what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

CVE-2018-3665

Status Candidate

Overview

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

Related Files

Red Hat Security Advisory 2019-1190-01
Posted May 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1190-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include CPU related, buffer overflow, information leakage, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2016-7913, CVE-2016-8633, CVE-2017-11600, CVE-2017-12190, CVE-2017-13215, CVE-2017-16939, CVE-2017-17558, CVE-2018-1068, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-18559, CVE-2018-3665, CVE-2019-11091
MD5 | 4b492c9ca94232e391e9a3f85f9e7102
Red Hat Security Advisory 2019-1170-01
Posted May 15, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1170-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include CPU related, buffer overflow, denial of service, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2016-7913, CVE-2016-8633, CVE-2017-1000407, CVE-2017-11600, CVE-2017-12190, CVE-2017-13215, CVE-2017-16939, CVE-2017-17558, CVE-2018-1068, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-18559, CVE-2018-3665, CVE-2019-11091
MD5 | 08e27023249411cb052bdc811ba56b7a
Apple Security Advisory 2018-10-30-14
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17742, CVE-2018-3665, CVE-2018-4178, CVE-2018-4248, CVE-2018-4259, CVE-2018-4268, CVE-2018-4269, CVE-2018-4276, CVE-2018-4277, CVE-2018-4280, CVE-2018-4283, CVE-2018-4285, CVE-2018-4286, CVE-2018-4287, CVE-2018-4288, CVE-2018-4289, CVE-2018-4291, CVE-2018-4293, CVE-2018-5383, CVE-2018-6797, CVE-2018-6913, CVE-2018-6914, CVE-2018-8777
MD5 | f1dbc0bc60d79fd4e3c5f0b9d2264c9e
Apple Security Advisory 2018-7-23-1
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-1 - Security Update 2018-004 El Capitan addresses information leakage vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2018-3665, CVE-2018-4178, CVE-2018-4248, CVE-2018-4268, CVE-2018-4269, CVE-2018-4277, CVE-2018-4280, CVE-2018-4283, CVE-2018-4285, CVE-2018-4289, CVE-2018-4293, CVE-2018-5383
MD5 | 8627424be62a9e99769b5934ed70de82
Red Hat Security Advisory 2018-2164-01
Posted Jul 11, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2164-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-10675, CVE-2018-10872, CVE-2018-3639, CVE-2018-3665
MD5 | 9f68a3c259b4d462b49ce148628bd71a
Red Hat Security Advisory 2018-2165-01
Posted Jul 10, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2165-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-13305, CVE-2018-3665
MD5 | c3f3cd963aa339b5a20d7ef071d2b880
Apple Security Advisory 2018-7-9-4
Posted Jul 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-9-4 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address information leakage vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2018-3665, CVE-2018-4178, CVE-2018-4248, CVE-2018-4268, CVE-2018-4269, CVE-2018-4277, CVE-2018-4280, CVE-2018-4283, CVE-2018-4285, CVE-2018-4289, CVE-2018-4293
MD5 | b8e4918d0050dbadfeb053606de8390f
Kernel Live Patch Security Notice LSN-0040-1
Posted Jul 5, 2018
Authored by Benjamin M. Romer

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service (system crash) when mounted. It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2018-1092, CVE-2018-1093, CVE-2018-3665, CVE-2018-7755
MD5 | 12dc1b657d3a63120fd299195c1684b4
Ubuntu Security Notice USN-3698-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | d99c9b1c8afb3fd3cbaf8db904a91c13
Ubuntu Security Notice USN-3696-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 7232f498840627d5ecbea781d6ae2d03
Ubuntu Security Notice USN-3698-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 79e62f3c9db29224ec902903f92f2bff
Ubuntu Security Notice USN-3696-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 85ebc7f68fdfd1ec62e89e89a7199622
FreeBSD Security Advisory - FreeBSD-SA-18:07.lazyfpu
Posted Jun 21, 2018
Authored by Julian Stecklina | Site security.freebsd.org

FreeBSD Security Advisory - A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.

tags | advisory, local
systems | freebsd, bsd
advisories | CVE-2018-3665
MD5 | 1f6a78529b67d0c29228595a5402e4ec
Debian Security Advisory 4232-1
Posted Jun 20, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4232-1 - This update provides mitigations for the "lazy FPU" vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU.

tags | advisory
systems | linux, debian
advisories | CVE-2018-3665
MD5 | a6b4e2a3380dbefdaab3f2a5274ae52b
Red Hat Security Advisory 2018-1944-01
Posted Jun 19, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1944-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-3665
MD5 | 769c10853b79201fff02e005e12ff082
Red Hat Security Advisory 2018-1852-01
Posted Jun 14, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2018-3665
MD5 | 48e4d3e34658a90f7f139e487e3927cd
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    16 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close