exploit the possibilities
Showing 1 - 25 of 32 RSS Feed

CVE-2018-3620

Status Candidate

Overview

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

Related Files

Ubuntu Security Notice USN-3823-1
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3823-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | 6b37d20c06583bdf2df8bbda520645eb
Gentoo Linux Security Advisory 201810-06
Posted Oct 31, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201810-6 - Multiple vulnerabilities have been found in Xen, the worst of which could cause a Denial of Service condition. Versions less than 4.10.1-r2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2018-10471, CVE-2018-10472, CVE-2018-10981, CVE-2018-10982, CVE-2018-12891, CVE-2018-12892, CVE-2018-12893, CVE-2018-15468, CVE-2018-15469, CVE-2018-15470, CVE-2018-3620, CVE-2018-3646, CVE-2018-5244, CVE-2018-7540, CVE-2018-7541, CVE-2018-7542
MD5 | 9eda1febf30dabcc3f4d7adedc9b7802
Kernel Live Patch Security Notice LSN-0044-1
Posted Oct 8, 2018
Authored by Benjamin M. Romer

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux
advisories | CVE-2018-14633, CVE-2018-15572, CVE-2018-15594, CVE-2018-17182, CVE-2018-3620, CVE-2018-3646, CVE-2018-6555
MD5 | 5e82c0eddd3c443fb7cd4484b02a8b65
Red Hat Security Advisory 2018-2602-01
Posted Aug 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2602-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | 63470689b69ed53eeda0b6f2c3c15438
Red Hat Security Advisory 2018-2603-01
Posted Aug 29, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2603-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | 3cdec497fa605c547651f469691a0e91
Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Aug 29, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to mitigate security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2018-3546, CVE-2018-3615, CVE-2018-3620
MD5 | f9ba37ef045dc9187e716f2a1d661385
Ubuntu Security Notice USN-3742-3
Posted Aug 21, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3742-3 - USN-3742-2 introduced mitigations in the Linux Hardware Enablement kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault vulnerabilities. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems. Various other issues were also addressed.

tags | advisory, java, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-18344, CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | 5184a56084d4f6684863c627c85bd1a7
Debian Security Advisory 4279-1
Posted Aug 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4279-1 - Multiple researchers have discovered a vulnerability in the way the Intel processor designs have implemented speculative execution of instructions in combination with handling of page-faults. This flaw could allow an attacker controlling an unprivileged process to read memory from arbitrary (non-user controlled) addresses, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory.

tags | advisory, arbitrary, kernel
systems | linux, debian
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | aab9fef60b5c6ccfcb3e7fcbbcf56798
Debian Security Advisory 4274-1
Posted Aug 17, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4274-1 - This update provides mitigations for the "L1 Terminal Fault" vulnerability affecting a range of Intel CPUs.

tags | advisory
systems | linux, debian
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | b243cebc6d70476d0666dc109c93f67f
Red Hat Security Advisory 2018-2402-01
Posted Aug 16, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2402-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390
MD5 | ea9ca1c54f770ab4029aae155fd6fe6e
Red Hat Security Advisory 2018-2404-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2404-01 - The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Issues addressed include an L1TF problem.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | 1ba1bf5b29a8e82d20f2e3ff4597caa3
Red Hat Security Advisory 2018-2403-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2403-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390
MD5 | a095127f014bb4ceab1d6e252b903fe7
FreeBSD Security Advisory - FreeBSD-SA-18:09.l1tf
Posted Aug 15, 2018
Site security.freebsd.org

FreeBSD Security Advisory - On certain Intel 64-bit x86 systems there is a period of time during terminal fault handling where the CPU may use speculative execution to try to load data. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods. This issue affects bhyve on FreeBSD/amd64 systems. An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.

tags | advisory, x86, kernel
systems | freebsd, bsd
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | d2d8d94bd9c95b68c83e957598d1c85c
Ubuntu Security Notice USN-3742-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3742-2 - USN-3742-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-18344, CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | 8765eb216afec68e03e4729f603e2423
Ubuntu Security Notice USN-3741-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3741-2 - USN-3741-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | a0d39dbb79e2f19019b21e3f47cfbcee
Ubuntu Security Notice USN-3742-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3742-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-18344, CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | 0bb27e1ab89c610a43b666ee9c098afd
Ubuntu Security Notice USN-3741-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3741-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | adb44b3c97e09a1c8c3883fb1c76b23f
Ubuntu Security Notice USN-3740-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3740-2 - USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5391
MD5 | af22cc41875cbf38e938fba21964205a
Ubuntu Security Notice USN-3740-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3740-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5391
MD5 | 1996e4f32e8fd7c1ba60b8a9ec50cc26
Red Hat Security Advisory 2018-2391-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2391-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a speculative execution vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10901, CVE-2018-3620, CVE-2018-3646
MD5 | 31aae57342942241eb7b2e83ce29304c
Red Hat Security Advisory 2018-2389-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2389-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a speculative execution vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-3620, CVE-2018-3646
MD5 | ab4b463ebe68414fc69f4d7af6ab178e
Red Hat Security Advisory 2018-2395-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2395-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2017-13215, CVE-2018-10675, CVE-2018-3620, CVE-2018-3646, CVE-2018-3693, CVE-2018-5390, CVE-2018-7566
MD5 | dd0004dd825e5ff2095aeec5aa67d5fb
Red Hat Security Advisory 2018-2393-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2393-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a speculative execution vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10901, CVE-2018-3620, CVE-2018-3646
MD5 | 0b29098d005550cb432bb9d434c83770
Red Hat Security Advisory 2018-2394-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2394-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
advisories | CVE-2018-10901, CVE-2018-3620, CVE-2018-3639, CVE-2018-3646
MD5 | 14f3c60bc7297b2894f63fd0687edb78
Red Hat Security Advisory 2018-2392-01
Posted Aug 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2392-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a speculative execution vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-10901, CVE-2018-3620, CVE-2018-3646
MD5 | c49e27a6063c8a556a0f690a8c04fffb
Page 1 of 2
Back12Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    2 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close