[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Information Leak via speculative execution side channel attacks

ID: oval:org.secpod.oval:def:43415Date: (C)2018-01-05   (M)2024-02-19
Class: PATCHFamily: unix




It was discovered that a new class of side channel attacks impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. To address the issue, updates to the Ubuntu kernel and processor microcode will be needed. These updates will be announced in future Ubuntu Security Notices once they are available.

Platform:
Ubuntu 16.04
Ubuntu 14.04
Ubuntu 17.04
Ubuntu 17.10
Product:
qemu
amd64-microcode
intel-microcode
linux-image-gke-4.4
linux-image-generic
linux-image-lowlatency-4.4
linux-image-generic-4.4
linux-image-aws-4.4
linux-image-generic-4.10
linux-image-lowlatency-4.10
linux-image-4.11
linux-image-generic-4.13
linux-image-4.13
linux-image-lowlatency-4.13
linux-image
linux-image-lowlatency
linux-image-4.4
linux-image-kvm-4.4
Reference:
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
CVE-2017-5753
CVE-2017-5754
CVE-2017-5715
CVE    3
CVE-2017-5754
CVE-2017-5715
CVE-2017-5753
CPE    21
cpe:/a:linux:linux_image
cpe:/a:intel-microcode:intel-microcode
cpe:/a:linux:linux_image_aws:4.4
cpe:/a:linux:linux_image_lowlatency:4.10
...
XCCDF    1

© SecPod Technologies