{"vulnerability": "cve-2018-3665", "sightings": [{"uuid": "6a494fd7-b623-4eb5-a7bd-ce789b0ec197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3665", "type": "seen", "source": "https://t.me/ics_cert/14", "content": "\u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc Meltdown \u0648 Spectre\n\u067e\u0633 \u0627\u0632 \u06a9\u0634\u0641 \u0646\u0633\u062e\u0647 \u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc Meltdown \u0648 Spectre\u060c \u0632\u06cc\u0645\u0646\u0633 \u0627\u0637\u0644\u0627\u0639\u06cc\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0628\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0631\u0627\u06cc LazyFP \u0648 Spectre \u06f1,\u06f1 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\u0628\u0631\u062e\u06cc \u062a\u0648\u0644\u06cc\u062f\u06a9\u0646\u0646\u062f\u0647 \u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc (ICS) \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0646\u0642\u0635 \u0647\u0627\u06cc \u067e\u0631\u062f\u0627\u0632\u0646\u062f\u0647 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0647 \u0627\u0646\u062f. \u0632\u06cc\u0645\u0646\u0633 \u06cc\u06a9 \u0627\u0637\u0644\u0627\u0639\u06cc\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0648\u06cc\u0698\u06af\u06cc Speculative \u062f\u0631 \u06f1\u06f1 \u0698\u0627\u0646\u0648\u06cc\u0647 \u0645\u0646\u062a\u0634\u0631 \u0633\u0627\u062e\u062a\u0647 \u0627\u0633\u062a.\n\u062f\u0631 \u0627\u0648\u0627\u062e\u0631 \u0645\u0627\u0647 \u0645\u06cc\u060c \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0627\u0637\u0644\u0627\u0639\u06cc\u0647 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0648\u0632 \u06a9\u0631\u062f \u0648 \u0628\u0647 \u0622\u0646 \u062c\u0632\u0626\u06cc\u0627\u062a\u06cc \u0631\u0627 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0646\u0648\u0639 \u06f3a \u0648 \u0646\u0648\u0639 \u06f4 \u06a9\u0647 \u0628\u0627 \u0646\u0627\u0645 Spectre-NG \u0646\u06cc\u0632 \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc \u0634\u0648\u0646\u062f\u060c \u0627\u0641\u0632\u0648\u062f. \u062f\u0631 \u0631\u0648\u0632 \u067e\u0646\u062c\u0634\u0646\u0628\u0647\u060c \u0632\u06cc\u0645\u0646\u0633 \u0628\u0627\u0631 \u062f\u06cc\u06af\u0631 \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u0631\u0627 \u0628\u0647 \u0622\u0646 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0628\u0627\u0631 \u062a\u0648\u0636\u06cc\u062d\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 LazyLP\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0634\u0627\u0628\u0647 Meltdown \u0628\u0627 \u062f\u0631\u062c\u0647 \u062d\u0633\u0627\u0633\u06cc\u062a \u0645\u062a\u0648\u0633\u0637 \u0648 \u0634\u0646\u0627\u0633\u0647 CVE-\u06f2\u06f0\u06f1\u06f8-\u06f3\u06f6\u06f6\u06f5\u060c \u0648 Spectre \u06f1,\u06f1\u060c \u06a9\u0647 \u062f\u0631 \u0627\u0648\u0627\u06cc\u0644 \u0645\u0627\u0647 \u062c\u0627\u0631\u06cc \u06a9\u0634\u0641 \u0634\u062f \u0648 \u0628\u0627 CVE-\u06f2\u06f0\u06f1\u06f7-\u06f5\u06f7\u06f5\u06f3 \u0634\u0646\u0627\u0633\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u0628\u0647 \u0622\u0646 \u0627\u0636\u0627\u0641\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.\n \u0632\u06cc\u0645\u0646\u0633 \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0646\u0633\u0628\u062a \u0628\u0647 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0648 Firmware\u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 \u0647\u0627 \u0648 \u067e\u0631\u062f\u0627\u0632\u0646\u062f\u0647 \u0647\u0627 \u0622\u06af\u0627\u0647 \u0628\u0627\u0634\u0646\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u060c \u062f\u0627\u0631\u0627\u06cc \u0645\u0634\u06a9\u0644\u0627\u062a\u06cc \u062f\u0631 \u0633\u0627\u0632\u06af\u0627\u0631\u06cc\u060c \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0627\u0634\u0646\u062f.\n\u0646\u0642\u0635 \u0647\u0627\u06cc \u0627\u0648\u0644\u06cc\u0647 Meltdown \u0648 Spectre \u0628\u0631\u062e\u06cc \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0632\u06cc\u0645\u0646\u0633 \u0627\u0632 \u0642\u0628\u06cc\u0644 SIMATIC\u060c RUGGEDCOM\u060c SIMOTION\u060c SINEMA \u0648 SINUMERIK \u0631\u0627 \u062a\u062d\u062a \u062a\u0627\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc\u060c BIOS \u0648 \u0631\u0648\u0634 \u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u06a9\u0627\u0647\u0634 \u0627\u062b\u0631\u0627\u062a\u060c \u0627\u0631\u0627\u0626\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\n\u0645\u0646\u0628\u0639:\nhttps://www.securityweek.com/siemens-informs-customers-new-meltdown-spectre-variants\n    \n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2018-07-21T15:20:15.000000Z"}, {"uuid": "e91e4f97-619c-4352-840d-1baf2469a295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3665", "type": "seen", "source": "https://t.me/QubesOS/212", "content": "QSB #41: Speculative register leakage from lazy FPU context switching (XSA-267)\nhttps://www.qubes-os.org/news/2018/06/13/qsb-41/\n\nDear Qubes Community,\n\nWe have just published Qubes Security Bulletin (QSB) #41: Speculative\nregister leakage from lazy FPU context switching (XSA-267). The text of\nthis QSB is reproduced below. This QSB and its accompanying signatures\nwill always be available in the Qubes Security Pack (qubes-secpack).\n\nView QSB #41 in the qubes-secpack:\n\nhttps://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-041-2018.txt\n\nLearn about the qubes-secpack, including how to obtain, verify, and read\nit:\n\nhttps://www.qubes-os.org/security/pack/\n\nView all past QSBs:\n\nhttps://www.qubes-os.org/security/bulletins/\n\nView XSA-267 in the XSA Tracker:\n\nhttps://www.qubes-os.org/security/xsa/#267\n\n             ---===[ Qubes Security Bulletin #41 ]===---\n\n                             2018-06-13\n\n\n  Speculative register leakage from lazy FPU context switching (XSA-267)\n\nSummary\n========\n\nOn 2018-06-13, the Xen Security Team published Xen Security Advisory\n267 (CVE-2018-3665 / XSA-267) [1] with the following description:\n\n| x86 has a hardware mechanism for lazy FPU context switching.  On a\n| task switch, %cr0.ts (Task Switched) gets set, and the next\n| instruction to touch floating point state raises an #NM (No Math,\n| later known as Device Not Available) exception.\n| \n| Traditionally, FPU state has been large in comparison to available\n| bandwidth (and therefore slow to switch) and not used as frequently as\n| cpu tasks tend to switch.  This mechanism allows the OS to only switch\n| FPU when necessary, which in turn increases performance.\n| \n| Some CPUs however speculate past an #NM exception, allowing register\n| content to be leaked by a side-channel.\n| \n| An attacker can read x87/MMX/SSE/AVX/AVX-512 register state belonging\n| to another vCPU previously scheduled on the same processor.  This can\n| be state belonging a different guest, or state belonging to a\n| different thread inside the same guest.\n\nThis is yet another CPU hardware bug related to speculative execution.\n\nPatching\n=========\n\nTo resolve this issue, the Xen Project has provided patches disabling\nlazy FPU context switching on affected systems.\n\nThe specific packages that resolve the problems discussed in this\nbulletin are as follows:\n\n  For Qubes 3.2:\n  - Xen packages, version 4.6.6-42\n\n  For Qubes 4.0:\n  - Xen packages, version 4.8.3-9\n\nThe packages are to be installed in dom0 via the Qubes VM Manager or via\nthe qubes-dom0-update command as follows:\n\n  For updates from the stable repository (not immediately available):\n  $ sudo qubes-dom0-update\n\n  For updates from the security-testing repository:\n  $ sudo qubes-dom0-update --enablerepo=qubes-dom0-security-testing\n\nA system restart will be required afterwards.\n\nThese packages will migrate from the security-testing repository to the\ncurrent (stable) repository over the next two weeks after being tested\nby the community.\n\nIf you use Anti Evil Maid, you will need to reseal your secret\npassphrase to new PCR values, as PCR18+19 will change due to the new\nXen binaries.\n\nCredits\n========\n\nSee the original Xen Security Advisory.\n\nReferences\n===========\n\n[1] https://xenbits.xen.org/xsa/advisory-267.html\n\n--\nThe Qubes Security Team\nhttps://www.qubes-os.org/security/", "creation_timestamp": "2018-06-14T06:29:23.000000Z"}, {"uuid": "84d8abf4-8a78-4519-b376-9d27b442f702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3665", "type": "seen", "source": "https://t.me/xakep_ru/3836", "content": "\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Intel \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\n\n\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Intel \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0434\u043e\u0431\u043d\u0430\u044f Meltdown \u0438 Spectre. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2018-3665 \u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Lazy FP state restore. \n\nhttps://xakep.ru/2018/06/14/lazy-fp-state-restore/", "creation_timestamp": "2018-06-14T19:35:15.000000Z"}, {"uuid": "e0a35b21-d62d-4263-909a-3c42c6642db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3665", "type": "seen", "source": "https://t.me/SecLabNews/2448", "content": "\u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0441\u0442\u0430\u043b\u0438 \u043f\u0440\u0438\u0432\u044b\u0447\u043d\u044b\u043c \u0434\u0435\u043b\u043e\u043c, \u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043a \u0441\u043f\u0438\u0441\u043a\u0443 \u043f\u0440\u0438\u0431\u0430\u0432\u0438\u043b\u0430\u0441\u044c \u0435\u0449\u0435 \u043e\u0434\u043d\u0430. \u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u00abLazy FP\u00bb (CVE-2018-3665) \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445 Intel, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0432\u0441\u0435 \u043c\u043e\u0434\u0435\u043b\u0438 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0430 Intel Core. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u00abLazy FPU context switching\u00bb \u0438 \u043f\u043e \u0441\u0432\u043e\u0435\u0439 \u0441\u0443\u0442\u0438 \u0431\u043b\u0438\u0437\u043a\u0430 \u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 Spectre 3a (CVE-2018-3640, RSRE - Rogue System Register Read). \u041f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0432 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u043a\u043b\u044e\u0447\u0430 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f.    \n\u041e\u0431\u0437\u043e\u0440 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0437\u0430 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 11 \u043f\u043e 17 \u0438\u044e\u043d\u044f 2018 \u0433\u043e\u0434\u0430", "creation_timestamp": "2018-06-18T10:12:13.000000Z"}]}