Page 12 of 66 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 727EXPL: 0

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta de operaciones de lectura de un registro especial específico en algunos Intel® Processors puede permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio de un acceso local A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html http://www.openwall.com/lists/oss-security/2020/07/14/5 https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf https://kc.mcafee.com/corporate/index?page=content&id=SB10318 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message • CWE-459: Incomplete Cleanup •

CVSS: 7.8EPSS: 0%CPEs: 291EXPL: 0

In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148159562References: Upstream kernel En la función psi_write del archivo psi.c, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. • https://source.android.com/security/bulletin/2020-05-01 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00533.html • CWE-787: Out-of-bounds Write •

CVSS: 5.6EPSS: 0%CPEs: 1321EXPL: 0

Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html Una inyección de valor de carga en algunos Procesadores Intel® que utilizan una ejecución especulativa puede permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio de un canal lateral con acceso local. La lista de productos afectados es proporcionada en intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html • https://security.netapp.com/advisory/ntap-20200320-0002 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html •

CVSS: 6.5EPSS: 0%CPEs: 897EXPL: 0

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Unos errores de limpieza en algunos desalojos de caché de datos para algunos procesadores Intel(R), pueden permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio del acceso local. A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00016.html https://kc.mcafee.com/corporate/index?page=content&id=SB10318 https://lists.debian.org/debian-lts-announce/2020/06/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y https://security.netapp.com/advisory/ntap-20200210-0004 https://usn.ubunt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •

CVSS: 5.5EPSS: 0%CPEs: 886EXPL: 0

Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Unos errores de limpieza en algunos procesadores Intel(R), pueden permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio del acceso local. A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read by another process or a CPU sibling. The highest threat from this vulnerability is data confidentiality where an attacker could read arbitrary data as it passes through the processor. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00016.html https://lists.debian.org/debian-lts-announce/2020/06/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DT2VKDMQ3I37NBNJ256A2EXR7OJHXXKZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5OUM24ZC43G4IDT3JUCIHJTSDXJSK6Y https://security.netapp.com/advisory/ntap-20200210-0004 https://usn.ubuntu.com/4385-1 https://www.debian.org/security/2020/dsa-47 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •