var-201808-0958
Vulnerability from variot
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. (CVE-2018-5390)
Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. (CVE-2018-5391)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: linux-image-3.13.0-155-generic 3.13.0-155.205 linux-image-3.13.0-155-generic-lpae 3.13.0-155.205 linux-image-3.13.0-155-lowlatency 3.13.0-155.205 linux-image-3.13.0-155-powerpc-e500 3.13.0-155.205 linux-image-3.13.0-155-powerpc-e500mc 3.13.0-155.205 linux-image-3.13.0-155-powerpc-smp 3.13.0-155.205 linux-image-3.13.0-155-powerpc64-emb 3.13.0-155.205 linux-image-3.13.0-155-powerpc64-smp 3.13.0-155.205 linux-image-generic 3.13.0.155.165 linux-image-generic-lpae 3.13.0.155.165 linux-image-lowlatency 3.13.0.155.165 linux-image-powerpc-e500 3.13.0.155.165 linux-image-powerpc-e500mc 3.13.0.155.165 linux-image-powerpc-smp 3.13.0.155.165 linux-image-powerpc64-emb 3.13.0.155.165 linux-image-powerpc64-smp 3.13.0.155.165
Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. The microcode updates mentioned there are not yet available in a form distributable by Debian.
For the stable distribution (stretch), these problems have been fixed in version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt14mwACgkQEMKTtsN8 Tjb2LhAAokwmlGxyJPC3EGG9aOLKNv23G9OzLLNRm+cy150WAMgBio+bR2CAgkfX qu/ftFPLeKfIRbo9nLBFHQLMKlmDdFzLeicXe7GtnKcAMkt0Wp+rYIj66TMkjrMg 2kJI68ECc5Rqj3fMZ+dgkxSHzhylUGG70mEIBf2D22Y72kkIfc3EzBuu2wxaaOTP t7Q7JkYDv9WV/6gw8Ok2vIrQcq95jtZgDSL1ZHHg6VTukHnXP2SU1rMfRCguTCtc 5JYAgWJ1GWFWt3d6FQnk7SWwJf3pHEVNg0lGpRJdu4qperQ3EhQNeJlGq8adm/Zf QQUT9T6vsU5cefgelIRSLxFZ9bDobxXXNaox3FqB4tslkJLhTRluCvilJpWuNpH5 7S6xti5neGuHORfIkcS1PmOEx2gDkKWTgotiBx04yU3q+/zr0Ob+K2jxZXe4z2uU sqEq8pdjCnkE03cljPbfPeutyucS3xDFpFVoXlRqgRNMdZ7jzVSP6qayt3iQIa/E djVQ2ptHxux5Zapg5Ngr2ASBdyIw+2GLVUKQCeqM+EjMXjRBaJv8DPxWwO4nkC4d eliy9RxErtQpgHIZKHVmTjoRlh/OH4KAdHZT2Y+Gfv1DVA6TL5cPiQ9e0ZunNNaK vtXyOzjNPVPZa+2MEq9FTFIkDsR8Ncl/JCzp0bx5uVaV/ovX0A8=reP+ -----END PGP SIGNATURE----- . ========================================================================== Kernel Live Patch Security Notice 0044-1 October 05, 2018
linux vulnerability
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |
Summary:
Several security issues were fixed in the kernel.
Note that due to a client issue, this livepatch may report that it failed to load. You can verify that the patch has successfully loaded by looking in /sys/kernel/livepatch for a directory starting with the name "lkp_Ubuntu," followed by your kernel version, and ending with the version number, "44." The next client update should correct this problem. (CVE-2018-3620)
It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. (CVE-2018-15594)
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-6555)
It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash). (CVE-2018-14633)
It was discovered that microprocessors utilizing speculative execution and prediction of return addresses via Return Stack Buffer (RSB) may allow unauthorized memory reads via sidechannel attacks. An attacker could use this to expose sensitive information. (CVE-2018-15572)
Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-17182)
Update instructions:
The problem can be corrected by updating your livepatches to the following versions:
| Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-133.159 | 44.1 | generic, lowlatency | | 4.4.0-133.159~14.04.1 | 44.1 | lowlatency, generic | | 4.4.0-134.160 | 44.1 | generic, lowlatency | | 4.4.0-134.160~14.04.1 | 44.1 | lowlatency, generic | | 4.4.0-135.161~14.04.1 | 44.1 | lowlatency, generic | | 4.15.0-32.35 | 44.1 | lowlatency, generic | | 4.15.0-32.35~16.04.1 | 44.1 | generic, lowlatency | | 4.15.0-33.36 | 44.1 | lowlatency, generic | | 4.15.0-33.36~16.04.1 | 44.1 | lowlatency, generic | | 4.15.0-34.37 | 44.1 | generic, lowlatency | | 4.15.0-34.37~16.04.1 | 44.2 | lowlatency, generic |
References: CVE-2018-3620, CVE-2018-15594, CVE-2018-3646, CVE-2018-6555, CVE-2018-14633, CVE-2018-15572, CVE-2018-17182
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2387-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2387 Issue date: 2018-08-14 CVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)
-
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639)
Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting CVE-2018-3620 and CVE-2018-3646 and Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639.
Bug Fix(es):
-
Previously, configurations with the little-endian variant of IBM Power Systems CPU architectures and Hard Disk Drives (HDD) designed according to Nonvolatile Memory Express (NVMe) open standards, experienced crashes during shutdown or reboot due to race conditions of CPUs. As a consequence, the sysfs pseudo file system threw a stack trace report about an attempt to create a duplicate entry in sysfs. This update modifies the source code so that the irq_dispose_mapping() function is called first and the msi_bitmap_free_hwirqs() function is called afterwards. As a result, the race condition no longer appears in the described scenario. (BZ#1570510)
-
When switching from the indirect branch speculation (IBRS) feature to the retpolines feature, the IBRS state of some CPUs was sometimes not handled correctly. Consequently, some CPUs were left with the IBRS Model-Specific Register (MSR) bit set to 1, which could lead to performance issues. With this update, the underlying source code has been fixed to clear the IBRS MSR bits correctly, thus fixing the bug. (BZ#1586147)
-
During a balloon reset, page pointers were not correctly initialized after unmapping the memory. Consequently, on the VMware ESXi hypervisor with "Fault Tolerance" and "ballooning" enabled, the following messages repeatedly occurred in the kernel log:
[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100() [3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)
With this update, the underlying source code has been fixed to initialize page pointers properly. As a result, the mm/vmalloc.c warnings no longer occur under the described circumstances. (BZ#1595600)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.4):
Source: kernel-3.10.0-693.37.4.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.4):
Source: kernel-3.10.0-693.37.4.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm
ppc64: kernel-3.10.0-693.37.4.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm perf-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le: kernel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm perf-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
s390x: kernel-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm kernel-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-headers-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm perf-3.10.0-693.37.4.el7.s390x.rpm perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm python-perf-3.10.0-693.37.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm
x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.4):
ppc64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm
ppc64le: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/L1TF
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U OOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi dr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX 96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL VNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl SpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN RiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU lIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW iWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji uwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz mMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2 dsE8Ald7hA4=scjp -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 5 ELS) - i386, noarch, s390x, x86_64
-
6.4) - x86_64
-
(CVE-2018-3639)
-
kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201810-06
https://security.gentoo.org/
Severity: Normal Title: Xen: Multiple vulnerabilities Date: October 30, 2018 Bugs: #643350, #655188, #655544, #659442 ID: 201810-06
Synopsis
Multiple vulnerabilities have been found in Xen, the worst of which could cause a Denial of Service condition.
Background
Xen is a bare-metal hypervisor.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-emulation/xen < 4.10.1-r2 >= 4.10.1-r2 2 app-emulation/xen-tools < 4.10.1-r2 >= 4.10.1-r2 ------------------------------------------------------------------- 2 affected packages
Description
Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Xen users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2"
All Xen tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.10.1-r2"
References
[ 1 ] CVE-2017-5715 https://nvd.nist.gov/vuln/detail/CVE-2017-5715 [ 2 ] CVE-2017-5753 https://nvd.nist.gov/vuln/detail/CVE-2017-5753 [ 3 ] CVE-2017-5754 https://nvd.nist.gov/vuln/detail/CVE-2017-5754 [ 4 ] CVE-2018-10471 https://nvd.nist.gov/vuln/detail/CVE-2018-10471 [ 5 ] CVE-2018-10472 https://nvd.nist.gov/vuln/detail/CVE-2018-10472 [ 6 ] CVE-2018-10981 https://nvd.nist.gov/vuln/detail/CVE-2018-10981 [ 7 ] CVE-2018-10982 https://nvd.nist.gov/vuln/detail/CVE-2018-10982 [ 8 ] CVE-2018-12891 https://nvd.nist.gov/vuln/detail/CVE-2018-12891 [ 9 ] CVE-2018-12892 https://nvd.nist.gov/vuln/detail/CVE-2018-12892 [ 10 ] CVE-2018-12893 https://nvd.nist.gov/vuln/detail/CVE-2018-12893 [ 11 ] CVE-2018-15468 https://nvd.nist.gov/vuln/detail/CVE-2018-15468 [ 12 ] CVE-2018-15469 https://nvd.nist.gov/vuln/detail/CVE-2018-15469 [ 13 ] CVE-2018-15470 https://nvd.nist.gov/vuln/detail/CVE-2018-15470 [ 14 ] CVE-2018-3620 https://nvd.nist.gov/vuln/detail/CVE-2018-3620 [ 15 ] CVE-2018-3646 https://nvd.nist.gov/vuln/detail/CVE-2018-3646 [ 16 ] CVE-2018-5244 https://nvd.nist.gov/vuln/detail/CVE-2018-5244 [ 17 ] CVE-2018-7540 https://nvd.nist.gov/vuln/detail/CVE-2018-7540 [ 18 ] CVE-2018-7541 https://nvd.nist.gov/vuln/detail/CVE-2018-7541 [ 19 ] CVE-2018-7542 https://nvd.nist.gov/vuln/detail/CVE-2018-7542
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201810-06
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0958",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4402ec"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4460s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4460"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4440"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4410e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4422e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4400e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4402e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4440s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "4570s"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "550"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qm"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6685r"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6350hq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2620m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610me"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4158u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "950"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4550u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5157u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3245"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440eq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "370m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600k"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4720hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2550k"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8400"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2635qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350k"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7660u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4308u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2340ue"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130"
},
{
"model": "core m7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y75"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4510u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2557m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4288u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3439y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610y"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690k"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6287u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "840qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6585r"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350h"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5600u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2520m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660ue"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030y"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5015u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660lm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2375m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3840qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6260u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "470um"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2357m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3689y"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8600k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6006u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2300"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6320"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2540m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "970"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2629m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770k"
},
{
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y30"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2467m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570k"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210h"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2637m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620ue"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6098p"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "655k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500te"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3110m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640um"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3520m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2115c"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2860qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710mq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4765t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2435m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120me"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2102"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4870hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5557u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4005u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3820qm"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "480m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680um"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2105"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4120u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5287u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2655le"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2675qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8550u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3230m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940xm"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3615qe"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2348m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4910mq"
},
{
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y57"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2610ue"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4558u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3210m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430um"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2130"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3360m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2715qe"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y51"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "680"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "990x"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5250u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2400s"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330te"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4950hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6402p"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010y"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y70"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2125"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700eq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4710hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330m"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y31"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3740qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "920xm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4220y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570te"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3227u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670r"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "390m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "875k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4250u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775r"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675c"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "661"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2670qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4012y"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4578u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3317u"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10a"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "530"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2367m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3550"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7920hq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3540m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3427u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5010u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4850hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712mq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5500u"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y10c"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4650u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3115c"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4860hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5005u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3570t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2700k"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "580m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4202y"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100h"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2510e"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620lm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4110m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170"
},
{
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y30"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330um"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2350m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4810mq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2720qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4160"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5350u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620um"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2410m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4010u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5020u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "870s"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4000m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3380m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "940"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2820qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6360u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2330e"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517ue"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340te"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3687u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4722hq"
},
{
"model": "core m5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6y54"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4800mq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700eq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4760hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7500u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3337u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3612qe"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330e"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3437u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "350m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6600t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2390t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7560u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8250u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4980hq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8100"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6267u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4102e"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2617m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6440hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6442eq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700k"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4960hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4900mq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "720qm"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2657m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2677m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6167u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2365m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2430m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4258u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "380um"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6500t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4430"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "660um"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5575r"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3635qm"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4360t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670k"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5257u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4112e"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4330t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "460m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "860s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5700hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5200u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770te"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700ec"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7600u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4350t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "975"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4130t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3250"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640lm"
},
{
"model": "xeon",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "*"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "670"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570r"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6200u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "620le"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "980x"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520um"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "430m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820eq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4025u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4260u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6100te"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4500u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8350u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7567u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4570"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4302y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2649m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3339y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3340"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5675r"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4600m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3537u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "880"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4300m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "930"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4700mq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3667u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3120m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540um"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4030u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2310m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200h"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2760qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2320"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4210m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2515e"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5750hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8700k"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200y"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4771"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "520e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2450p"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3130m"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4150t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3470s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3770t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hk"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "330m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2920xm"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4750hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5950hq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2960xm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6400t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "960"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2377m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3555le"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4690"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4712hq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3229y"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3320m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4310u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2640m"
},
{
"model": "core m",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5y71"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4100u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2537m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3517u"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4278u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4020y"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2500k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3220"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2120"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2600k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2312m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4610m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "820qm"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5550u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4340"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4170t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "540"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5650u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4785t"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2100t"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "650"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2370m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6300hq"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3217ue"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5300u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2630qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2405s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "965"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "640m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4590s"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6157u"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4370t"
},
{
"model": "core m3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y32"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3225"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "8650u"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4790k"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2328m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7820hq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "750s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5775c"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702mq"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "740qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "450m"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4200m"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3720qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3450s"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2380p"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3330s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "610e"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3475s"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4770r"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3630qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3350p"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "760"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4670"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "5850eq"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "560um"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "2710qe"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3632qm"
},
{
"model": "core i5",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4460t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7700t"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "7y75"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3610qe"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "6102e"
},
{
"model": "core i7",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "4702ec"
},
{
"model": "core i3",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": "3240"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Michigan; Mark Silberstein, Technion; Thomas F.,Raoul Strackx, KU Leuven; Marina Minkin, University of Michigan; Baris Kasikci, and Frank Piessens of imec-DistriNet, Technion; Ofir Weisse, Jo Van Bulck, These vulnerabilities are publicly disclosed by the outside. , University of Michigan; Daniel Genkin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
}
],
"trust": 0.6
},
"cve": "CVE-2018-3620",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2018-3620",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-133651",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.1,
"id": "CVE-2018-3620",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-3620",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-342",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-133651",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-3620",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. (CVE-2018-5390)\n\nJuha-Matti Tilli discovered that the IP implementation in the Linux kernel\nperformed algorithmically expensive operations in some situations when\nhandling incoming packet fragments. (CVE-2018-5391)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n linux-image-3.13.0-155-generic 3.13.0-155.205\n linux-image-3.13.0-155-generic-lpae 3.13.0-155.205\n linux-image-3.13.0-155-lowlatency 3.13.0-155.205\n linux-image-3.13.0-155-powerpc-e500 3.13.0-155.205\n linux-image-3.13.0-155-powerpc-e500mc 3.13.0-155.205\n linux-image-3.13.0-155-powerpc-smp 3.13.0-155.205\n linux-image-3.13.0-155-powerpc64-emb 3.13.0-155.205\n linux-image-3.13.0-155-powerpc64-smp 3.13.0-155.205\n linux-image-generic 3.13.0.155.165\n linux-image-generic-lpae 3.13.0.155.165\n linux-image-lowlatency 3.13.0.155.165\n linux-image-powerpc-e500 3.13.0.155.165\n linux-image-powerpc-e500mc 3.13.0.155.165\n linux-image-powerpc-smp 3.13.0.155.165\n linux-image-powerpc64-emb 3.13.0.155.165\n linux-image-powerpc64-smp 3.13.0.155.165\n\nPlease note that the recommended mitigation for CVE-2018-3646 involves\nupdating processor microcode in addition to updating the kernel;\nhowever, the kernel includes a fallback for processors that have not\nreceived microcode updates. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. The microcode updates\nmentioned there are not yet available in a form distributable by Debian. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10. \n\nWe recommend that you upgrade your xen packages. \n\nFor the detailed security status of xen please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/xen\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlt14mwACgkQEMKTtsN8\nTjb2LhAAokwmlGxyJPC3EGG9aOLKNv23G9OzLLNRm+cy150WAMgBio+bR2CAgkfX\nqu/ftFPLeKfIRbo9nLBFHQLMKlmDdFzLeicXe7GtnKcAMkt0Wp+rYIj66TMkjrMg\n2kJI68ECc5Rqj3fMZ+dgkxSHzhylUGG70mEIBf2D22Y72kkIfc3EzBuu2wxaaOTP\nt7Q7JkYDv9WV/6gw8Ok2vIrQcq95jtZgDSL1ZHHg6VTukHnXP2SU1rMfRCguTCtc\n5JYAgWJ1GWFWt3d6FQnk7SWwJf3pHEVNg0lGpRJdu4qperQ3EhQNeJlGq8adm/Zf\nQQUT9T6vsU5cefgelIRSLxFZ9bDobxXXNaox3FqB4tslkJLhTRluCvilJpWuNpH5\n7S6xti5neGuHORfIkcS1PmOEx2gDkKWTgotiBx04yU3q+/zr0Ob+K2jxZXe4z2uU\nsqEq8pdjCnkE03cljPbfPeutyucS3xDFpFVoXlRqgRNMdZ7jzVSP6qayt3iQIa/E\ndjVQ2ptHxux5Zapg5Ngr2ASBdyIw+2GLVUKQCeqM+EjMXjRBaJv8DPxWwO4nkC4d\neliy9RxErtQpgHIZKHVmTjoRlh/OH4KAdHZT2Y+Gfv1DVA6TL5cPiQ9e0ZunNNaK\nvtXyOzjNPVPZa+2MEq9FTFIkDsR8Ncl/JCzp0bx5uVaV/ovX0A8=reP+\n-----END PGP SIGNATURE-----\n. ==========================================================================\nKernel Live Patch Security Notice 0044-1\nOctober 05, 2018\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu:\n\n| Series | Base kernel | Arch | flavors |\n|------------------+--------------+----------+------------------|\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |\n| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |\n| Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic |\n| Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency |\n| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |\n| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |\n\nSummary:\n\nSeveral security issues were fixed in the kernel. \n\nNote that due to a client issue, this livepatch may report that it failed to\nload. You can verify that the patch has successfully loaded by looking in \n/sys/kernel/livepatch for a directory starting with the name \"lkp_Ubuntu,\"\nfollowed by your kernel version, and ending with the version number, \"44.\"\nThe next client update should correct this problem. (CVE-2018-3620)\n\nIt was discovered that the paravirtualization implementation in the Linux\nkernel did not properly handle some indirect calls, reducing the\neffectiveness of Spectre v2 mitigations for paravirtual guests. A local\nattacker could use this to expose sensitive information. (CVE-2018-15594)\n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. A local\nattacker in a guest virtual machine could use this to expose sensitive\ninformation (memory from other guests or the host OS). A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-6555)\n\nIt was discovered that a stack-based buffer overflow existed in the iSCSI\ntarget implementation of the Linux kernel. A remote attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14633)\n\nIt was discovered that microprocessors utilizing speculative execution and\nprediction of return addresses via Return Stack Buffer (RSB) may allow\nunauthorized memory reads via sidechannel attacks. An attacker could use\nthis to expose sensitive information. (CVE-2018-15572)\n\nJann Horn discovered that the vmacache subsystem did not properly handle\nsequence number overflows, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor execute arbitrary code. (CVE-2018-17182)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your livepatches to the following\nversions:\n\n| Kernel | Version | flavors |\n|--------------------------+----------+--------------------------|\n| 4.4.0-133.159 | 44.1 | generic, lowlatency |\n| 4.4.0-133.159~14.04.1 | 44.1 | lowlatency, generic |\n| 4.4.0-134.160 | 44.1 | generic, lowlatency |\n| 4.4.0-134.160~14.04.1 | 44.1 | lowlatency, generic |\n| 4.4.0-135.161~14.04.1 | 44.1 | lowlatency, generic |\n| 4.15.0-32.35 | 44.1 | lowlatency, generic |\n| 4.15.0-32.35~16.04.1 | 44.1 | generic, lowlatency |\n| 4.15.0-33.36 | 44.1 | lowlatency, generic |\n| 4.15.0-33.36~16.04.1 | 44.1 | lowlatency, generic |\n| 4.15.0-34.37 | 44.1 | generic, lowlatency |\n| 4.15.0-34.37~16.04.1 | 44.2 | lowlatency, generic |\n\nReferences:\n CVE-2018-3620, CVE-2018-15594, CVE-2018-3646, CVE-2018-6555, \n CVE-2018-14633, CVE-2018-15572, CVE-2018-17182\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2018:2387-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2018:2387\nIssue date: 2018-08-14\nCVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Modern operating systems implement virtualization of physical memory to\nefficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was found\nin the way the x86 microprocessor designs have implemented speculative\nexecution of instructions (a commonly used performance optimisation) in\ncombination with handling of page-faults caused by terminated virtual to\nphysical address resolving process. As a result, an unprivileged attacker\ncould use this flaw to read privileged memory of the kernel or other\nprocesses and/or cross guest/host boundaries to read host memory by\nconducting targeted cache side-channel attacks. (CVE-2018-3620,\nCVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3639)\n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting\nCVE-2018-3620 and CVE-2018-3646 and Ken Johnson (Microsoft Security\nResponse Center) and Jann Horn (Google Project Zero) for reporting\nCVE-2018-3639. \n\nBug Fix(es):\n\n* Previously, configurations with the little-endian variant of IBM Power\nSystems CPU architectures and Hard Disk Drives (HDD) designed according to\nNonvolatile Memory Express (NVMe) open standards, experienced crashes\nduring shutdown or reboot due to race conditions of CPUs. As a consequence,\nthe sysfs pseudo file system threw a stack trace report about an attempt to\ncreate a duplicate entry in sysfs. This update modifies the source code so\nthat the irq_dispose_mapping() function is called first and the\nmsi_bitmap_free_hwirqs() function is called afterwards. As a result, the\nrace condition no longer appears in the described scenario. (BZ#1570510)\n\n* When switching from the indirect branch speculation (IBRS) feature to the\nretpolines feature, the IBRS state of some CPUs was sometimes not handled\ncorrectly. Consequently, some CPUs were left with the IBRS Model-Specific\nRegister (MSR) bit set to 1, which could lead to performance issues. With\nthis update, the underlying source code has been fixed to clear the IBRS\nMSR bits correctly, thus fixing the bug. (BZ#1586147)\n\n* During a balloon reset, page pointers were not correctly initialized\nafter unmapping the memory. Consequently, on the VMware ESXi hypervisor\nwith \"Fault Tolerance\" and \"ballooning\" enabled, the following messages\nrepeatedly occurred in the kernel log:\n\n[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100()\n[3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)\n\nWith this update, the underlying source code has been fixed to initialize\npage pointers properly. As a result, the mm/vmalloc.c warnings no longer\noccur under the described circumstances. (BZ#1595600)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm\nperf-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm\nkernel-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-headers-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm\nperf-3.10.0-693.37.4.el7.s390x.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-3620\nhttps://access.redhat.com/security/cve/CVE-2018-3639\nhttps://access.redhat.com/security/cve/CVE-2018-3646\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/L1TF\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U\nOOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi\ndr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX\n96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL\nVNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl\nSpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN\nRiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU\nlIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW\niWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji\nuwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz\nmMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2\ndsE8Ald7hA4=scjp\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 5 ELS) - i386, noarch, s390x, x86_64\n\n3. 6.4) - x86_64\n\n3. (CVE-2018-3639)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201810-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Xen: Multiple vulnerabilities\n Date: October 30, 2018\n Bugs: #643350, #655188, #655544, #659442\n ID: 201810-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncould cause a Denial of Service condition. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 app-emulation/xen \u003c 4.10.1-r2 \u003e= 4.10.1-r2\n 2 app-emulation/xen-tools \u003c 4.10.1-r2 \u003e= 4.10.1-r2\n -------------------------------------------------------------------\n 2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nreferenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.10.1-r2\"\n\nAll Xen tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.10.1-r2\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-5715\n https://nvd.nist.gov/vuln/detail/CVE-2017-5715\n[ 2 ] CVE-2017-5753\n https://nvd.nist.gov/vuln/detail/CVE-2017-5753\n[ 3 ] CVE-2017-5754\n https://nvd.nist.gov/vuln/detail/CVE-2017-5754\n[ 4 ] CVE-2018-10471\n https://nvd.nist.gov/vuln/detail/CVE-2018-10471\n[ 5 ] CVE-2018-10472\n https://nvd.nist.gov/vuln/detail/CVE-2018-10472\n[ 6 ] CVE-2018-10981\n https://nvd.nist.gov/vuln/detail/CVE-2018-10981\n[ 7 ] CVE-2018-10982\n https://nvd.nist.gov/vuln/detail/CVE-2018-10982\n[ 8 ] CVE-2018-12891\n https://nvd.nist.gov/vuln/detail/CVE-2018-12891\n[ 9 ] CVE-2018-12892\n https://nvd.nist.gov/vuln/detail/CVE-2018-12892\n[ 10 ] CVE-2018-12893\n https://nvd.nist.gov/vuln/detail/CVE-2018-12893\n[ 11 ] CVE-2018-15468\n https://nvd.nist.gov/vuln/detail/CVE-2018-15468\n[ 12 ] CVE-2018-15469\n https://nvd.nist.gov/vuln/detail/CVE-2018-15469\n[ 13 ] CVE-2018-15470\n https://nvd.nist.gov/vuln/detail/CVE-2018-15470\n[ 14 ] CVE-2018-3620\n https://nvd.nist.gov/vuln/detail/CVE-2018-3620\n[ 15 ] CVE-2018-3646\n https://nvd.nist.gov/vuln/detail/CVE-2018-3646\n[ 16 ] CVE-2018-5244\n https://nvd.nist.gov/vuln/detail/CVE-2018-5244\n[ 17 ] CVE-2018-7540\n https://nvd.nist.gov/vuln/detail/CVE-2018-7540\n[ 18 ] CVE-2018-7541\n https://nvd.nist.gov/vuln/detail/CVE-2018-7541\n[ 19 ] CVE-2018-7542\n https://nvd.nist.gov/vuln/detail/CVE-2018-7542\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201810-06\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-3620"
},
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148976"
},
{
"db": "PACKETSTORM",
"id": "149718"
},
{
"db": "PACKETSTORM",
"id": "149143"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "150376"
},
{
"db": "PACKETSTORM",
"id": "149142"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "PACKETSTORM",
"id": "150083"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-133651",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133651"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-3620",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#982149",
"trust": 2.6
},
{
"db": "SIEMENS",
"id": "SSA-608355",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-254686",
"trust": 1.8
},
{
"db": "LENOVO",
"id": "LEN-24163",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1041451",
"trust": 1.8
},
{
"db": "BID",
"id": "105080",
"trust": 1.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1304",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0726",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0544",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1899",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4343",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "149142",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148976",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150376",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "149143",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148902",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "148908",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148946",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148903",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148934",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148897",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148916",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148914",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148912",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148901",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148913",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149010",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148941",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-133651",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-3620",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148915",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "149718",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148905",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148906",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150083",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148976"
},
{
"db": "PACKETSTORM",
"id": "149718"
},
{
"db": "PACKETSTORM",
"id": "149143"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "150376"
},
{
"db": "PACKETSTORM",
"id": "149142"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "PACKETSTORM",
"id": "150083"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"id": "VAR-201808-0958",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-133651"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T22:18:58.298000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple Intel Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83874"
},
{
"title": "Red Hat: Important: rhev-hypervisor7 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182404 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182603 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182602 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182389 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182388 - Security Advisory"
},
{
"title": "Red Hat: Important: redhat-virtualization-host security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182403 - Security Advisory"
},
{
"title": "Red Hat: Important: rhvm-appliance security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182402 - Security Advisory"
},
{
"title": "Debian Security Advisories: DSA-4279-1 linux -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dac4eea76febd76490afc049b9aa11cb"
},
{
"title": "Debian Security Advisories: DSA-4274-1 xen -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2129055bb51ebf11b86d56acef7f5da1"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182391 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182392 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182393 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182396 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182387 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3823-1"
},
{
"title": "Red Hat: Important: kernel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182394 - Security Advisory"
},
{
"title": "Red Hat: CVE-2018-3620",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-3620"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2018-3620"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-1"
},
{
"title": "Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-2"
},
{
"title": "Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-1"
},
{
"title": "Ubuntu Security Notice: linux regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-3"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182390 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2018-1058"
},
{
"title": "Ubuntu Security Notice: linux vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-1"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-2"
},
{
"title": "Ubuntu Security Notice: linux-lts-trusty regressions",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-3"
},
{
"title": "Amazon Linux 2: ALAS2-2018-1058",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2018-1058"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182395 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182384 - Security Advisory"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=ba953f0879f87a755234bc0818c99c6d"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=deca5f6210b098f58ce384c28747b82c"
},
{
"title": "Cisco: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180814-cpusidechannel"
},
{
"title": "Huawei Security Advisories: Security Advisory - CPU Side Channel Vulnerability \"L1TF\"",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=28eb43a14c12e8c070afa60d55f86b55"
},
{
"title": "Citrix Security Bulletins: XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=89d06253986d1cdae0f8d9ffbff97d18"
},
{
"title": "Palo Alto Networks Security Advisory: PAN-SA-2018-0011 Information about L1 Terminal Fault findings",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=74b853f8cd89b12964ff841924244a71"
},
{
"title": "https://github.com/houseofxyz/CVE-2020-17382",
"trust": 0.1,
"url": "https://github.com/houseofxyz/CVE-2020-17382 "
},
{
"title": "https://github.com/blitz/l1tf-demo",
"trust": 0.1,
"url": "https://github.com/blitz/l1tf-demo "
},
{
"title": "Overview\nUsage\nContributing",
"trust": 0.1,
"url": "https://github.com/microsoft/SpeculationControl "
},
{
"title": "Overview\nUsage\nContributing",
"trust": 0.1,
"url": "https://github.com/Microsoft/SpeculationControl "
},
{
"title": "Livepatch overlay",
"trust": 0.1,
"url": "https://github.com/aliceinwire/elivepatch-overlay "
},
{
"title": "Livepatch overlay",
"trust": 0.1,
"url": "https://github.com/elivepatch/livepatch-overlay "
},
{
"title": "Network Configuration\nOS-independent",
"trust": 0.1,
"url": "https://github.com/interlunar/win10-regtweak "
},
{
"title": "SpecuCheck",
"trust": 0.1,
"url": "https://github.com/ionescu007/SpecuCheck "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/rosenbergj/cpu-report "
},
{
"title": "Transient Execution Attack Pot",
"trust": 0.1,
"url": "https://github.com/github-3rr0r/TEApot "
},
{
"title": "Transient Execution Attack Pot",
"trust": 0.1,
"url": "https://github.com/Mashiro1995/TEApot "
},
{
"title": "cSpeculationControlFixes",
"trust": 0.1,
"url": "https://github.com/poshsecurity/cSpeculationControlFixes "
},
{
"title": "meltdown",
"trust": 0.1,
"url": "https://github.com/timidri/puppet-meltdown "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/edsonjt81/spectre-meltdown "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/merlinepedra25/spectre-meltdown-checker "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/merlinepedra/spectre-meltdown-checker "
},
{
"title": "Spectre \u0026 Meltdown Checker\nspectre-meltdown-checker\nspectre-meltdown-checker",
"trust": 0.1,
"url": "https://github.com/kali973/spectre-meltdown-checker "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/kin-cho/my-spectre-meltdown-checker "
},
{
"title": "Hyperbleed - Current state of spectre-BTI mitigations on cloud",
"trust": 0.1,
"url": "https://github.com/es0j/hyperbleed "
},
{
"title": "Spectre \u0026 Meltdown Checker",
"trust": 0.1,
"url": "https://github.com/speed47/spectre-meltdown-checker "
},
{
"title": "Hardware and Firmware Security Guidance",
"trust": 0.1,
"url": "https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance "
},
{
"title": "Kaosagnt\u0027s Ansible Everyday Utils",
"trust": 0.1,
"url": "https://github.com/kaosagnt/ansible-everyday "
},
{
"title": "Hardware attacks / State of the art",
"trust": 0.1,
"url": "https://github.com/codexlynx/hardware-attacks-state-of-the-art "
},
{
"title": "SecDB - Security Feeds",
"trust": 0.1,
"url": "https://github.com/giterlizzi/secdb-feeds "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/08/15/foreshadow_sgx_software_attestations_collateral_damage/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
},
{
"trust": 3.0,
"url": "http://www.securityfocus.com/bid/105080"
},
{
"trust": 2.6,
"url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
},
{
"trust": 2.6,
"url": "https://foreshadowattack.eu/"
},
{
"trust": 2.4,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
},
{
"trust": 2.4,
"url": "http://www.vmware.com/security/advisories/vmsa-2018-0021.html"
},
{
"trust": 1.9,
"url": "https://www.kb.cert.org/vuls/id/982149"
},
{
"trust": 1.9,
"url": "https://security.gentoo.org/glsa/201810-06"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2387"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2393"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2394"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2404"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2602"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2018:2603"
},
{
"trust": 1.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180814-cpusidechannel"
},
{
"trust": 1.8,
"url": "http://support.lenovo.com/us/en/solutions/len-24163"
},
{
"trust": 1.8,
"url": "http://xenbits.xen.org/xsa/advisory-273.html"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
},
{
"trust": 1.8,
"url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
},
{
"trust": 1.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018"
},
{
"trust": 1.8,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0009"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
},
{
"trust": 1.8,
"url": "https://support.f5.com/csp/article/k95275140"
},
{
"trust": 1.8,
"url": "https://www.synology.com/support/security/synology_sa_18_45"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4274"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2018/dsa-4279"
},
{
"trust": 1.8,
"url": "https://security.freebsd.org/advisories/freebsd-sa-18:09.l1tf.asc"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2384"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2388"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2389"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2390"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2391"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2392"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2395"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2396"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2402"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2018:2403"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1041451"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3740-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3740-2/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3741-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3741-2/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3742-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3742-2/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/3823-1/"
},
{
"trust": 1.7,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03874en_us"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/conference/usenixsecurity18/presentation/bulck"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html"
},
{
"trust": 0.8,
"url": "https://www.intel.com/content/dam/www/public/us/en/documents/sa00115-microcode-update-guidance.pdf"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
},
{
"trust": 0.6,
"url": "http://kb.juniper.net/infocenter/index"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-18-002"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"trust": 0.6,
"url": "https://security.business.xerox.com/wp-content/uploads/2019/11/cert_xrx19-029_ffpsv2_win10_securitybulletin_nov2019.pdf"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75922"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/79142"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10872470"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/76682"
},
{
"trust": 0.6,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10872142"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.1899/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4343/"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180815-01-cpu-cn"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2018-3646"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2018-3620"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/vulnerabilities/l1tf"
},
{
"trust": 0.2,
"url": "https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-3639"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10901"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2018-10901"
},
{
"trust": 0.1,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03874en_us"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/blitz/l1tf-demo"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3742-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18344"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5390"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-155.205"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/xen"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://xenbits.xen.org/xsa/advisory-273.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15572"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-6555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14633"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17182"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3823-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ssbd"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5244"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7542"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12892"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10471"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12891"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12893"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10982"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10472"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10981"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15468"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15470"
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7541"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7540"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148976"
},
{
"db": "PACKETSTORM",
"id": "149718"
},
{
"db": "PACKETSTORM",
"id": "149143"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "150376"
},
{
"db": "PACKETSTORM",
"id": "149142"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "PACKETSTORM",
"id": "150083"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#982149"
},
{
"db": "VULHUB",
"id": "VHN-133651"
},
{
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "148976"
},
{
"db": "PACKETSTORM",
"id": "149718"
},
{
"db": "PACKETSTORM",
"id": "149143"
},
{
"db": "PACKETSTORM",
"id": "148902"
},
{
"db": "PACKETSTORM",
"id": "150376"
},
{
"db": "PACKETSTORM",
"id": "149142"
},
{
"db": "PACKETSTORM",
"id": "148905"
},
{
"db": "PACKETSTORM",
"id": "148906"
},
{
"db": "PACKETSTORM",
"id": "150083"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-15T00:00:00",
"db": "CERT/CC",
"id": "VU#982149"
},
{
"date": "2018-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-133651"
},
{
"date": "2018-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"date": "2018-08-15T04:42:52",
"db": "PACKETSTORM",
"id": "148915"
},
{
"date": "2018-08-17T17:42:34",
"db": "PACKETSTORM",
"id": "148976"
},
{
"date": "2018-10-08T23:55:14",
"db": "PACKETSTORM",
"id": "149718"
},
{
"date": "2018-08-29T20:32:22",
"db": "PACKETSTORM",
"id": "149143"
},
{
"date": "2018-08-15T04:38:57",
"db": "PACKETSTORM",
"id": "148902"
},
{
"date": "2018-11-15T18:15:34",
"db": "PACKETSTORM",
"id": "150376"
},
{
"date": "2018-08-30T23:36:28",
"db": "PACKETSTORM",
"id": "149142"
},
{
"date": "2018-08-15T04:39:57",
"db": "PACKETSTORM",
"id": "148905"
},
{
"date": "2018-08-15T04:40:04",
"db": "PACKETSTORM",
"id": "148906"
},
{
"date": "2018-10-31T01:14:40",
"db": "PACKETSTORM",
"id": "150083"
},
{
"date": "2018-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"date": "2018-08-14T19:29:00.793000",
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#982149"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-133651"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-3620"
},
{
"date": "2020-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-342"
},
{
"date": "2023-11-07T02:58:05.663000",
"db": "NVD",
"id": "CVE-2018-3620"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "148915"
},
{
"db": "PACKETSTORM",
"id": "149718"
},
{
"db": "PACKETSTORM",
"id": "150376"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)",
"sources": [
{
"db": "CERT/CC",
"id": "VU#982149"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-342"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.