Описание
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 4.15.11-1 | package | |
| intel-microcode | fixed | 3.20180425.1 | package | |
| intel-microcode | fixed | 3.20180425.1~deb9u1 | stretch | package |
| intel-microcode | fixed | 3.20180425.1~deb8u1 | jessie | package |
| amd64-microcode | fixed | 3.20180515.1 | package | |
| qemu | fixed | 1:2.12~rc3+dfsg-1 | package | |
| qemu-kvm | removed | package | ||
| virtualbox | fixed | 5.2.6-dfsg-1 | package | |
| virtualbox | end-of-life | jessie | package | |
| virtualbox | end-of-life | wheezy | package | |
| nvidia-graphics-drivers | fixed | 384.111-1 | package | |
| nvidia-graphics-drivers | fixed | 384.111-4~deb9u1 | stretch | package |
| nvidia-graphics-drivers | fixed | 340.106-1 | jessie | package |
| nvidia-graphics-drivers | end-of-life | wheezy | package | |
| nvidia-graphics-drivers-legacy-340xx | fixed | 340.106-1 | package | |
| nvidia-graphics-drivers-legacy-340xx | fixed | 340.106-1~deb9u1 | stretch | package |
| nvidia-graphics-drivers-legacy-304xx | unfixed | package | ||
| nvidia-graphics-drivers-legacy-304xx | no-dsa | stretch | package | |
| nvidia-graphics-drivers-legacy-304xx | no-dsa | jessie | package | |
| linux-grsec | removed | package | ||
| xen | fixed | 4.11.1~pre+1.733450b39b-1 | package | |
| xen | ignored | jessie | package |
Примечания
https://spectreattack.com/
https://xenbits.xen.org/xsa/advisory-254.html
https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html
Paper: https://spectreattack.com/spectre.pdf
https://www.suse.com/de-de/support/kb/doc/?id=7022512
https://www.suse.com/support/update/announcement/2018/suse-su-20180009-1/
For the required microcode updates in advance:
intel-microcode: https://bugs.debian.org/886367
intel-microcode: Some microcode updates to partially adress CVE-2017-5715 included in 3.20171215.1
Further updates in 3.20180312.1
amd64-microcode: https://bugs.debian.org/886382
amd64-microcode updates in 3.20180515.1
Qemu patches: https://lists.nongnu.org/archive/html/qemu-devel/2018-01/msg00811.html
to pass thorugh new MSR and CPUID flags from the host VM to the CPU, to
allow (future) enabling/disabling ranch prediction features in the Intel
CPU.
EPSS
Связанные уязвимости
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
EPSS