4 results (0.005 seconds)

CVSS: 6.5EPSS: 0%CPEs: 727EXPL: 0

CVE-2020-0543 – hw: Special Register Buffer Data Sampling (SRBDS)

https://notcve.org/view.php?id=CVE-2020-0543

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta de operaciones de lectura de un registro especial específico en algunos Intel® Processors puede permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio de un acceso local A new domain bypass transient execution attack known as Special Register Buffer Data Sampling (SRBDS) has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this flaw to infer values returned by affected instructions known to be commonly used during cryptographic operations that rely on uniqueness, secrecy, or both. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00031.html http://www.openwall.com/lists/oss-security/2020/07/14/5 https://cert-portal.siemens.com/productcert/pdf/ssa-534763.pdf https://kc.mcafee.com/corporate/index?page=content&id=SB10318 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message • CWE-459: Incomplete Cleanup •

CVSS: 5.6EPSS: 0%CPEs: 665EXPL: 5

CVE-2018-3639 – AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass

https://notcve.org/view.php?id=CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas las anteriores escrituras de memoria podrían permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un análisis de canal lateral. Esto también se conoce como Speculative Store Bypass (SSB), Variant 4. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). • https://www.exploit-db.com/exploits/44695 https://github.com/mmxsrup/CVE-2018-3639 https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4- https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html http://support.lenovo.com/us/en/solutions/LEN-2213 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 7.8EPSS: 0%CPEs: 402EXPL: 0

CVE-2017-5711

https://notcve.org/view.php?id=CVE-2017-5711

Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege. Múltiples desbordamientos de búfer en el kernel en Active Management Technology (AMT) en Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 permiten que un atacante con acceso local al sistema ejecute código arbitrario con el privilegio de ejecución AMT. • http://www.securityfocus.com/bid/101918 http://www.securitytracker.com/id/1039852 https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr https://security.netapp.com/advisory/ntap-20171120-0001 https://www.asus.com/News/wzeltG5CjYaIwGJ0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 1%CPEs: 402EXPL: 0

CVE-2017-5712

https://notcve.org/view.php?id=CVE-2017-5712

Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. Desbordamiento de búfer en el kernel en Active Management Technology (AMT) en Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 permite que un atacante con acceso local al sistema ejecute código arbitrario con el privilegio de ejecución AMT. • http://www.securityfocus.com/bid/101920 http://www.securitytracker.com/id/1039852 https://cert-portal.siemens.com/productcert/pdf/ssa-892715.pdf https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr https://security.netapp.com/advisory/ntap-20171120-0001 https://www.asus.com/News/wzeltG5CjYaIwGJ0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •