Page 10 of 55 results (0.020 seconds)

CVSS: 6.5EPSS: 0%CPEs: 324EXPL: 0

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Una condición de tipo TSX Asynchronous Abort en algunas CPU que utilizan ejecución especulativa puede habilitar a un usuario autenticado para permitir potencialmente una divulgación de información por medio de un canal lateral con acceso local. A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing. Intel's Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00045.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00042.html http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html http://www.openwall.com/lists/oss-security/2019/12/10/3 http://www.openwall.com/lists/oss-security/2019/12/10/4 http://www.openwall.com/lists/oss-security/2019/12 • CWE-203: Observable Discrepancy •

CVSS: 5.6EPSS: 0%CPEs: 463EXPL: 0

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y traducciones de direcciones podría permitir la divulgación no autorizada de información que reside en la caché de datos L1 a un atacante con acceso de usuario local mediante un error de página del terminal y un análisis de canal lateral. Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. • http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.securityfocus.com/bid/105080 http://www.securitytracker.com/id/1041451 http://www.vmware.com/security/advisories/VMSA-2018-0021.html http://xenbits.xen.org/xsa/advisory-273.html https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2387 https://access.redhat.com/errata/RHSA-2018:2388 https: • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 5.6EPSS: 0%CPEs: 463EXPL: 0

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y traducciones de direcciones podría permitir la divulgación no autorizada de información que reside en la caché de datos L1 a un atacante con acceso de usuario local con privilegios de invitado del sistema operativo mediante un error de página del terminal y un análisis de canal lateral. Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. • http://support.lenovo.com/us/en/solutions/LEN-24163 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en http://www.securityfocus.com/bid/105080 http://www.securitytracker.com/id/1041451 http://www.securitytracker.com/id/1042004 http://www.vmware.com/security/advisories/VMSA-2018-0020.html http://xenbits.xen.org/xsa/advisory-273.html https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2387 https://access • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 1095EXPL: 0

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y la predicción de ramas podría permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un desbordamiento de búfer especulativo y el análisis de canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). • https://access.redhat.com/errata/RHSA-2018:2384 https://access.redhat.com/errata/RHSA-2018:2390 https://access.redhat.com/errata/RHSA-2018:2395 https://access.redhat.com/errata/RHSA-2019:1946 https://access.redhat.com/errata/RHSA-2020:0174 https://cdrdv2.intel.com/v1/dl/getContent/685359 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180823-0001 https://www.oracle.com/s • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.6EPSS: 0%CPEs: 132EXPL: 0

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. Vulnerabilidad de divulgación de información en el medio de almacenamiento en sistemas con el módulo de memoria Intel Optane con Whole Disk Encryption podría permitir que un atacante recupere datos mediante el acceso físico. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00114.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •