4.9
CVSSv2

CVE-2018-3639

Published: 22/05/2018 Updated: 23/05/2019
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 500
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Summary

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Vulnerability Trend

Affected Products

Vendor Product Versions
MitelMicloud Management Portal*
MitelMicollab-
MitelMivoic Mx-one-
MitelMivoice 5000-
MitelMivoice Border Gateway-
MitelMivoice Business-
MitelMivoice Connect-
MitelOpen Integration Gateway-
RedhatOpenstack8, 9, 10, 12, 13.0
RedhatEnterprise Linux Desktop6.0
RedhatEnterprise Linux Server6.0
RedhatEnterprise Linux Server Aus5.9, 6.4, 6.5, 6.6, 7.2, 7.3, 7.4
RedhatEnterprise Linux Server Eus6.7, 7.3, 7.4
RedhatEnterprise Linux Server Tus6.6, 7.2, 7.3, 7.4
RedhatEnterprise Linux Workstation6.0
RedhatVirtualization4.2
SonicwallCloud Global Management System-
SonicwallEmail Security-
SonicwallGlobal Management System-
SonicwallSecure Mobile Access-
SonicwallSonicosv-
SonicwallWeb Application Firewall-
ArmCortex-a15, 57, 72
IntelAtom CC2308, C3308, C3338, C3508, C3538, C3558, C3708, C3750, C3758, C3808, C3830, C3850, C3858, C3950, C3955, C3958
IntelAtom EE3805, E3815, E3825, E3826, E3827, E3845
IntelAtom ZZ2420, Z2460, Z2480, Z2520, Z2560, Z2580, Z2760, Z3460, Z3480, Z3530, Z3560, Z3570, Z3580, Z3590, Z3735d, Z3735e, Z3735f, Z3735g, Z3736f, Z3736g, Z3740, Z3740d, Z3745, Z3745d, Z3770, Z3770d, Z3775, Z3775d, Z3785, Z3795
IntelCeleron JJ3455, J4005, J4105
IntelCeleron NN3450
IntelCore I332nm, 45nm
IntelCore I532nm, 45nm
IntelCore I732nm, 45nm
IntelCore M32nm, 45nm
IntelPentiumN4000, N4100, N4200
IntelPentium JJ4205
IntelPentium SilverJ5005, N5000
IntelXeon E3125c , 1105c, 1105c V2, 1125c V2, 1220 , 1220 V2, 1220 V3, 1220 V5, 1220 V6, 1220l, 1220l V2, 1220l V3, 1225, 1225 V2, 1225 V3, 1225 V5, 1225 V6, 1226 V3, 1230, 1230 V2, 1230 V3, 1230 V5, 1230 V6, 1230l V3, 1231 V3, 1235, 1235l V5, 1240, 1240 V2, 1240 V3, 1240 V5, 1240 V6, 1240l V3, 1240l V5, 1241 V3, 1245, 1245 V2, 1245 V3, 1245 V5, 1245 V6, 1246 V3, 1258l V4, 1260l, 1260l V5, 1265l V2, 1265l V3, 1265l V4, 1268l V3, 1268l V5, 1270, 1270 V2, 1270 V3, 1270 V5, 1270 V6, 1271 V3, 1275 , 1275 V2, 1275 V3, 1275 V5, 1275 V6, 1275l V3, 1276 V3, 1278l V4, 1280, 1280 V2, 1280 V3, 1280 V5, 1280 V6, 1281 V3, 1285 V3, 1285 V4, 1285 V6, 1285l V3, 1285l V4, 1286 V3, 1286l V3, 1290, 1290 V2, 1501l V6, 1501m V6, 1505l V5, 1505l V6, 1505m V5, 1505m V6, 1515m V5, 1535m V5, 1535m V6, 1545m V5, 1558l V5, 1565l V5, 1575m V5, 1578l V5, 1585 V5, 1585l V5, 3600, 5600, 7500, E5502, E5503, E5504, E5506, E5507, E5520, E5530, E5540, E6510, E6540, E6550, L3403, L3406, L3426, L5506, L5508 , L5518 , L5520, L5530, W5580, W5590, X3430, X3440, X3450, X3460, X3470, X3480, X5550, X5560, X5570
IntelXeon E51428l, 1428l V2, 1428l V3, 1620, 1620 V2, 1620 V3, 1620 V4, 1630 V3, 1630 V4, 1650, 1650 V2, 1650 V3, 1650 V4, 1660, 1660 V2, 1660 V3, 1660 V4, 1680 V3, 1680 V4, 2403, 2403 V2, 2407, 2407 V2, 2408l V3, 2418l, 2418l V2, 2418l V3, 2420, 2420 V2, 2428l, 2428l V2, 2428l V3, 2430, 2430 V2, 2430l, 2430l V2, 2438l V3, 2440, 2440 V2, 2448l, 2448l V2, 2450, 2450 V2, 2450l, 2450l V2, 2470, 2470 V2, 2603, 2603 V2, 2603 V3, 2603 V4, 2608l V3, 2608l V4, 2609, 2609 V2, 2609 V3, 2609 V4, 2618l V2, 2618l V3, 2618l V4, 2620, 2620 V2, 2620 V3, 2620 V4, 2623 V3, 2623 V4, 2628l V2, 2628l V3, 2628l V4, 2630, 2630 V2, 2630 V3, 2630 V4, 2630l, 2630l V2, 2630l V3, 2630l V4, 2637, 2637 V2, 2637 V3, 2637 V4, 2640, 2640 V2, 2640 V3, 2640 V4, 2643, 2643 V2, 2643 V3, 2643 V4, 2648l, 2648l V2, 2648l V3, 2648l V4, 2650, 2650 V2, 2650 V3, 2650 V4, 2650l, 2650l V2, 2650l V3, 2650l V4, 2658, 2658 V2, 2658 V3, 2658 V4, 2658a V3, 2660, 2660 V2, 2660 V3, 2660 V4, 2665, 2667, 2667 V2, 2667 V3, 2667 V4, 2670, 2670 V2, 2670 V3, 2680, 2680 V2, 2680 V3, 2680 V4, 2683 V3, 2683 V4, 2687w, 2687w V2, 2687w V3, 2687w V4, 2690, 2690 V2, 2690 V3, 2690 V4, 2695 V2, 2695 V3, 2695 V4, 2697 V2, 2697 V3, 2697 V4, 2697a V4, 2698 V3, 2698 V4, 2699 V3, 2699 V4, 2699a V4, 2699r V4, 4603, 4603 V2, 4607, 4607 V2, 4610, 4610 V2, 4610 V3, 4610 V4, 4617, 4620, 4620 V2, 4620 V3, 4620 V4, 4624l V2, 4627 V2, 4627 V3, 4627 V4, 4628l V4, 4640, 4640 V2, 4640 V3, 4640 V4, 4648 V3, 4650, 4650 V2, 4650 V3, 4650 V4, 4650l, 4655 V3, 4655 V4, 4657l V2, 4660 V3, 4660 V4, 4667 V3, 4667 V4, 4669 V3, 4669 V4
IntelXeon E72803, 2820, 2830, 2850, 2850 V2, 2860, 2870, 2870 V2, 2880 V2, 2890 V2, 4807, 4809 V2, 4809 V3, 4809 V4, 4820, 4820 V2, 4820 V3, 4820 V4, 4830, 4830 V2, 4830 V3, 4830 V4, 4850, 4850 V2, 4850 V3, 4850 V4, 4860, 4860 V2, 4870, 4870 V2, 4880 V2, 4890 V2, 8830, 8837, 8850, 8850 V2, 8857 V2, 8860, 8860 V3, 8860 V4, 8867 V3, 8867 V4, 8867l, 8870, 8870 V2, 8870 V3, 8870 V4, 8880 V2, 8880 V3, 8880 V4, 8880l V2, 8880l V3, 8890 V2, 8890 V3, 8890 V4, 8891 V2, 8891 V3, 8891 V4, 8893 V2, 8893 V3, 8893 V4, 8894 V4
IntelXeon Gold5115, 85115, 85118, 85119t, 85120, 85120t, 85122, 86126, 86126f, 86126t, 86128, 86130, 86130f, 86130t, 86132, 86134, 86134m, 86136, 86138, 86138f, 86138t, 86140, 86140m, 86142, 86142f, 86142m, 86144, 86146, 86148, 86148f, 86150, 86152, 86154
IntelXeon Platinum8153, 8156, 8158, 8160, 8160f, 8160m, 8160t, 8164, 8168, 8170, 8170m, 8176, 8176f, 8176m, 8180
IntelXeon Silver4108, 4109t, 4110, 4112, 4114, 4114t, 4116, 4116t
CanonicalUbuntu Linux14.04, 16.04, 18.04
DebianDebian Linux8.0, 9.0
OracleSolaris11
SiemensRuggedcom Ape Firmware-
SiemensSimatic Ipc427c Firmware-
SiemensSimatic Ipc477c Firmware-
SiemensSinema Remote Connect Firmware-
SiemensSinumerik 840 D Sl Firmware-
SiemensSinumerik Tcu 30.3 Firmware-

Vendor Advisories

This update provides mitigations for the Spectre v4 variant in x86-based micro processors On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update) For servers with AMD CPUs no microcode update is needed, please refer to xenbitsxenorg/xsa/advisory-263html ...
Side channel execution mitigations were added to QEMU ...
Side channel execution mitigations were added to QEMU ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as havi ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for RHEV 3X Hypervisor and Agents for Red Hat Enterprise Linux 7 Extended Life SupportRed Hat Product Security has rated this update as having a security impact o ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform12Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS ...
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as having a ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as having ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as havi ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Comm ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization) It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a r ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: java-180-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis Important: rhvm-setup-plugins security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for rhvm-setup-plugins is now available for Red Hat Virtualization Engine 42Red Hat Product Security has rated this update as having a security impact of Important A ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services for SAP ...
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform9Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis Important: rhev-hypervisor7 security update Type/Severity Security Advisory: Important Topic An update for rhev-hypervisor7 is now available for RHEV 3X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 6 and RHEV 3X Hypervisor and Agents Extended Lifecycle Support for ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as having a ...
Synopsis Important: java-180-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services for SAP Sol ...
Synopsis Important: libvirt security and bug fix update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: qemu-kvm-rhev security and bug fix update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A C ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support (needed to address Spectre v4) and fixes for Spectre v3a For the stable distribution (stretch), these problems have been fixed in version 3201807032~deb9u1 We recommend that you upgrade your intel-microcode packages For the detailed security status o ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization) It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a r ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 120 (Pike)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: orgovirtengine-root security update Type/Severity Security Advisory: Important Topic An update for orgovirtengine-root is now available for Red Hat Virtualization Engine 42Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabilit ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 59 Long LifeRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis Important: rhevm-setup-plugins security update Type/Severity Security Advisory: Important Topic An update for rhevm-setup-plugins is now available for RHEV Manager version 36Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services for SAP S ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update as having ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis Important: orgovirtengine-root security update Type/Severity Security Advisory: Important Topic An update for orgovirtengine-root is now available for RHEV Manager version 36Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: libvirt security and bug fix update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for RHEV 3X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 7Red Hat Product Security has rated this updat ...
Synopsis Important: vdsm security update Type/Severity Security Advisory: Important Topic An update for vdsm is now available for RHEV 3X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important ...
Synopsis Important: rhvm-setup-plugins security update Type/Severity Security Advisory: Important Topic An update for rhvm-setup-plugins is now available for Red Hat Virtualization Engine 42Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scor ...
Synopsis Important: qemu-kvm security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: vdsm security update Type/Severity Security Advisory: Important Topic An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sy ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis Important: qemu-kvm-rhev security update Type/Severity Security Advisory: Important Topic An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform8Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic An update for libvirt is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services for SAP S ...
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...

Exploits

/* ======== Intro / Overview ======== After Michael Schwarz made some interesting observations, we started looking into variants other than the three already-known ones I noticed that Intel's Optimization Manual says in section 2445 ("Memory Disambiguation"): A load instruction micro-op may depend on a preceding store Many microarchi ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 142 kernel (SSA:2018-208-01) New kernel packages are available for Slackware 142 to fix security issues Here are the details from the Slackware 142 ChangeLog: +--------------------------+ patches/packages/linux-44144/*: Upgraded This kernel update enables ad ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4273-1 security () debian org wwwdebianorg/security/ Moritz Muehlenhoff August 16, 2018 wwwdebianorg/security/faq ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4273-2 security () debian org wwwdebianorg/security/ Moritz Muehlenhoff September 16, 2018 wwwdebianorg/security/faq ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4469-1 security () debian org wwwdebianorg/security/ Salvatore Bonaccorso June 22, 2019 wwwdebianorg/security/faq ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 1014 macOS Mojave 1014 addresses the following: Bluetooth Available for: iMac (215-inch, Late 2012), iMac (27-inch, Late 2012) , iMac (215-inch, Late 2013), iMac (215-inch, Mid 2014), iMac (Retina 5K, 27-inch, L ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 1014 macOS Mojave 1014 addresses the following: Bluetooth Available for: iMac (215-inch, Late 2012), iMac (27-inch, Late 2012) , iMac (215-inch, Late 2013), iMac (215-inch, Mid 2014), iMac (Retina 5K, 27-inch, L ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-2 macOS Mojave 10141, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra macOS Mojave 10141, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following: afpserver Available for: macOS Sierra 1012 ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-2 macOS Mojave 10141, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra macOS Mojave 10141, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following: afpserver Available for: macOS Sierra 1012 ...

Github Repositories

linux-exploit Exploits CVE-2018-3639 (as known as Speculative store bypass, Spectre Variant4) CVE-2017-5753 (as known as Bound check bypass, Spectre Variant1) Exploit remaining spectre gadget Find remaining spectre gadget, and exploit them Notes In the case of CVE-2018-3639, CVE-2017-5753, These are slightly updated version of Google's exploit code for eliminating ad

CVE-2018-3639 Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux Download git clone git@githubcom:mmxsrup/CVE-2018-3639git Build cd CVE-2018-3639 make Run /specter Output $ /spectre idx: 0, highest:P, hitrate:21340000 idx: 1, highest:A, hitrate:15520000 idx: 2, highest:S, hitrate:13600000 idx: 3, highest:S, hitrate:18650000 idx: 4, highest:W, hitrate:1

CVE-2018-3639-specter-v4 spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux build: gcc spectre-v4cpp -o spectre run: /spectre result: --------attack-------- low than threshold:155 low than threshold:144 low than threshold:133 low than threshold:0 low than threshold:1 --------attack-------- low than threshold:133 low than threshold:0 low tha

Tools for exercising Speculative Store Bypass Disable The ssbd-tools project is a collection of programs that makes use of the Speculative Store Bypass Disable (SSBD) functionality provided in x86 processors SSBD is a processor based mitigation for the Speculative Store Bypass attack that is referred to as Variant 4 and assigned CVE-2018-3639 The Linux kernel introduced per-p

Intel-CVE-2018-3639-Mitigation_RegistryUpdate

Efficient_computering_in_safe_environments Research where we try to achieve the most energy savings and run-time performance by turning off unnecessary protection mechanisms of the modern computer systems The idea is that in a protected controlled environment (eg on a non-cloud data center or a single tenant machine) one can get a measurable performance boost by dispensing wi

linux-exploit Exploits CVE-2018-3639 (as known as Speculative store bypass, Spectre Variant4) CVE-2017-5753 (as known as Bound check bypass, Spectre Variant1) Exploit remaining spectre gadget Find remaining spectre gadget, and exploit them Notes In the case of CVE-2018-3639, CVE-2017-5753, These are slightly updated version of Google's exploit code for eliminating ad

CVElinker $$\ $$\ $$\ $$ |\__| $$ | $$$$$$$\ $$\ $$\ $$$$$$\ $$ |$$\ $$$$$$$\ $$ | $$\ $$$$$$\ $$$$$$\ $$ _____|\$$\ $$ |$$ __$$\ $$ |$$ |$$ __$$\ $$ | $$ |$$ __$$\ $$ __$$\ $$ / \$$\$$ / $$$$$$$$ |$$ |$$ |$$ | $$ |$$$$$$ / $$$$$$$$ |$$ | \__| $$ | \$$$ / $$

CVElinker $$\ $$\ $$\ $$ |\__| $$ | $$$$$$$\ $$\ $$\ $$$$$$\ $$ |$$\ $$$$$$$\ $$ | $$\ $$$$$$\ $$$$$$\ $$ _____|\$$\ $$ |$$ __$$\ $$ |$$ |$$ __$$\ $$ | $$ |$$ __$$\ $$ __$$\ $$ / \$$\$$ / $$$$$$$$ |$$ |$$ |$$ | $$ |$$$$$$ / $$$$$$$$ |$$ | \__| $$ | \$$$ / $$

CPU-vulnerability-collections 1papers paper blog POC Meltdown: Reading Kernel Memory from User Space(meltdownattackcom/meltdownpdf) Spectre Attacks: Exploiting Speculative Execution(spectreattackcom/spectrepdf)(Spectre v1&Spectre v2) Reading privileged memory with a side-channel(googleprojectzeroblogspotcom/2018/01/read

CPU-vulnerability-collections 1papers paper blog POC Meltdown: Reading Kernel Memory from User Space(meltdownattackcom/meltdownpdf) Spectre Attacks: Exploiting Speculative Execution(spectreattackcom/spectrepdf)(Spectre v1&Spectre v2) Reading privileged memory with a side-channel(googleprojectzeroblogspotcom/2018/01/read

Windows and Chrome Hardening Introduction This document contains a collection of tips and scripts to harden your Windows computer and Chrome browser against attackers Unfortunately, both of these pieces of software need to be treated adversarially with a hardened security posture Any tips and well-composed content that people would like to add to this document v

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ActionScript AppleScript Arduino Assembly AutoHotkey Batchfile Brainfuck C C# C++ CMake CSS Clojure CoffeeScript Common Lisp Crystal Cuda D DIGITAL Command Language Dart Dockerfile Elixir Elm Emacs Lisp Erlang F# GAP Gherkin Go Gosu Groff HTML Haskell Java JavaScript Julia Jupyter Notebook Kotli

Spectre & Meltdown Checker A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public in 2018 CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' CVE-2017-5754 [rogue data cache load] aka 'Meltdown&#

SpecuCheck SpecuCheck is a Windows utility for checking the state of the software and hardware mitigations against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4) It uses two new information classes that were added to the NtQuerySystemInformation API call as part of the recent patches introduced in January 2018 a

spectre_meltdown Description Disable Spectre And Meltdown kernel patches (CVE-2017-5754, CVE-2017-5715, CVE-2018-3639) by adding "nopti", "spectre_v2=off" and "spec_store_bypass_disable=off" to kernel command line for grub Adds facts: meltdown spectre_v1 spectre_v2 ibpb_enabled ibrs_enabled pti_enabled cpu_microcode l1tf retp_enabled spec_store_

Overview SpeculationControl is a PowerShell script that summarizes the state of configurable Windows mitigations for various speculative execution side channel vulnerabilities, such as CVE-2017-5715 (Spectre variant 2) and CVE-2017-5754 (Meltdown) For an explanation on how to interpret the output of this tool, please see Understanding Get-SpeculationControlSettings PowerShell

Overview SpeculationControl is a PowerShell script that summarizes the state of configurable Windows mitigations for various speculative execution side channel vulnerabilities, such as CVE-2017-5715 (Spectre variant 2) and CVE-2017-5754 (Meltdown) For an explanation on how to interpret the output of this tool, please see Understanding Get-SpeculationControlSettings PowerShell

Spectre and Meltdown Guidance Table of Contents About this Repository General Guidance Affected Processors Additional Processor Flaw Guidance SpectrePrime and MeltdownPrime SgxPectre Total Meltdown BranchScope Ryzenfall, Chimera, Fallout, and Masterkey License Contributing Disclaimer About This Repository This repository provides content for aiding DoD administrators in ve

Spectre & Meltdown Checker A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public in 2018 CVE-2017-5753 aka Spectre Variant 1 CVE-2017-5715 aka Spectre Variant 2 CVE-2017-5754 aka Meltdown or Variant 3 CVE-2018-3640 aka Variant 3a CVE-2018-3639 aka Variant 4 Supported operating systems: Li

Spectre & Meltdown Checker A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public since 2018 CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' CVE-2017-5754 [rogue data cache load] aka 'Meltdow

Hardware and Firmware Security Guidance Table of Contents 1 About this repository 2 Side-channel attacks 21 Mitigations 211 Firmware patches 212 Software patches 213 Configuration changes 214 Temporarily Disable Intel Hyper-Threading 215 Verification 22 Resources and Affected products 221 Hardware resources 222 Software resources 223 Advisory resources

meltdown Table of Contents Description Setup - The basics of getting started with meltdown Reference - An under-the-hood peek at what the module is doing and how Limitations - OS compatibility, etc Development - Guide for contributing to the module Description This module detects whether your system is vulnerable for Meltdown (CVE-2017-5754) or Spectre (CVE-2017-5753, CVE-20

Spectre & Meltdown Checker A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public in 2018 CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' CVE-2017-5754 [rogue data cache load] aka 'Meltdown&#

Kaosagnt's Ansible Everyday Utils This project contains many of the Ansible playbooks that I use daily as a Systems Administrator in the pursuit of easy server task automation Installation You will need to setup and install Ansible like you normally would before using what is presented here Hint: it uses ansible wwwansiblecom Optional: Create an ansible-everyd

rhel-centos-ec2-vuls Installation and execution scripts of the Vuls vulnerability scanner (vulsio) for RHEL/CentOS on AWS EC2 Description Vuls is an open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc Use these scripts to install Vuls and run vulnerability scans on your RHEL/CentOS instance on AWS EC2 Files instal

awesome-c A curated list of awesome C frameworks, libraries and software git/git - Git Source Code Mirror - This is a publish-only repository and all pull requests are ignored Please follow Documentation/SubmittingPatches procedure for any of your improvements ggreer/the_silver_searcher - A code-searching tool similar to ack, but faster SamyPesse/How-to-Make-a-Computer-Ope

Recent Articles

Linux Kernel Spectre Protection Changes to Boost App Performance
BleepingComputer • Sergiu Gatlan • 31 Jan 2019

As suggested by Thomas Gleixner and signed off by Waiman Long in a proposed Linux kernel patch, a new bit will be introduced to toggle off Speculative Store Bypass Disable (SSBD) for programs that do not require the extra protection against the Spectre Variant 4 security issue.
This vulnerability was disclosed during May 2018 and mitigated in the Linux kernel with the SSBD bit added to the IA32_SPEC_CTRL Model-Specific Register (MSR) of x86 processors and introduced via an intel-m...

Virus screener goes down, Intel patches more chips, Pegasus government spying code spreads across globe
The Register • Shaun Nichols in San Francisco • 22 Sep 2018

Plus: Gov pay sites take a dive, and more

Roundup When we weren't dealing with malware bricked-breweries, poorly-wiped servers or litigious vendors, we had a number of other security headaches to keep busy with.
Here's a few of them.
Government pay portals were in the crosshairs of cybercriminals this week.
First, there was GovPayNow, who got the dreaded Brian Krebs treatment. The internet security sleuth reported that GovPayNow.com had been relieved by hackers of some 14m records.
These include payment receipts ...

Microsoft Rolls Out New Intel Microcode for Windows 10, Server 2016
BleepingComputer • Ionut Ilascu • 22 Aug 2018

Microsoft has released multiple microcode updates that mitigate additional variants of the speculative code execution vulnerabilities affecting Intel processors. The patches cover the recently disclosed CPU flaws generically referred to as Foreshadow or L1 Terminal Fault.
All security gaps covered by these patches are varieties of the Spectre vulnerability revealed on the first days of the year. It affects all microprocessors that use branch prediction and speculative code execution to ...

Intel’s ‘Virtual Fences’ Spectre Fix Won’t Protect Against Variant 4
Threatpost • Lindsey O'Donnell • 24 May 2018

Spectre and Meltdown fixes for Intel chips announced in March, to be embedded into new CPUs, do not address the newly disclosed Variant 4, sources said.
Intel introduced hardware-based safeguards to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when the vulnerabilities were made public in early 2018. However, those protections are specific to V2 and V3, and will not impact the newly-discovered Variant 4 as well as other potential speculat...

Intel Responds to Spectre-Like Flaw In CPUs
Threatpost • Lindsey O'Donnell • 22 May 2018

Intel acknowledged that its processors are vulnerable to another dangerous speculative execution side channel flaw that could give attackers unauthorized read access to memory.
The new vulnerability, disclosed by Google Project Zero and Microsoft’s Security Response Center, is called Variant 4, and potentially enables attackers to read privileged data across trust boundaries. That’s similar to two side channel analysis vulnerabilities, Meltdown and Spectre, Intel faced earlier this ye...

Microsoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole
The Register • Chris Williams, Editor in Chief • 21 May 2018

Design blunder exists in Intel, AMD, Arm, Power processors

A fourth variant of the data-leaking Meltdown-Spectre security flaws in modern processors has been found by Microsoft and Google researchers.
These speculative-execution design blunders can be potentially exploited by malicious software running on a vulnerable device or computer, or a miscreant logged into the system, to slowly extract secrets, such as passwords, from protected kernel or application memory, depending on the circumstances.
Variants 1 and 2 are known as Spectre (CVE-20...

Google and Microsoft Reveal New Spectre Attack
BleepingComputer • Catalin Cimpanu • 21 May 2018

Security researchers from Google and Microsoft have found two new variants of the Spectre attack that affects processors made by AMD, ARM, IBM, and Intel.
Rumors about this new flaw leaked online at the start of the month in a German magazine, but actual details were published today.
AMD, ARM, IBM, Intel, Microsoft, Red Hat and Ubuntu have published security advisories at the time of writing, containing explanations of how the bugs work, along with mitigation advice.
The bugs ...

References

CWE-200http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.htmlhttp://support.lenovo.com/us/en/solutions/LEN-22133http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.htmlhttp://www.securityfocus.com/bid/104232http://www.securitytracker.com/id/1040949http://www.securitytracker.com/id/1042004http://xenbits.xen.org/xsa/advisory-263.htmlhttps://access.redhat.com/errata/RHSA-2018:1629https://access.redhat.com/errata/RHSA-2018:1630https://access.redhat.com/errata/RHSA-2018:1632https://access.redhat.com/errata/RHSA-2018:1633https://access.redhat.com/errata/RHSA-2018:1635https://access.redhat.com/errata/RHSA-2018:1636https://access.redhat.com/errata/RHSA-2018:1637https://access.redhat.com/errata/RHSA-2018:1638https://access.redhat.com/errata/RHSA-2018:1639https://access.redhat.com/errata/RHSA-2018:1640https://access.redhat.com/errata/RHSA-2018:1641https://access.redhat.com/errata/RHSA-2018:1642https://access.redhat.com/errata/RHSA-2018:1643https://access.redhat.com/errata/RHSA-2018:1644https://access.redhat.com/errata/RHSA-2018:1645https://access.redhat.com/errata/RHSA-2018:1646https://access.redhat.com/errata/RHSA-2018:1647https://access.redhat.com/errata/RHSA-2018:1648https://access.redhat.com/errata/RHSA-2018:1649https://access.redhat.com/errata/RHSA-2018:1650https://access.redhat.com/errata/RHSA-2018:1651https://access.redhat.com/errata/RHSA-2018:1652https://access.redhat.com/errata/RHSA-2018:1653https://access.redhat.com/errata/RHSA-2018:1654https://access.redhat.com/errata/RHSA-2018:1655https://access.redhat.com/errata/RHSA-2018:1656https://access.redhat.com/errata/RHSA-2018:1657https://access.redhat.com/errata/RHSA-2018:1658https://access.redhat.com/errata/RHSA-2018:1659https://access.redhat.com/errata/RHSA-2018:1660https://access.redhat.com/errata/RHSA-2018:1661https://access.redhat.com/errata/RHSA-2018:1662https://access.redhat.com/errata/RHSA-2018:1663https://access.redhat.com/errata/RHSA-2018:1664https://access.redhat.com/errata/RHSA-2018:1665https://access.redhat.com/errata/RHSA-2018:1666https://access.redhat.com/errata/RHSA-2018:1667https://access.redhat.com/errata/RHSA-2018:1668https://access.redhat.com/errata/RHSA-2018:1669https://access.redhat.com/errata/RHSA-2018:1674https://access.redhat.com/errata/RHSA-2018:1675https://access.redhat.com/errata/RHSA-2018:1676https://access.redhat.com/errata/RHSA-2018:1686https://access.redhat.com/errata/RHSA-2018:1688https://access.redhat.com/errata/RHSA-2018:1689https://access.redhat.com/errata/RHSA-2018:1690https://access.redhat.com/errata/RHSA-2018:1696https://access.redhat.com/errata/RHSA-2018:1710https://access.redhat.com/errata/RHSA-2018:1711https://access.redhat.com/errata/RHSA-2018:1737https://access.redhat.com/errata/RHSA-2018:1738https://access.redhat.com/errata/RHSA-2018:1826https://access.redhat.com/errata/RHSA-2018:1854https://access.redhat.com/errata/RHSA-2018:1965https://access.redhat.com/errata/RHSA-2018:1967https://access.redhat.com/errata/RHSA-2018:1997https://access.redhat.com/errata/RHSA-2018:2001https://access.redhat.com/errata/RHSA-2018:2003https://access.redhat.com/errata/RHSA-2018:2006https://access.redhat.com/errata/RHSA-2018:2060https://access.redhat.com/errata/RHSA-2018:2161https://access.redhat.com/errata/RHSA-2018:2162https://access.redhat.com/errata/RHSA-2018:2164https://access.redhat.com/errata/RHSA-2018:2171https://access.redhat.com/errata/RHSA-2018:2172https://access.redhat.com/errata/RHSA-2018:2216https://access.redhat.com/errata/RHSA-2018:2228https://access.redhat.com/errata/RHSA-2018:2246https://access.redhat.com/errata/RHSA-2018:2250https://access.redhat.com/errata/RHSA-2018:2258https://access.redhat.com/errata/RHSA-2018:2289https://access.redhat.com/errata/RHSA-2018:2309https://access.redhat.com/errata/RHSA-2018:2328https://access.redhat.com/errata/RHSA-2018:2363https://access.redhat.com/errata/RHSA-2018:2364https://access.redhat.com/errata/RHSA-2018:2387https://access.redhat.com/errata/RHSA-2018:2394https://access.redhat.com/errata/RHSA-2018:2396https://access.redhat.com/errata/RHSA-2018:2948https://access.redhat.com/errata/RHSA-2018:3396https://access.redhat.com/errata/RHSA-2018:3397https://access.redhat.com/errata/RHSA-2018:3398https://access.redhat.com/errata/RHSA-2018:3399https://access.redhat.com/errata/RHSA-2018:3400https://access.redhat.com/errata/RHSA-2018:3401https://access.redhat.com/errata/RHSA-2018:3402https://access.redhat.com/errata/RHSA-2018:3407https://access.redhat.com/errata/RHSA-2018:3423https://access.redhat.com/errata/RHSA-2018:3424https://access.redhat.com/errata/RHSA-2018:3425https://access.redhat.com/errata/RHSA-2019:0148https://access.redhat.com/errata/RHSA-2019:1046https://bugs.chromium.org/p/project-zero/issues/detail?id=1528https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdfhttps://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilityhttps://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlhttps://lists.debian.org/debian-lts-announce/2018/07/msg00038.htmlhttps://lists.debian.org/debian-lts-announce/2018/09/msg00017.htmlhttps://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlhttps://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlhttps://lists.debian.org/debian-lts-announce/2019/04/msg00004.htmlhttps://nvidia.custhelp.com/app/answers/detail/a_id/4787https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004https://security.netapp.com/advisory/ntap-20180521-0001/https://support.citrix.com/article/CTX235225https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_ushttps://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannelhttps://usn.ubuntu.com/3651-1/https://usn.ubuntu.com/3652-1/https://usn.ubuntu.com/3653-1/https://usn.ubuntu.com/3653-2/https://usn.ubuntu.com/3654-1/https://usn.ubuntu.com/3654-2/https://usn.ubuntu.com/3655-1/https://usn.ubuntu.com/3655-2/https://usn.ubuntu.com/3679-1/https://usn.ubuntu.com/3680-1/https://usn.ubuntu.com/3756-1/https://usn.ubuntu.com/3777-3/https://www.debian.org/security/2018/dsa-4210https://www.debian.org/security/2018/dsa-4273https://www.exploit-db.com/exploits/44695/https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.htmlhttps://www.kb.cert.org/vuls/id/180049https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlhttps://www.synology.com/support/security/Synology_SA_18_23https://www.us-cert.gov/ncas/alerts/TA18-141Ahttps://www.rapid7.com/db/vulnerabilities/apple-osx-efi-cve-2018-3639https://www.debian.org/security/./dsa-4210https://usn.ubuntu.com/3651-1/https://www.exploit-db.com/exploits/44695/https://nvd.nist.gov