ALT Linux Team

Package kernel-image-std-def update in sisyphus on 2018-08-16

ALT-PU-2018-2164-1

Package kernel-image-std-def updated to version 4.14.63-alt1 for branch sisyphus in task 211512.

Closed vulnerabilities

Published: 2018-01-03

BDU:2018-00995

Уязвимость процессоров Intel, связанная с возможностью спекулятивного выполнения команд и позволяющая нарушителю получить несанкционированный доступ к памяти ядра операционной системы или SMM-памяти

Severity: HIGH (7.1) Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Severity: LOW (3.3) Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N
References:
Published: 2018-08-14
Modified: 2024-11-21

CVE-2018-3620

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

Severity: MEDIUM (4.7) Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N
Severity: MEDIUM (5.6) Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top