SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Device (Embedded Server/Appliance)  >   CPU (Generic) Vendors:   Advanced Micro Devices, Arm Holdings, Intel
Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
SecurityTracker Alert ID:  1040071
SecurityTracker URL:  http://securitytracker.com/id/1040071
CVE Reference:   CVE-2017-5715, CVE-2017-5753, CVE-2017-5754   (Links to External Site)
Updated:  Jan 6 2018
Original Entry Date:  Jan 4 2018
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   Several vulnerabilities were reported in Intel, AMD, and ARM CPUs. A local user can read arbitrary virtual memory on the target CPU device.

A local user can exploit race conditions in CPU data cache processing to obtain potentially sensitive information on the target system. This can be exploited to read arbitrary virtual memory on the target system, including by a local user on a guest operating system of a virtual machine to read arbitrary memory from other guest systems, the host operating system, and the hypervisor.

In certain cases, a local user can run a specially crafted application to exploit several flaws in the CPU speculative branch instruction execution feature and leverage CPU data cache timing behavior to infer information or read information from various CPU caches.

A local user that can trigger an out-of-bounds index error in an application can read data from another process from the CPU virtual memory [CVE-2017-5753]. The eBPF interpreter or the eBPF JIT engine can be used to create vulnerable code.

A local user can run specially crafted code to cause the CPU to speculatively execute an indirect branch to leak memory contents from another process into a CPU cache and then read the contents of the cache [CVE-2017-5715].

A local user can run specially crafted code to cause the CPU to read memory from a CPU cache before an asynchronous permission check occurs [CVE-2017-5754]. AMD CPUs are reportedly not affected.

The Intel Core, Xeon, Atom, Celeron, and Pentium product lines are affected.

CPUs from AMD and ARM are also affected.

CPUs from other vendors may also affected.

The CVE-2017-5753 and CVE-2017-5715 vulnerabilities are referred to as "Spectre".

The CVE-2017-5754 vulnerability is referred to as "Meltdown".

The original advisories are available at:

https://spectreattack.com/spectre.pdf
https://meltdownattack.com/meltdown.pdf
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, Yuval Yarom, Anders Fogh, Jann Horn, the Google Project Zero Team, and others reported these vulnerabilities.

Impact:   A local user can view arbitrary virtual memory contents on the target CPU device [which can lead to elevated privileges on the target system].
Solution:   The CPU vendors are providing software and firmware updates to mitigate the applicable vulnerabilities to operating system vendors and system manufacturers.

[Editor's note: Various operating system and application vendors are implementing software solutions to mitigate these CPU vulnerabilities. Expect additional and separate advisories to be issued.]

The Intel advisory [INTEL-SA-00088] is available at:

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

The AMD advisory is available at:

http://www.amd.com/en/corporate/speculative-execution

ARM has issued firmware fixes for certain CPUs. A patch matrix is available in the ARM Trusted Firmware advisory.

The ARM advisories are available at:

https://developer.arm.com/support/security-update
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6

Cause:   Access control error, State error

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jan 4 2018 (Microsoft Issues Fix for Windows Kernel) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Microsoft has issued a fix for Windows Kernel.
Jan 4 2018 (Microsoft Issues Fix for Microsoft Edge) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Microsoft has issued a fix for Microsoft Edge.
Jan 4 2018 (Microsoft Issues Fix for Microsoft Internet Explorer) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Microsoft has issued a fix for Microsoft Internet Explorer 11.
Jan 4 2018 (VMware Issues Fix for VMware Fusion) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware Fusion 8.
Jan 4 2018 (VMware Issues Fix for VMware Workstation) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware Workstation 12.x.
Jan 4 2018 (VMware Issues Fix for VMware ESXi) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware ESXi.
Jan 4 2018 (Xen Issues Advisory for Xen) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Xen has issued an advisory for Xen.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 7.3.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 7.2.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 6.7.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 7.3.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for kernel-rt for Red Hat Enterprise Linux 7.
Jan 4 2018 (Red Hat Issues Fix) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux 6.6.
Jan 4 2018 (Red Hat Issues Fix for microcode_ctl) Intel CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for microcode_ctl for Red Hat Enterprise Linux 6, 6.2, 6.4, 6.6, 6.7, 7, 7.2, 7.3.
Jan 5 2018 (Mozilla Issues Fix for Mozilla Firefox) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Mozilla has issued a mitigation for Mozilla Firefox.
Jan 5 2018 (Lenovo Issues Fix for Lenovo PCs) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Lenovo has issued a fix for Lenovo PCs.
Jan 5 2018 (CentOS Issues Fix) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
CentOS has issued a fix for CentOS 7.
Jan 5 2018 (HPE Issues Fix for HPE ProLiant Servers) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
HPE has issued a fix for HPE ProLiant Servers.
Jan 5 2018 (Google Issues Fix for Google Android) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Google has issued a fix for Google Android.
Jan 6 2018 (Microsoft Issues Fix for Microsoft SQL Server) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Microsoft has issued a fix for Microsoft SQL Server 2008, 2008 R2, 2016 SP1 and 2017.
Jan 6 2018 (Citrix Issues Fix for Citrix XenServer) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Citrix has issued a fix for CVE-2017-5715 for Citrix XenServer.
Jan 6 2018 (Cisco Issues Advisory for Cisco Unified Computing System) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Cisco has issued an advisory for Cisco Unified Computing System.
Jan 6 2018 (Cisco Issues Advisory for Cisco Industrial Integrated Services Routers) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Cisco has issued an advisory for Cisco Industrial Integrated Services Routers.
Jan 6 2018 (Apple Issues Fix for Apple macOS/OS X) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple macOS/OS X.
Jan 6 2018 (Apple Issues Fix for Apple TV) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple TV.
Jan 6 2018 (Apple Issues Fix for Apple iOS) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple iOS.
Jan 8 2018 (Apple Issues Fix for Apple macOS/OS X) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple macOS/OS X.
Jan 8 2018 (Apple Issues Fix for Apple Safari) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple Safari.
Jan 8 2018 (Apple Issues Fix for Apple iOS) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Apple has issued a fix for Apple iOS.
Jan 9 2018 (VMware Issues Fix for VMware Workstation and Fusion) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware Workstation and Fusion.
Jan 9 2018 (VMware Issues Fix for VMware vCenter) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware vCenter.
Jan 9 2018 (VMware Issues Fix for VMware ESXi) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
VMware has issued a fix for VMware ESXi.
Jan 10 2018 (Ubuntu Issues Fix for Linux Kernel) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Ubuntu has issued a fix for Linux Kernel for Ubuntu Linux 14.04 LTS.
Jan 10 2018 (Ubuntu Issues Fix for Linux Kernel) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Ubuntu has issued a fix for Linux Kernel for Ubuntu Linux 16.04 LTS.
Jan 10 2018 (Ubuntu Issues Fix for NVIDIA Driver) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Ubuntu has issued a fix for NVIDIA Driver for Ubuntu Linux 14.04 LTS, 16.04 LTS, 17.04, and 17.10.
Jan 10 2018 (Ubuntu Issues Fix for Linux Kernel) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Ubuntu has issued a fix for Linux Kernel for Ubuntu Linux 17.10.
Jan 11 2018 (Ubuntu Issues Fix for intel-microcode) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Ubuntu has issued a revised fix for intel-microcode for Ubuntu Linux 14.04 LTS, 16.04 LTS, 17.04, and 17.10.
Jan 16 2018 (Red Hat Issues Fix for Red Hat CloudForms) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat CloudForms for Red Hat Enterprise Linux.
Jan 16 2018 (Red Hat Issues Fix for Red Hat CloudForms) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat CloudForms for Red Hat Enterprise Linux.
Jan 16 2018 (Red Hat Issues Fix) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat Enterprise Linux.
Jan 16 2018 (Red Hat Issues Fix for linux-firmware) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for linux-firmware for Red Hat Enterprise Linux 7, 7.2, and 7.3.
Jan 16 2018 (Red Hat Issues Fix for Red Hat CloudForms) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Red Hat CloudForms for Red Hat Enterprise Linux.
Jan 17 2018 (Red Hat Issues Fix for microcode_ctl) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for microcode_ctl for Red Hat Enterprise Linux 6, 6.2, 6.4, 6.5, 6.6, 6.7, 7, 7.2, and 7.3.
Jan 18 2018 (CentOS Issues Fix for microcode_ctl) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
CentOS has issued a fix for microcode_ctl for CentOS 6 and 7.
Jan 18 2018 (CentOS Issues Fix for linux-firmware) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
CentOS has issued a fix for linux-firmware for CentOS 7.
Jan 18 2018 (Oracle Issues Fix for Oracle Linux) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Oracle has issued a fix for microcode_ctl for Oracle Linux 6.
Jan 18 2018 (Oracle Issues Fix for Oracle Linux) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Oracle has issued a fix for microcode_ctl for Oracle Linux 7.
Jan 23 2018 (Oracle Issues Fix for Oracle Linux for microcode_ctl) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Oracle has issued a fix for microcode_ctl for Oracle Linux 7.
Jan 25 2018 (Brocade Communications Systems Issues Fix for Brocade vADX) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Brocade Communications Systems has issued a fix for Brocade vADX.
Jan 26 2018 (Oracle Issues Fix for Oracle Linux for microcode_ctl) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Oracle has issued a fix for microcode_ctl for Oracle Linux 6.
Jan 29 2018 (IBM Issues Fix for IBM AIX) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
IBM has issued a fix for IBM AIX 5.3 (64-bit kernel), 6.1, 7.1, and 7.2.
Feb 9 2018 (Red Hat Issues Fix for Linux Kernel) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
Red Hat has issued a fix for Linux Kernel for Red Hat Enterprise Linux 5..
Feb 14 2018 (HPE Issues Fix for HPE NonStop Server) Intel/AMD/ARM CPU Data Cache Race Conditions Let Local Users Read Arbitrary Virtual CPU Memory
HPE has issued a fix for HPE NonStop Server.



 Source Message Contents

Subject:  https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2018, SecurityGlobal.net LLC