---------- Forwarded message ---------
Date: Nov 13, 2019 7:43AM
CVE-2018-12207
On an Ubuntu KVM host configured to use huge pages, a malicious KVM guest
can cause a host machine check exception (MCE) capable of bringing down
the host OS.
CVE-2019-0154
On Intel processors containing an i915 graphics processing unit, it is
possible from userspace to cause a GPU hang in certain low-power states by
reading a specific memory-mapped IO register.
CVE-2019-0155
On Intel processors containing an i915 graphics processing unit, it is
possible to use the GPU's blitter command streamer to write to
memory-mapped IO locations, which could be used for privilege escalation
or to leak kernel memory.
CVE-2019-11135
On Intel processors with support for Transactional Synchronization
Extensions (TSX), it is possible to exploit a transactional asynchronous
abort (TAA) to perform a side-channel attack and leak kernel memory.
References:
CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135
沒有留言:
張貼留言