhead. - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user. - kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032). - kvm: x86: Add speculative control CPUID support for guests (bsc#1068032). - kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382). - kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382). - kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382). - locking/barriers: introduce new memory barrier gmb() (bnc#1068032). - mmc: core: Do not leave the block driver in a suspended state (bnc#1012382). - mm/mmu_context, sched/core: Fix mmu_context.h assumption (bsc#1068032). - mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382). - netlink: add a start callback for starting a netlink dump (bnc#1012382). - net/mlx5e: DCBNL, Implement tc with ets type and zero bandwidth (bsc#966170 FATE#320225 bsc#966172 FATE#320226). - net/mlx5e: Fix ETS BW check (bsc#966170 FATE#320225 bsc#966172 FATE#320226). - net/mlx5: Fix error flow in CREATE_QP command (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689). - net: mpls: prevent speculative execution (bnc#1068032). - nfsd: Fix another OPEN stateid race (bnc#1012382). - nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382). - nfsd: Make init_open_stateid() a bit more whole (bnc#1012382). - nfs: improve shinking of access cache (bsc#1012917). - nfs: revalidate '.' etc correctly on 'open' (bsc#1068951). - nfs: revalidate '.' etc correctly on 'open' (git-fixes). Fix References: tag. - nfsv4: always set NFS_LOCK_LOST when a lock is lost (bsc#1068951). - nvme-fabrics: introduce init command check for a queue that is not alive (bsc#1072890). - nvme-fc: check if queue is ready in queue_rq (bsc#1072890). - nvme-fc: do not use bit masks for set/test_bit() numbers (bsc#1072890). - nvme-loop: check if queue is ready in queue_rq (bsc#1072890). - nvmet-fc: cleanup nvmet add_port/remove_port (bsc#1072890). - nvmet_fc: correct broken add_port (bsc#1072890). - p54: prevent speculative execution (bnc#1068032). - powerpc/barrier: add gmb. - powerpc: Secure memory rfi flush (bsc#1068032). - ptrace: Add a new thread access check (bsc#1068032). - qla2xxx: prevent speculative execution (bnc#1068032). - Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382). - Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi). - Revert 'netlink: add a start callback for starting a netlink dump' (kabi). - s390: add ppa to system call and program check path (bsc#1068032). - s390: introduce CPU alternatives. - s390: introduce CPU alternatives (bsc#1068032). - s390/qeth: add missing hash table initializations (bnc#1072216, LTC#162173). - s390/qeth: fix early exit from error path (bnc#1072216, LTC#162173). - s390/qeth: fix thinko in IPv4 multicast address tracking (bnc#1072216, LTC#162173). - s390/spinlock: add gmb memory barrier - s390/spinlock: add gmb memory barrier (bsc#1068032). - s390/spinlock: add ppa to system call path Signoff the s390 patches. - sched/core: Add switch_mm_irqs_off() and use it in the scheduler (bsc#1068032). - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (bsc#1068032). - sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476). - scsi_dh_alua: skip RTPG for devices only supporting active/optimized (bsc#1064311). - scsi: lpfc: correct sg_seg_cnt attribute min vs default (bsc#1072166). - scsi: qedi: Limit number for CQ queues (bsc#1072866). - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25 (bsc#1063043). This is specific to FUJITSU ETERNUS_DX* targets. They can return 'Illegal Request - Logical unit not supported' and processing should leave the timeout loop in this case. - scsi: ses: check return code from ses_recv_diag() (bsc#1039616). - scsi: ses: Fixup error message 'failed to get diagnostic page 0xffffffea' (bsc#1039616). - scsi: ses: Fix wrong page error (bsc#1039616). - scsi: ses: make page2 support optional (bsc#1039616). - sfc: pass valid pointers from efx_enqueue_unwind (bsc#1017967 FATE#321663). - sunrpc: add auth_unix hash_cred() function (bsc#1012917). - sunrpc: add generic_auth hash_cred() function (bsc#1012917). - sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917). - sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917). - sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917). - sunrpc: use supplimental groups in auth hash (bsc#1012917). - Thermal/int340x: prevent speculative execution (bnc#1068032). - udf: prevent speculative execution (bnc#1068032). - Update config files: enable KAISER. - usb: host: fix incorrect updating of offset (bsc#1047487). - userns: prevent speculative execution (bnc#1068032). - uvcvideo: prevent speculative execution (bnc#1068032). - vxlan: correctly handle ipv6.disable module parameter (bsc#1072962). - x86/boot: Add early cmdline parsing for options with arguments. - x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032). - x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032). - x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032). - x86/CPU: Check speculation control CPUID bit (bsc#1068032). - x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382). - x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032). - x86/entry: Add a function to overwrite the RSB (bsc#1068032). - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032). - x86/entry: Use IBRS on entry to kernel space (bsc#1068032). - x86/feature: Enable the x86 feature to control Speculation (bsc#1068032). - x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032). - x86/idle: Toggle IBRS when going idle (bsc#1068032). - x86/kaiser: Check boottime cmdline params. - x86/kaiser: Move feature detection up (bsc#1068032). - x86/kaiser: Reenable PARAVIRT. - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling. - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032). - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032). - x86/kvm: Flush IBP when switching VMs (bsc#1068032). - x86/kvm: Pad RSB on VM transition (bsc#1068032). - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032). - x86/mm/64: Fix reboot interaction with CR4.PCIDE (bsc#1068032). - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (bsc#1068032). - x86/mm: Add INVPCID helpers (bsc#1068032). - x86/mm: Add the 'nopcid' boot option to turn off PCID (bsc#1068032). - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (bsc#1068032). - x86/mm: Enable CR4.PCIDE on supported systems (bsc#1068032). - x86/mm: Fix INVPCID asm constraint (bsc#1068032). - x86/mm: If INVPCID is available, use it to flush global mappings (bsc#1068032). - x86/mm: Make flush_tlb_mm_range() more predictable (bsc#1068032). - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032). - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (bsc#1068032). - x86/mm: Remove flush_tlb() and flush_tlb_current_task() (bsc#1068032). - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (bsc#1068032). - x86/mm, sched/core: Turn off IRQs in switch_mm() (bsc#1068032). - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032). - x86/mm: Set IBPB upon context switch (bsc#1068032). - x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032). - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032). - x86/spec: Add IBRS control functions (bsc#1068032). - x86/spec: Add 'nospec' chicken bit (bsc#1068032). - x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032). - x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032). - x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032). - x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032). - x86/svm: Add code to clear registers on VM exit (bsc#1068032). - x86/svm: Clobber the RSB on VM exit (bsc#1068032). - x86/svm: Set IBPB when running a different VCPU (bsc#1068032). - x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105597
    published 2018-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105597
    title openSUSE Security Update : the Linux Kernel (openSUSE-2018-2) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0069-1.NASL
    description The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top. - CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 105765
    published 2018-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105765
    title SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0069-1) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0021.NASL
    description An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105672
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105672
    title RHEL 6 : MRG (RHSA-2018:0021) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0012.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Revert 'kernel.spec: Require the new microcode_ctl.' (Brian Maly) - xen-blkback: add pending_req allocation stats (Ankur Arora) [Orabug: 27386890] - xen-blkback: move indirect req allocation out-of-line (Ankur Arora) - xen-blkback: pull nseg validation out in a function (Ankur Arora) - xen-blkback: make struct pending_req less monolithic (Ankur Arora) - x86: Clean up IBRS functionality resident in common code (Kanth Ghatraju) [Orabug: 27403317] - x86: Display correct settings for the SPECTRE_V2 bug (Kanth Ghatraju) - Set CONFIG_GENERIC_CPU_VULNERABILITIES flag (Kanth Ghatraju) [Orabug: 27403317] - x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27403317] - sysfs/cpu: Fix typos in vulnerability documentation (David Woodhouse) - sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27403317] - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (David Woodhouse) [Orabug: 27403317] - x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27403317] - KVM: x86: Add memory barrier on vmcs field lookup (Andrew Honig) (CVE-2017-5753) - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (Andrew Honig) [Orabug: 27402301] (CVE-2017-1000407) (CVE-2017-1000407) - xfs: give all workqueues rescuer threads (Chris Mason) [Orabug: 27397568] - ixgbevf: handle mbox_api_13 in ixgbevf_change_mtu (Joao Martins)
    last seen 2018-01-31
    modified 2018-01-30
    plugin id 106226
    published 2018-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106226
    title OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0012) (Spectre)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_57_0_4.NASL
    description The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 57.0.4. It is, therefore, vulnerable to a speculative execution side-channel attack. Code from a malicious web page could read data from other web sites or private data from the browser itself.
    last seen 2018-01-12
    modified 2018-01-11
    plugin id 105615
    published 2018-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105615
    title Mozilla Firefox < 57.0.4 Speculative Execution Side-Channel Attack Vulnerability (Spectre) (macOS)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0005.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0005 for details.
    last seen 2018-01-31
    modified 2018-01-30
    plugin id 105717
    published 2018-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105717
    title OracleVM 3.4 : xen (OVMSA-2018-0005) (Meltdown) (Spectre)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-0590E4AF13.NASL
    description This update includes improvements to mitigate the effects of Spectre ([CVE-2017-5753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20 17-5753) and [CVE-2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-201 7-5715)) : - Disable SharedArrayBuffers from Web API. - Reduce the precision of “high” resolution time to 1ms. Additional fixes : - Fix API documentation generation with newer gtk-doc. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 106022
    published 2018-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106022
    title Fedora 27 : webkitgtk4 (2018-0590e4af13) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0182.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update initial mitigations for IBM Power (PowerPC) and IBM zSeries (S390) architectures are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important, PowerPC, S390) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important, S390) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important, PowerPC) Red Hat would like to thank Google Project Zero for reporting these issues. Bug Fix(es) : * When attempting to reread parent blocks in btree traversal, the xfs code which deletes extended attributes from an inode assumed that the parent blocks were still on the cache. Under memory pressure and memory reclaim, such parent blocks were sometimes removed from the cache. Consequently, attempts to reread previously cached parent blocks caused the file system to read invalid memory. This update fixes xfs to reinitialize the pointer to the parent block buffers after the block has been reread. As a result, pointers to btree blocks now point to valid memory, and the kernel no longer crashes due to an invalid memory access. (BZ#1512811) * The write access check for huge pages did not function correctly on IBM z Systems. Consequently, if asynchronous I/O reads were used, buffers sometimes contained zeroes rather than data from a file, even when the io_getevents() system call reported that the associated read had finished successfully. This update fixes the write access check in the gup_huge_pmd () function in memory management, and read data is stored in asynchronous I /O buffers properly. (BZ#1513315) * With this update, the rule for iptables reloading has been optimized to complete faster. (BZ#1514040)
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 106335
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106335
    title RHEL 7 : kernel (RHSA-2018:0182) (Meltdown) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3540-2.NASL
    description USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and s390x architectures. (CVE-2017-5715, CVE-2017-5753) USN-3522-2 mitigated CVE-2017-5754 (Meltdown) for the amd64 architecture in the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. This update provides the corresponding mitigations for the ppc64el architecture. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106269
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106269
    title Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3540-2) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0007.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825] - kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) (CVE-2017-5715) - userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] (CVE-2017-5753) - kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) (CVE-2017-5715) - x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715) - x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] (CVE-2017-5715) - Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] (CVE-2017-5715) - Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] (CVE-2017-5715) - KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715) - kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] (CVE-2017-5715) - Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug: 27339995] (CVE-2017-5715) - kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715) - x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] (CVE-2017-5715) - x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715) - x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] (CVE-2017-5715) - x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] (CVE-2017-5715) - *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715) - x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] (CVE-2017-5715) - x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] (CVE-2017-5715)
    last seen 2018-02-23
    modified 2018-02-22
    plugin id 105761
    published 2018-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105761
    title OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0007) (Spectre)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL
    description The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 11.0.2, or is 11.0.2 and missing the January 8th patch. It is, therefore, affected by a vulnerability that exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis.
    last seen 2018-01-23
    modified 2018-01-22
    plugin id 105689
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105689
    title macOS : Apple Safari <= 11.0.2 (11604.4.7.1.6 / 12604.4.7.1.6 / 13604.4.7.10.6) Information Disclosure (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0638-1.NASL
    description This update for xen fixes several issues. This new feature was included : - add script and sysv service to watch for vcpu online/offline events in a HVM domU These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - Added missing intermediate preemption checks for guest requesting removal of memory. This allowed malicious guest administrator to cause denial of service due to the high cost of this operation (bsc#1080635). - Because of XEN not returning the proper error messages when transitioning grant tables from v2 to v1 a malicious guest was able to cause DoS or potentially allowed for privilege escalation as well as information leaks (bsc#1080662). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-15
    modified 2018-03-12
    plugin id 107254
    published 2018-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107254
    title SUSE SLES11 Security Update : xen (SUSE-SU-2018:0638-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-118.NASL
    description This update for webkit2gtk3 fixes the following issues : Update to version 2.18.5 : + Disable SharedArrayBuffers from Web API. + Reduce the precision of 'high' resolution time to 1ms. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown (CVE-2017-5753 and CVE-2017-5715). Update to version 2.18.4 : + Make WebDriver implementation more spec compliant. + Fix a bug when trying to remove cookies before a web process is spawned. + WebKitWebDriver process no longer links to libjavascriptcoregtk. + Fix several memory leaks in GStreamer media backend. + bsc#1073654 - Security fixes: CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856. Update to version 2.18.3 : + Improve calculation of font metrics to prevent scrollbars from being shown unnecessarily in some cases. + Fix handling of null capabilities in WebDriver implementation. + Security fixes: CVE-2017-13798, CVE-2017-13788, CVE-2017-13803. Update to version 2.18.2 : + Fix rendering of arabic text. + Fix a crash in the web process when decoding GIF images. + Fix rendering of wind in Windy.com. + Fix several crashes and rendering issues. Update to version 2.18.1 : + Improve performance of GIF animations. + Fix garbled display in GMail. + Fix rendering of several material design icons when using the web font. + Fix flickering when resizing the window in Wayland. + Prevent default kerberos authentication credentials from being used in ephemeral sessions. + Fix a crash when webkit_web_resource_get_data() is cancelled. + Correctly handle touchmove and touchend events in WebKitWebView. + Fix the build with enchant 2.1.1. + Fix the build in HPPA and Alpha. + Fix several crashes and rendering issues. + Security fixes: CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142. - Enable gold linker on s390/s390x on SLE15/Tumbleweed. This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2018-02-05
    modified 2018-02-05
    plugin id 106549
    published 2018-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106549
    title openSUSE Security Update : webkit2gtk3 (openSUSE-2018-118) (Meltdown) (Spectre)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-057-01.NASL
    description New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 1.
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 107006
    published 2018-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107006
    title Slackware 14.2 : Slackware 14.2 kernel (SSA:2018-057-01) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0438-1.NASL
    description This update for xen fixes several issues. These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-20
    modified 2018-02-20
    plugin id 106834
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106834
    title SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:0438-1) (Meltdown) (Spectre)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_57_0_4.NASL
    description The version of Mozilla Firefox installed on the remote Windows host is prior to 57.0.4. It is, therefore, vulnerable to a speculative execution side-channel attack. Code from a malicious web page could read data from other web sites or private data from the browser itself.
    last seen 2018-01-12
    modified 2018-01-11
    plugin id 105616
    published 2018-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105616
    title Mozilla Firefox < 57.0.4 Speculative Execution Side-Channel Attack Vulnerability (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0029.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0029 for details.
    last seen 2018-04-13
    modified 2018-04-12
    plugin id 108864
    published 2018-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108864
    title OracleVM 3.2 : xen (OVMSA-2018-0029) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0015.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0015 for details.
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 106469
    published 2018-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106469
    title OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0015) (BlueBorne) (Meltdown) (Spectre) (Stack Clash)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3541-1.NASL
    description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and s390x architectures. (CVE-2017-5715, CVE-2017-5753) USN-3523-1 mitigated CVE-2017-5754 (Meltdown) for the amd64 architecture in Ubuntu 17.10. This update provides the corresponding mitigations for the ppc64el architecture. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106270
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106270
    title Ubuntu 17.10 : linux vulnerabilities (USN-3541-1) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0151.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update initial mitigations for IBM Power (PowerPC) and IBM zSeries (S390) architectures are provided. * Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 processors. (CVE-2017-5715, Important) * Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 and PowerPC processors. (CVE-2017-5753, Important) * Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. This fix specifically addresses PowerPC processors. (CVE-2017-5754, Important) Red Hat would like to thank Google Project Zero for reporting CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. This update also fixes the following security issues and bugs : Space precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/articles/ 3327131.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 106330
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106330
    title RHEL 7 : kernel (RHSA-2018:0151) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0609-1.NASL
    description This update for xen fixes several issues. These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - Added missing intermediate preemption checks for guest requesting removal of memory. This allowed malicious guest administrator to cause denial of service due to the high cost of this operation (bsc#1080635). - Because of XEN not returning the proper error messages when transitioning grant tables from v2 to v1 a malicious guest was able to cause DoS or potentially allowed for privilege escalation as well as information leaks (bsc#1080662). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-09
    modified 2018-03-06
    plugin id 107144
    published 2018-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107144
    title SUSE SLES12 Security Update : xen (SUSE-SU-2018:0609-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0031-1.NASL
    description The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. This issue is addressed for the x86_64, IBM Power and IBM zSeries architecture. - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. This is done with help of Linux Kernel fixes on the Intel/AMD x86_64 and IBM zSeries architectures. On x86_64, this requires also updates of the CPU microcode packages, delivered in separate updates. For IBM Power and zSeries the required firmware updates are supplied over regular channels by IBM. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option. - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. This update does this on the x86_64 architecture, it is not required on the IBM zSeries architecture. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. The following security bugs were fixed : - CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470). - CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer. (bnc#1072876). - CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel allowed local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device, related to a missing warm-start check and incorrect attach timing (dm04_lme2510_frontend_attach versus dm04_lme2510_tuner) (bnc#1066569). - CVE-2017-17558: The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel did not consider the maximum number of configurations and interfaces before attempting to release resources, which allowed local users to cause a denial of service (out-of-bounds write access) or possibly have unspecified other impact via a crafted USB device (bnc#1072561). - CVE-2017-17450: net/netfilter/xt_osf.c in the Linux kernel did not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allowed local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces (bnc#1071695). - CVE-2017-17449: The __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel through 4.14.4, when CONFIG_NLMON is enabled, did not restrict observations of Netlink messages to a single net namespace, which allowed local users to obtain sensitive information by leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system (bnc#1071694). - CVE-2017-17448: net/netfilter/nfnetlink_cthelper.c in the Linux kernel did not require the CAP_NET_ADMIN capability for new, get, and del operations, which allowed local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces (bnc#1071693). - CVE-2017-8824: The dccp_disconnect function in net/dccp/proto.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state (bnc#1070771). - CVE-2017-15115: The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel did not check whether the intended netns is used in a peel-off action, which allowed local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (bnc#1068671). - CVE-2017-11600: net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, did not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allowed local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (bnc#1050231). - CVE-2017-16534: The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066693). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 105647
    published 2018-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105647
    title SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0031-1) (Meltdown) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3540-1.NASL
    description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and s390x architectures. (CVE-2017-5715, CVE-2017-5753) USN-3522-1 mitigated CVE-2017-5754 (Meltdown) for the amd64 architecture in Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the ppc64el architecture. Original advisory details : Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106268
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106268
    title Ubuntu 16.04 LTS : linux, linux-aws, linux-euclid vulnerabilities (USN-3540-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0171-1.NASL
    description The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top. - CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106260
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106260
    title SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0171-1) (Meltdown) (Spectre)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZA-2018-002.NASL
    description According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. - CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. - CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105619
    published 2018-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105619
    title Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2018-002)
  • NASL family AIX Local Security Checks
    NASL id AIX_IJ03030.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 106311
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106311
    title AIX 6.1 TL 9 : spectre_meltdown (IJ03030) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0131-1.NASL
    description The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. - CVE-2017-5715 / 'Spectre Attack': IBM Z fixes were already included in the previous update. A bugfix for the patches has been applied on top. - CVE-2017-5754: The IBM Z architecture is not affected by the 'Meltdown' attack. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 106185
    published 2018-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106185
    title SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0131-1) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0678-1.NASL
    description This update for xen fixes several issues. These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - Added missing intermediate preemption checks for guest requesting removal of memory. This allowed malicious guest administrator to cause denial of service due to the high cost of this operation (bsc#1080635). - Because of XEN not returning the proper error messages when transitioning grant tables from v2 to v1 a malicious guest was able to cause DoS or potentially allowed for privilege escalation as well as information leaks (bsc#1080662). - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS (bsc#1024307) - Unprivileged domains could have issued well-timed writes to xenstore which conflict with transactions to stall progress of the control domain or driver domain, possibly leading to DoS (bsc#1030144, XSA-206). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-24
    modified 2018-03-22
    plugin id 108369
    published 2018-03-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108369
    title SUSE SLES11 Security Update : xen (SUSE-SU-2018:0678-1) (Meltdown) (Spectre)
  • NASL family Misc.
    NASL id NVIDIA_UNIX_CVE_2017_5753.NASL
    description The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities.
    last seen 2018-01-19
    modified 2018-01-18
    plugin id 105776
    published 2018-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105776
    title NVIDIA Linux GPU Display Driver 384.x < 384.111 / 390.x < 390.12 Multiple Vulnerabilities (Meltdown)(Spectre)
  • NASL family AIX Local Security Checks
    NASL id AIX_IJ03029.NASL
    description http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754
    last seen 2018-03-03
    modified 2018-03-01
    plugin id 106310
    published 2018-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106310
    title AIX 5.3 TL 12 : spectre_meltdown (IJ03029) (Meltdown) (Spectre)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3521-1.NASL
    description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations to address the issue, along with compatibility fixes for the corresponding Linux kernel updates. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-02-01
    modified 2018-01-31
    plugin id 105723
    published 2018-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105723
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : nvidia-graphics-drivers-384 vulnerability (USN-3521-1) (Spectre)
  • NASL family Misc.
    NASL id VMWARE_VCENTER_VMSA-2018-0007.NASL
    description The version of VMware vCenter Server installed on the remote host is 6.5.x prior to 6.5u1f. It is, therefore, affected by multiple vulnerabilities. See advisory for details.
    last seen 2018-02-26
    modified 2018-02-26
    plugin id 106950
    published 2018-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106950
    title VMware vCenter Server 6.5.x < 6.5u1f Multiple Vulnerabilities (VMSA-2018-0007) (Spectre-1) (Meltdown)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-956.NASL
    description Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.(CVE-2018-5750) Improper sorting of GIDs in nfsd can lead to incorrect permissions being applied Linux kernel contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the 'rootsquash' options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.(CVE-2018-1000028) Stack-based out-of-bounds read via vmcall instruction Linux kernel compiled with the KVM virtualization (CONFIG_KVM) support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memory bytes.(CVE-2017-17741) The pmd can become dirty without going through a COW cycle A flaw was found in the patches used to fix the 'dirtycow' vulnerability (CVE-2016-5195). An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.(CVE-2017-1000405) Speculative execution bounds-check bypass An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks.(CVE-2017-5753) drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service A flaw was found in the Linux kernel's handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions. (CVE-2018-5344)
    last seen 2018-04-21
    modified 2018-04-19
    plugin id 106933
    published 2018-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106933
    title Amazon Linux AMI : kernel (ALAS-2018-956) (Dirty COW) (Spectre)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-4110.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen 2018-05-18
    modified 2018-05-17
    plugin id 109881
    published 2018-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109881
    title Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2018-4110) (Meltdown) (Spectre)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-0151.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update initial mitigations for IBM Power (PowerPC) and IBM zSeries (S390) architectures are provided. * Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 processors. (CVE-2017-5715, Important) * Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 and PowerPC processors. (CVE-2017-5753, Important) * Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. This fix specifically addresses PowerPC processors. (CVE-2017-5754, Important) Red Hat would like to thank Google Project Zero for reporting CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. This update also fixes the following security issues and bugs : Space precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/articles/ 3327131.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 106353
    published 2018-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106353
    title CentOS 7 : kernel (CESA-2018:0151) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0018.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105561
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105561
    title RHEL 6 : kernel (RHSA-2018:0018) (Meltdown) (Spectre)
  • NASL family Windows
    NASL id NVIDIA_WIN_CVE_2017_5753.NASL
    description The NVIDIA GPU display driver software on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities.
    last seen 2018-01-19
    modified 2018-01-18
    plugin id 105777
    published 2018-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105777
    title NVIDIA Windows GPU Display Driver 384.x / 385.x / 386.x < 386.07 / 390.x < 390.65 Multiple Vulnerabilities (Meltdown)(Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0009.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105525
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105525
    title RHEL 7 : kernel (RHSA-2018:0009) (Meltdown) (Spectre)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_ADV180002_MSSQL.NASL
    description The remote Microsoft SQL Server is missing a security update. It is, therefore, affected by a vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis.
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 105613
    published 2018-01-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105613
    title ADV180002: Microsoft SQL Server January 2018 Security Update (Meltdown) (Spectre)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1CE95BC7327811E8B52700012E582166.NASL
    description The WebKit team reports many vulnerabilities. Please reference the CVE/URL list for details.
    last seen 2018-04-02
    modified 2018-04-02
    plugin id 108703
    published 2018-03-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108703
    title FreeBSD : webkit2-gtk3 -- multiple vulnerabilities (1ce95bc7-3278-11e8-b527-00012e582166) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0601-1.NASL
    description This update for xen fixes several issues. These security issues were fixed : - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Prevent information leaks via side effects of speculative execution, aka 'Spectre' and 'Meltdown' attacks (bsc#1074562, bsc#1068032) - CVE-2018-5683: The vga_draw_text function allowed local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation (bsc#1076116). - CVE-2017-18030: The cirrus_invalidate_region function allowed local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch (bsc#1076180). - CVE-2017-15595: x86 PV guest OS users were able to cause a DoS (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking (bsc#1061081) - CVE-2017-17566: Prevent PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page (bsc#1070158). - CVE-2017-17563: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overflow checking in shadow mode (bsc#1070159). - CVE-2017-17564: Prevent guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode (bsc#1070160). - CVE-2017-17565: Prevent PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion related to M2P (bsc#1070163). - Added missing intermediate preemption checks for guest requesting removal of memory. This allowed malicious guest administrator to cause denial of service due to the high cost of this operation (bsc#1080635). - Because of XEN not returning the proper error messages when transitioning grant tables from v2 to v1 a malicious guest was able to cause DoS or potentially allowed for privilege escalation as well as information leaks (bsc#1080662). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-03-09
    modified 2018-03-06
    plugin id 107140
    published 2018-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107140
    title SUSE SLES12 Security Update : xen (SUSE-SU-2018:0601-1) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0022.NASL
    description An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105563
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105563
    title RHEL 6 : kernel (RHSA-2018:0022) (Meltdown) (Spectre)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0047.NASL
    description An update for redhat-virtualization-host is now available for RHEV 4.X, RHEV-H, and Agents for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Security Fix(es) : An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. Red Hat would like to thank Google Project Zero for reporting these issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105678
    published 2018-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105678
    title RHEL 7 : redhat-virtualization-host (RHSA-2018:0047) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0016.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - x86: Add another set of MSR accessor functions (Borislav Petkov) [Orabug: 27444923] (CVE-2017-5753) - userns: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - udf: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - fs: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - p54: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27444923] (CVE-2017-5753) - x86/rsb: add comment specifying why we skip STUFF_RSB (Ankur Arora) [Orabug: 27451658] (CVE-2017-5715) - x86/rsb: make STUFF_RSB jmp labels more robust (Ankur Arora) [Orabug: 27451658] (CVE-2017-5715) - x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk) (CVE-2017-5715) - x86/spectre: Drop the warning about ibrs being obsolete. (Konrad Rzeszutek Wilk) (CVE-2017-5715) - Add set_ibrs_disabled and set_ibpb_disabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - x86/spec: Don't print the Missing arguments for option spectre_v2 (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - x86/boot: Add early cmdline parsing for options with arguments (Tom Lendacky) [Orabug: 27376697] (CVE-2017-5715) - x86, boot: Carve out early cmdline parsing function (Borislav Petkov) [Orabug: 27376697] - x86: Add command-line options 'spectre_v2' and 'nospectre_v2' (Kanth Ghatraju) [Orabug: 27376697] (CVE-2017-5715) - x86: Fix kABI build breakage (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - x86: Use PRED_CMD MSR when ibpb is enabled (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - x86/mm: Set IBPB upon context switch (Brian Maly) [Orabug: 27376697] (CVE-2017-5715) - x86: Display correct settings for the SPECTRE_V[12] bug (Kanth Ghatraju) [Orabug: 27376697] (CVE-2017-5715) (CVE-2017-5753) - x86/cpu: Implement CPU vulnerabilites sysfs functions (Thomas Gleixner) [Orabug: 27376697] (CVE-2017-5715) (CVE-2017-5753) - x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27376697] (CVE-2017-5715) - x86/spec_ctrl: Disable if running as Xen PV guest (Konrad Rzeszutek Wilk) [Orabug: 27376697] (CVE-2017-5715) - sysfs/cpu: Add vulnerability folder (Thomas Gleixner) [Orabug: 27376697] (CVE-2017-5715) (CVE-2017-5754) - x86, cpu: Expand cpufeature facility to include cpu bugs (Borislav Petkov) [Orabug: 27376697] (CVE-2017-5715) - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (Kanth Ghatraju) [Orabug: 27376697] (CVE-2017-5715) - x86/cpufeatures: Add X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27376697] (CVE-2017-5754) - x86/entry: STUFF_RSB only after switching to kernel CR3 (Ankur Arora) [Orabug: 27376697] (CVE-2017-5715) - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27376697] (CVE-2017-5715) - x86: Use IBRS for firmware update path (David Woodhouse) [Orabug: 27376697] (CVE-2017-5715) - x86/microcode: Recheck IBRS features on microcode reload (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/enter: MACROS to set/clear IBRS (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/feature: Detect the x86 IBRS feature to control Speculation (Tim Chen) [Orabug: 27376697] (CVE-2017-5715) - x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27333764] (CVE-2017-5754) - PTI: unbreak EFI old_memmap (Jiri Kosina) [Orabug: 27333764] [Orabug: 27333760] (CVE-2017-5754) (CVE-2017-5754) - kaiser: Set _PAGE_NX only if supported (Lepton Wu) [Orabug: 27333764] (CVE-2017-5754) - kaiser: rename X86_FEATURE_KAISER to X86_FEATURE_PTI (Mike Kravetz) [Orabug: 27333764] (CVE-2017-5754) - KPTI: Rename to PAGE_TABLE_ISOLATION (Kees Cook) [Orabug: 27333764] (CVE-2017-5754) - x86/kaiser: Check boottime cmdline params (Mike Kravetz) [Orabug: 27333764] (CVE-2017-5754) - kaiser: x86: Fix NMI handling (Jiri Kosina) [Orabug: 27333764] (CVE-2017-5754) - kaiser: move paravirt clock vsyscall mapping out of kaiser_init (Mike Kravetz) [Orabug: 27333764] (CVE-2017-5754) - kaiser: disable if xen PARAVIRT (Mike Kravetz) [Orabug: 27333764] (CVE-2017-5754) - x86/kaiser: Reenable PARAVIRT (Borislav Petkov) [Orabug: 27333764] (CVE-2017-5754) - kaiser: kaiser_flush_tlb_on_return_to_user check PCID (Hugh Dickins) [Orabug: 27333764] (CVE-2017-5754) - kaiser: asm/tlbflush.h handle noPGE at lower level (Hugh Dickins) [Orabug: 27333764] (CVE-2017-5754) - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush (Hugh Dickins) [Orabug: 27333764] (CVE-2017-5754) - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling (Borislav Petkov) [Orabug: 27333764] (CVE-2017-5754) - kaiser: add 'nokaiser' boot option, using ALTERNATIVE (Hugh Dickins) [Orabug: 27333764] (CVE-2017-5754) - x86/alternatives: add asm ALTERNATIVE macro (Mike Kravetz) [Orabug: 27333764] (CVE-2017-5754) - kaiser: alloc_ldt_struct use get_zeroed_page (Hugh Dickins) [Orabug: 27333764] (CVE-2017-5754) - x86: kvmclock: Disable use from vDSO if KPTI is enabled (Ben Hutchings) [Orabug: 27333764] (CVE-2017-5754) - kaiser: Fix build with CONFIG_FUNCTION_GRAPH_TRACER (Kees Cook) [Orabug: 27333764] (CVE-2017-5754) - x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) [Orabug: 27333764] (CVE-2017-5754) - KAISER: Kernel Address Isolation (Richard Fellner) [Orabug: 27333764] (CVE-2017-5754) - kprobes: Prohibit probing on .entry.text code (Masami Hiramatsu) [Orabug: 27333764] (CVE-2017-5754) - x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Enable CR4.PCIDE on supported systems (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Disable PCID on 32-bit kernels (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Fix flush_tlb_page on Xen (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Disable preemption during CR3 read+write (Sebastian Andrzej Siewior) [Orabug: 27333764] (CVE-2017-5754) - sched/core: Idle_task_exit shouldn't use switch_mm_irqs_off (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm, sched/core: Turn off IRQs in switch_mm (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm, sched/core: Uninline switch_mm (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - sched/core: Add switch_mm_irqs_off and use it in the scheduler (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - mm/mmu_context, sched/core: Fix mmu_context.h assumption (Ingo Molnar) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Fix INVPCID asm constraint (Borislav Petkov) [Orabug: 27333764] (CVE-2017-5754) - x86/mm: Add INVPCID helpers (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86: Clean up cr4 manipulation (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) - x86/paravirt: Don't patch flush_tlb_single (Thomas Gleixner) [Orabug: 27333764] (CVE-2017-5754) - x86/ldt: Make modify_ldt synchronous (Andy Lutomirski) [Orabug: 27333764] (CVE-2017-5754) (CVE-2015-5157)
    last seen 2018-02-04
    modified 2018-02-02
    plugin id 106524
    published 2018-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106524
    title OracleVM 3.3 : Unbreakable / etc (OVMSA-2018-0016) (Meltdown) (Spectre)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0909-1.NASL
    description This update for xen fixes the following issues: Update to Xen 4.7.5 bug fix only release (bsc#1027519) Security issues fixed : - CVE-2018-7540: Fixed DoS via non-preemptable L3/L4 pagetable freeing (XSA-252) (bsc#1080635) - CVE-2018-7541: A grant table v2 -> v1 transition may crash Xen (XSA-255) (bsc#1080662) - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 Fixed information leaks via side effects of speculative execution (XSA-254). Includes Spectre v2 mitigation. (bsc#1074562) - Preserve xen-syms from xen-dbg.gz to allow processing vmcores with crash(1) (bsc#1087251) - Xen HVM: Fixed unchecked MSR access error (bsc#1072834) - Add script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU They are triggered via xl vcpu-set domU N (fate#324965) - Make sure tools and tools-domU require libs from the very same build Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-04-15
    modified 2018-04-13
    plugin id 109001
    published 2018-04-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109001
    title SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2018:0909-1) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0035.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0035 for details.
    last seen 2018-04-26
    modified 2018-04-25
    plugin id 109158
    published 2018-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109158
    title OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0035) (Dirty COW) (Meltdown) (Spectre)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0020.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=9ccc143584e12027a8db854d19ce8a120d22cfac - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - gnttab: don't blindly free status pages upon version change (Andrew Cooper)  [Orabug: 27614581]  (CVE-2018-7541) - memory: don't implicitly unpin for decrease-reservation (Andrew Cooper)  [Orabug: 27614605]  (CVE-2018-7540) - xend: allow setting topology if smt is off in bios (Elena Ufimtseva)  - x86/svm: clear CPUID IBPB when feature is not supported (Elena Ufimtseva)  [Orabug: 27416699] - x86/domain: Move hvm_vcpu_initialize before cpuid_policy_changed (Elena Ufimtseva)  [Orabug: 27416699] - x86, amd_ucode: support multiple container files appended together (Aravind Gopalakrishnan)  [Orabug: 27416699] - x86/intel: change default governor to performance (Joao Martins) - x86/cpuidle: Disable deep C-states due to erratum AAJ72 (Joao Martins)  [Orabug: 27614625] - Revert 'set max cstate to 1' (Joao Martins)  [Orabug: 27614625] - x86/cpuidle: add new CPU families (Jan Beulich)  [Orabug: 27614625] - x86/Intel: Broadwell doesn't have PKG_C[8,9,10]_RESIDENCY MSRs (Jan Beulich)  [Orabug: 27614625] - x86: support newer Intel CPU models (Jan Beulich)  [Orabug: 27614625] - mwait-idle: add KBL support (Len Brown)  [Orabug: 27614625] - mwait-idle: add SKX support (Len Brown)  [Orabug: 27614625] - mwait_idle: Skylake Client Support (Len Brown)  [Orabug: 27614625] - x86: support newer Intel CPU models (Jan Beulich)  [Orabug: 27614625] - x86/idle: update to include further package/core residency MSRs (Jan Beulich)  [Orabug: 27614625] - mwait-idle: support additional Broadwell model (Len Brown) [Orabug: 27614625] - x86/mwait-idle: Broadwell support (Len Brown)  [Orabug: 27614625] - x86/mwait-idle: disable Baytrail Core and Module C6 auto-demotion (Len Brown)  [Orabug: 27614625] - mwait-idle: add CPU model 54 (Atom N2000 series) (Jan Kiszka) [Orabug: 27614625] - mwait-idle: support Bay Trail (Len Brown)  [Orabug: 27614625] - mwait-idle: allow sparse sub-state numbering, for Bay Trail (Len Brown)  [Orabug: 27614625] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=c837c35e1c04791a50f930926ba815ca5b4d3661 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xend: restore smt parameter on guest reboot (Elena Ufimtseva) [Orabug: 27574191] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=f36f7903ae0886ab4ef7e3e01c83c9dba819537b - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - x86/spec_ctrl: Fix several bugs in SPEC_CTRL_ENTRY_FROM_INTR_IST (Andrew Cooper)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86: allow easier disabling of BTI mitigations (Zhenzhong Duan) [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86/boot: Make alternative patching NMI-safe (Andrew Cooper) [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - xen/cmdline: Fix parse_boolean for unadorned values (Andrew Cooper)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Optimize the context switch code a bit (Zhenzhong Duan)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Update init_speculation_mitigations to upstream's (Zhenzhong Duan)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - x86/entry: Avoid using alternatives in NMI/#MC paths (Andrew Cooper)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - Update RSB related implementation to upstream ones (Zhenzhong Duan)  [Orabug: 27553369]  (CVE-2017-5753) (CVE-2017-5715) (CVE-2017-5754) - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=bdecffda647e17f8aaeb4057bd1064236075bc9c - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xend: if secure boot is enabled don't write pci config space (Elena Ufimtseva)  [Orabug: 27533309] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=46aa4f995b266e9dc0bce98b448423c5fdc79fde - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - hvmloader: Correct nr_vnodes when init_vnuma_info fails (Annie Li)  - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=1fb819ca1b801af1f59983f34776501336a57979 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - Fail migration if destination does not allow pv guest running (Annie Li)  [Orabug: 27465310] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=dfc241a5b6a952bde385b1d68ef42acf8f80302c - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - x86: Expose CPUID.7, EDX.26->27 and CPUID.0x80000008, EBX.12 (redux) (Konrad Rzeszutek Wilk)  [Orabug: 27445667] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=d5afa57c42732dc35a572582099c67ee3c397434 - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - Enable creating pv guest on OVM3.4.4 by default (Annie Li) [Orabug: 27424482] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=619dd3aa6aac97dbc9f23fdae3d6fd6dfab8a0da - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xen/x86: Make sure identify_cpu is called with traps enabled (Joao Martins)  [Orabug: 27393237] - xend: disallow pv guests to run (Joao Martins)  [Orabug: 27370330] - hvmloader, x86/hvm, domctl: enumerate apicid based on vcpu_to_vnode (Joao Martins)  [Orabug: 27119689] - xend: conditionally use dom0 vcpus for vnuma auto (Joao Martins) - x86/Spectre: Set thunk to THUNK_NONE if compiler support is not available (Boris Ostrovsky)  [Orabug: 27375704] - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=1d2270f50ef2b1b22b8f6ee7a9b571ea96f7f37b - BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff - BUILDINFO: QEMU traditional commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba - BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e - BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee - xen: No dependencies on dracut and microcode_ctl RPMs (Boris Ostrovsky)  [Orabug: 27409734]
    last seen 2018-03-24
    modified 2018-03-22
    plugin id 107129
    published 2018-03-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107129
    title OracleVM 3.4 : xen (OVMSA-2018-0020) (Meltdown) (Spectre)
  • NASL family Windows
    NASL id GOOGLE_CHROME_64_0_3282_119.NASL
    description The version of Google Chrome installed on the remote Windows host is prior to 64.0.3282.119. It is, therefore, affected by multiple security vulnerabilities as noted in Chrome stable channel update release notes for January 24th, 2018. Please refer to the release notes for additional information. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
    last seen 2018-04-15
    modified 2018-04-13
    plugin id 106485
    published 2018-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106485
    title Google Chrome < 64.0.3282.119 Multiple Vulnerabilities (Spectre)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS18_JAN_4056888.NASL
    description The remote Windows host is missing security update 4056888 or 4075200. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis. (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-0744) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0758, CVE-2018-0769, CVE-2018-0770, CVE-2018-0776, CVE-2018-0777, CVE-2018-0781) - An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. (CVE-2018-0746, CVE-2018-0747) - An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. (CVE-2018-0803) - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2018-0754) - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0762, CVE-2018-0772) - An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0766) - An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752) - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0767, CVE-2018-0780) - An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certain security checks in the operating system. (CVE-2018-0749) - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles objects in memory. (CVE-2018-0753)
    last seen 2018-02-17
    modified 2018-02-15
    plugin id 105547
    published 2018-01-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105547
    title KB4056888: Windows 10 Version 1511 January 2018 Security Update (Meltdown)(Spectre)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-3.NASL
    description The openSUSE Leap 42.2 kernel was updated to 4.4.104 to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory (bnc#1068032). - CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use attacker controllable speculative execution over code patterns in the Linux Kernel to leak content from otherwise not readable memory in the same address space, allowing retrieval of passwords, cryptographic keys and other secrets. This problem is mitigated by adding speculative fencing on affected code paths throughout the Linux kernel. - CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern CPUs featuring branch prediction could use mispredicted branches to speculatively execute code patterns that in turn could be made to leak other non-readable content in the same address space, an attack similar to CVE-2017-5753. This problem is mitigated by disabling predictive branches, depending on CPU architecture either by firmware updates and/or fixes in the user-kernel privilege boundaries. Please also check with your CPU / Hardware vendor on updated firmware or BIOS images regarding this issue. As this feature can have a performance impact, it can be disabled using the 'nospec' kernel commandline option. - CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with modern CPUs featuring deep instruction pipelining could use code patterns in userspace to speculative executive code that would read otherwise read protected memory, an attack similar to CVE-2017-5753. This problem is mitigated by unmapping the Linux Kernel from the user address space during user code execution, following a approach called 'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation' and 'PTI' / 'Page Table Isolation'. Note that this is only done on affected platforms. This feature can be enabled / disabled by the 'pti=[on|off|auto]' or 'nopti' commandline options. The following security bugs were fixed : - CVE-2017-17806: The HMAC implementation (crypto/hmac.c) in the Linux kernel did not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack-based buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization (bnc#1073874). - CVE-2017-17805: The Salsa20 encryption algorithm in the Linux kernel did not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable (bnc#1073792). The following non-security bugs were fixed : - Add undefine _unique_build_ids (bsc#964063) - alsa: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds (bsc#1031717). - alsa: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bsc#1031717). - alsa: hda - Add mute led support for HP EliteBook 840 G3 (bsc#1031717). - alsa: hda - Add mute led support for HP ProBook 440 G4 (bsc#1031717). - alsa: hda - add support for docking station for HP 820 G2 (bsc#1031717). - alsa: hda - add support for docking station for HP 840 G3 (bsc#1031717). - alsa: hda - change the location for one mic on a Lenovo machine (bsc#1031717). - alsa: hda: Drop useless WARN_ON() (bsc#1031717). - alsa: hda - Fix click noises on Samsung Ativ Book 8 (bsc#1031717). - alsa: hda - fix headset mic detection issue on a Dell machine (bsc#1031717). - alsa: hda - fix headset mic problem for Dell machines with alc274 (bsc#1031717). - alsa: hda - Fix headset microphone detection for ASUS N551 and N751 (bsc#1031717). - alsa: hda - Fix mic regression by ASRock mobo fixup (bsc#1031717). - alsa: hda - Fix missing COEF init for ALC225/295/299 (bsc#1031717). - alsa: hda - Fix surround output pins for ASRock B150M mobo (bsc#1031717). - alsa: hda - On-board speaker fixup on ACER Veriton (bsc#1031717). - alsa: hda/realtek - Add ALC256 HP depop function (bsc#1031717). - alsa: hda/realtek - Add default procedure for suspend and resume state (bsc#1031717). - alsa: hda/realtek - Add support for Acer Aspire E5-475 headset mic (bsc#1031717). - alsa: hda/realtek - Add support for ALC1220 (bsc#1031717). - alsa: hda/realtek - Add support for headset MIC for ALC622 (bsc#1031717). - alsa: hda/realtek - ALC891 headset mode for Dell (bsc#1031717). - alsa: hda/realtek - change the location for one of two front microphones (bsc#1031717). - alsa: hda/realtek - Enable jack detection function for Intel ALC700 (bsc#1031717). - alsa: hda/realtek - Fix ALC275 no sound issue (bsc#1031717). - alsa: hda/realtek - Fix Dell AIO LineOut issue (bsc#1031717). - alsa: hda/realtek - Fix headset and mic on several Asus laptops with ALC256 (bsc#1031717). - alsa: hda/realtek - Fix headset mic and speaker on Asus X441SA/X441UV (bsc#1031717). - alsa: hda/realtek - fix headset mic detection for MSI MS-B120 (bsc#1031717). - alsa: hda/realtek - Fix headset mic on several Asus laptops with ALC255 (bsc#1031717). - alsa: hda/realtek - Fix pincfg for Dell XPS 13 9370 (bsc#1031717). - alsa: hda/realtek - Fix speaker support for Asus AiO ZN270IE (bsc#1031717). - alsa: hda/realtek - Fix typo of pincfg for Dell quirk (bsc#1031717). - alsa: hda/realtek - New codec device ID for ALC1220 (bsc#1031717). - alsa: hda/realtek - New codecs support for ALC215/ALC285/ALC289 (bsc#1031717). - alsa: hda/realtek - New codec support for ALC257 (bsc#1031717). - alsa: hda/realtek - New codec support of ALC1220 (bsc#1031717). - alsa: hda/realtek - No loopback on ALC225/ALC295 codec (bsc#1031717). - alsa: hda/realtek - Remove ALC285 device ID (bsc#1031717). - alsa: hda/realtek - Support Dell headset mode for ALC3271 (bsc#1031717). - alsa: hda/realtek - Support headset mode for ALC234/ALC274/ALC294 (bsc#1031717). - alsa: hda/realtek - There is no loopback mixer in the ALC234/274/294 (bsc#1031717). - alsa: hda/realtek - Update headset mode for ALC225 (bsc#1031717). - alsa: hda/realtek - Update headset mode for ALC298 (bsc#1031717). - alsa: hda - Skip Realtek SKU check for Lenovo machines (bsc#1031717). - alsa: pcm: prevent UAF in snd_pcm_info (bsc#1031717). - alsa: rawmidi: Avoid racy info ioctl via ctl device (bsc#1031717). - alsa: seq: Remove spurious WARN_ON() at timer check (bsc#1031717). - alsa: usb-audio: Add check return value for usb_string() (bsc#1031717). - alsa: usb-audio: Fix out-of-bound error (bsc#1031717). - alsa: usb-audio: Fix the missing ctl name suffix at parsing SU (bsc#1031717). - Always sign validate_negotiate_info reqs (bsc#1071009, fate#324404). - apei / ERST: Fix missing error handling in erst_reader() (bsc#1072556). - arm: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio (bnc#1012382). - arm: Hide finish_arch_post_lock_switch() from modules (bsc#1068032). - asoc: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bsc#1031717). - asoc: twl4030: fix child-node lookup (bsc#1031717). - asoc: wm_adsp: Fix validation of firmware and coeff lengths (bsc#1031717). - autofs: fix careless error in recent commit (bnc#1012382 bsc#1065180). - bcache: Fix building error on MIPS (bnc#1012382). - bpf: prevent speculative execution in eBPF interpreter (bnc#1068032). - btrfs: clear space cache inode generation always (bnc#1012382). - carl9170: prevent speculative execution (bnc#1068032). - Check cmdline_find_option() retval properly and use boot_cpu_has(). - cw1200: prevent speculative execution (bnc#1068032). - drm/radeon: fix atombios on big endian (bnc#1012382). - e1000e: Avoid receiver overrun interrupt bursts (bsc#969470 FATE#319819). - e1000e: Fix e1000_check_for_copper_link_ich8lan return value (bsc#1073809). - eeprom: at24: check at24_read/write arguments (bnc#1012382). - Fix leak of validate_negotiate_info resp (bsc#1071009, fate#324404). - Fix NULL pointer deref in SMB2_tcon() (bsc#1071009, fate#324404). - Fix validate_negotiate_info uninitialized mem (bsc#1071009, fate#324404). - fs: prevent speculative execution (bnc#1068032). - genwqe: Take R/W permissions into account when dealing with memory pages (bsc#1073090). - ibmvnic: Include header descriptor support for ARP packets (bsc#1073912). - ibmvnic: Increase maximum number of RX/TX queues (bsc#1073912). - ibmvnic: Rename IBMVNIC_MAX_TX_QUEUES to IBMVNIC_MAX_QUEUES (bsc#1073912). - ipv6: prevent speculative execution (bnc#1068032). - kabi fix for new hash_cred function (bsc#1012917). - kaiser: add 'nokaiser' boot option, using ALTERNATIVE. - kaiser: align addition to x86/mm/Makefile. - kaiser: asm/tlbflush.h handle noPGE at lower level. - kaiser: cleanups while trying for gold link. - kaiser: Disable on Xen PV. - kaiser: do not set _PAGE_NX on pgd_none. - kaiser: drop is_atomic arg to kaiser_pagetable_walk(). - kaiser: enhanced by kernel and user PCIDs. - kaiser: ENOMEM if kaiser_pagetable_walk() NULL. - kaiser: fix build and FIXME in alloc_ldt_struct(). - kaiser: fix perf crashes. - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER. - kaiser: fix unlikely error in alloc_ldt_struct(). - kaiser: KAISER depends on SMP. - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID. - kaiser: kaiser_remove_mapping() move along the pgd. - kaiser: Kernel Address Isolation. - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush. - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user. - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET. - kaiser: paranoid_entry pass cr3 need to paranoid_exit. - kaiser: PCID 0 for kernel and 128 for user. - kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls. - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE. - kaiser: tidied up asm/kaiser.h somewhat. - kaiser: tidied up kaiser_add/remove_mapping slightly. - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush. - kaiser: vmstat show NR_KAISERTABLE as nr_overhead. - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user. - kvm: SVM: Do not intercept new speculative control MSRs (bsc#1068032). - kvm: x86: Add speculative control CPUID support for guests (bsc#1068032). - kvm: x86: Exit to user-mode on #UD intercept when emulator requires (bnc#1012382). - kvm: x86: inject exceptions produced by x86_decode_insn (bnc#1012382). - kvm: x86: pvclock: Handle first-time write to pvclock-page contains random junk (bnc#1012382). - locking/barriers: introduce new memory barrier gmb() (bnc#1068032). - mmc: core: Do not leave the block driver in a suspended state (bnc#1012382). - mm/mmu_context, sched/core: Fix mmu_context.h assumption (bsc#1068032). - mtd: nand: Fix writing mtdoops to nand flash (bnc#1012382). - netlink: add a start callback for starting a netlink dump (bnc#1012382). - net: mpls: prevent speculative execution (bnc#1068032). - nfsd: Fix another OPEN stateid race (bnc#1012382). - nfsd: Fix stateid races between OPEN and CLOSE (bnc#1012382). - nfsd: Make init_open_stateid() a bit more whole (bnc#1012382). - nfs: improve shinking of access cache (bsc#1012917). - nfs: revalidate '.' etc correctly on 'open' (bsc#1068951). - nfs: revalidate '.' etc correctly on 'open' (git-fixes). Fix References tag. - nfsv4: always set NFS_LOCK_LOST when a lock is lost (bsc#1068951). - p54: prevent speculative execution (bnc#1068032). - powerpc/barrier: add gmb. - powerpc: Secure memory rfi flush (bsc#1068032). - ptrace: Add a new thread access check (bsc#1068032). - qla2xxx: prevent speculative execution (bnc#1068032). - Redo encryption backport to fix pkt signing (bsc#1071009, fate#324404). - Revert 'drm/radeon: dont switch vt on suspend' (bnc#1012382). - Revert 'ipsec: Fix aborted xfrm policy dump crash' (kabi). - Revert 'netlink: add a start callback for starting a netlink dump' (kabi). - s390: add ppa to system call and program check path (bsc#1068032). - s390: introduce CPU alternatives. - s390: introduce CPU alternatives (bsc#1068032). - s390/spinlock: add gmb memory barrier - s390/spinlock: add gmb memory barrier (bsc#1068032). - s390/spinlock: add ppa to system call path Signoff the s390 patches. - sched/core: Add switch_mm_irqs_off() and use it in the scheduler (bsc#1068032). - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off() (bsc#1068032). - sched/rt: Do not pull from current CPU if only one CPU to pull (bnc#1022476). - scsi_dh_alua: skip RTPG for devices only supporting active/optimized (bsc#1064311). - scsi_scan: Exit loop if TUR to LUN0 fails with 0x05/0x25 (bsc#1063043). This is specific to FUJITSU ETERNUS_DX* targets. They can return 'Illegal Request - Logical unit not supported' and processing should leave the timeout loop in this case. - scsi: ses: check return code from ses_recv_diag() (bsc#1039616). - scsi: ses: Fixup error message 'failed to get diagnostic page 0xffffffea' (bsc#1039616). - scsi: ses: Fix wrong page error (bsc#1039616). - scsi: ses: make page2 support optional (bsc#1039616). - smb2: Fix share type handling (bnc#1074392). - sunrpc: add auth_unix hash_cred() function (bsc#1012917). - sunrpc: add generic_auth hash_cred() function (bsc#1012917). - sunrpc: add hash_cred() function to rpc_authops struct (bsc#1012917). - sunrpc: add RPCSEC_GSS hash_cred() function (bsc#1012917). - sunrpc: replace generic auth_cred hash with auth-specific function (bsc#1012917). - sunrpc: use supplimental groups in auth hash (bsc#1012917). - Thermal/int340x: prevent speculative execution (bnc#1068032). - udf: prevent speculative execution (bnc#1068032). - usb: host: fix incorrect updating of offset (bsc#1047487). - userns: prevent speculative execution (bnc#1068032). - uvcvideo: prevent speculative execution (bnc#1068032). - vxlan: correctly handle ipv6.disable module parameter (bsc#1072962). - x86/boot: Add early cmdline parsing for options with arguments. - x86/CPU/AMD: Add speculative control support for AMD (bsc#1068032). - x86/CPU/AMD: Make the LFENCE instruction serialized (bsc#1068032). - x86/CPU/AMD: Remove now unused definition of MFENCE_RDTSC feature (bsc#1068032). - x86/CPU: Check speculation control CPUID bit (bsc#1068032). - x86/efi-bgrt: Fix kernel panic when mapping BGRT data (bnc#1012382). - x86/efi-bgrt: Replace early_memremap() with memremap() (bnc#1012382). - x86/efi: Build our own page table structures (bnc#1012382). - x86/efi: Hoist page table switching code into efi_call_virt() (bnc#1012382). - x86/enter: Add macros to set/clear IBRS and set IBPB (bsc#1068032). - x86/entry: Add a function to overwrite the RSB (bsc#1068032). - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bsc#1068032). - x86/entry: Use IBRS on entry to kernel space (bsc#1068032). - x86/feature: Enable the x86 feature to control Speculation (bsc#1068032). - x86/idle: Disable IBRS when offlining a CPU and re-enable on wakeup (bsc#1068032). - x86/idle: Toggle IBRS when going idle (bsc#1068032). - x86/kaiser: Check boottime cmdline params. - x86/kaiser: Move feature detection up (bsc#1068032). - x86/kaiser: Reenable PARAVIRT. - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling. - x86/kvm: Add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bsc#1068032). - x86/kvm: Flush IBP when switching VMs (bsc#1068032). - x86/kvm: Pad RSB on VM transition (bsc#1068032). - x86/kvm: Toggle IBRS on VM entry and exit (bsc#1068032). - x86/mm/64: Fix reboot interaction with CR4.PCIDE (bsc#1068032). - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (bsc#1068032). - x86/mm: Add INVPCID helpers (bsc#1068032). - x86/mm: Add the 'nopcid' boot option to turn off PCID (bsc#1068032). - x86/mm: Build arch/x86/mm/tlb.c even on !SMP (bsc#1068032). - x86/mm: Enable CR4.PCIDE on supported systems (bsc#1068032). - x86/mm: Fix INVPCID asm constraint (bsc#1068032). - x86/mm: If INVPCID is available, use it to flush global mappings (bsc#1068032). - x86/mm: Make flush_tlb_mm_range() more predictable (bsc#1068032). - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bsc#1068032). - x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (bnc#1012382). - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range() (bsc#1068032). - x86/mm: Remove flush_tlb() and flush_tlb_current_task() (bsc#1068032). - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP code (bsc#1068032). - x86/mm, sched/core: Turn off IRQs in switch_mm() (bsc#1068032). - x86/mm, sched/core: Uninline switch_mm() (bsc#1068032). - x86/mm: Set IBPB upon context switch (bsc#1068032). - x86/MSR: Move native_*msr(.. u64) to msr.h (bsc#1068032). - x86/paravirt: Dont patch flush_tlb_single (bsc#1068032). - x86/spec: Add IBRS control functions (bsc#1068032). - x86/spec: Add 'nospec' chicken bit (bsc#1068032). - x86/spec: Check CPUID direclty post microcode reload to support IBPB feature (bsc#1068032). - x86/spec_ctrl: Add an Indirect Branch Predictor barrier (bsc#1068032). - x86/spec_ctrl: Check whether IBPB is enabled before using it (bsc#1068032). - x86/spec_ctrl: Check whether IBRS is enabled before using it (bsc#1068032). - x86/svm: Add code to clear registers on VM exit (bsc#1068032). - x86/svm: Clobber the RSB on VM exit (bsc#1068032). - x86/svm: Set IBPB when running a different VCPU (bsc#1068032). - x86/svm: Set IBRS value on VM entry and exit (bsc#1068032).
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 105636
    published 2018-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=105636
    title openSUSE Security Update : the Linux Kernel (openSUSE-2018-3) (Meltdown) (Spectre)
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS18_JAN_4056891.NASL
    description The remote Windows host is missing security update 4056891 or 4057144. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local user access to disclose information via a side-channel analysis. (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-0744) - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0758, CVE-2018-0769, CVE-2018-0770, CVE-2018-0776, CVE-2018-0777, CVE-2018-0781) - An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. An attacker who successfully exploited the vulnerability could impersonate processes, interject cross-process communication, or interrupt system functionality. (CVE-2018-0748, CVE-2018-0751, CVE-2018-0752) - An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. (CVE-2018-0803) - An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system. (CVE-2018-0754) - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2018-0762, CVE-2018-0772) - An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0766) - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. (CVE-2018-0767, CVE-2018-0780) - An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certain security checks in the operating system. (CVE-2018-0749) - A denial of service vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, the denial of service condition could prevent authorized users from using system resources. The security update addresses the vulnerability by correcting how Windows handles obj