CVE-2017-5753

Related Files

Apple Security Advisory 2018-1-8-3

Posted Jan 9, 2018

Authored by Apple | Site apple.com

Apple Security Advisory 2018-1-8-3 - Safari 11.0.2 is now available and and addresses security issues relating to Spectre.

tags | advisory

systems | apple

advisories | CVE-2017-5715, CVE-2017-5753

SHA-256 | 6a0e6b5a0291d9d29a511d5ac88e1e33fb091e444b41c1d05731905fd88b552c

Download | Favorite | View

Apple Security Advisory 2018-1-8-2

Posted Jan 9, 2018

Authored by Apple | Site apple.com

Apple Security Advisory 2018-1-8-2 - macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre.

tags | advisory

systems | apple

advisories | CVE-2017-5715, CVE-2017-5753

SHA-256 | d853f93e1e71c9aa8d886a2aeccf078dfaa905ed2a74523bb075a36373aaeaf3

Download | Favorite | View

Apple Security Advisory 2018-1-8-1

Posted Jan 9, 2018

Authored by Apple | Site apple.com

Apple Security Advisory 2018-1-8-1 - iOS 11.2.2 is now available and and addresses Spectre issues with Safari and WebKit.

tags | advisory

systems | cisco, apple, ios

advisories | CVE-2017-5715, CVE-2017-5753

SHA-256 | 14100c950dadca4bf5143083ee95bc72573920f161f07761ce065fa637ff4c25

Download | Favorite | View

FreeBSD Update On Spectre / Meltdown Patching

Posted Jan 9, 2018

Authored by Gordon Tetlow

This is a note from the FreeBSD team that they were notified of the issue in late December and received a briefing under NDA with the original embargo date of January 9th. Since they received relatively late notice of the issue, their ability to provide fixes is delayed.

tags | advisory

systems | freebsd, bsd

advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

SHA-256 | 6ca4e042704f1c11c5f3b11989e130de889f46523779b326d9cbaf056da654ca

Download | Favorite | View

Ubuntu Security Notice USN-3516-1

Posted Jan 6, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3516-1 - It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other domains, bypassing same-origin restrictions.

tags | advisory, web, javascript

systems | linux, ubuntu

advisories | CVE-2017-5753, CVE-2017-5754

SHA-256 | 0ed258fac8391ebdb3640c895289db1d7c69d495280ee9f65578004df6a1089d

Download | Favorite | View

Spectre Attacks: Exploiting Speculative Execution

Posted Jan 4, 2018

Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Whitepaper called Spectre Attacks: Exploiting Speculative Execution. It discusses how to trick error-free applications into giving up secret information.

tags | paper

advisories | CVE-2017-5715, CVE-2017-5753

SHA-256 | d1a3c8c49faea6321bd01e706e0957012c18a94e1a187f1a5477c0e82270dc51

Download | Favorite | View

Spectre Information Disclosure Proof Of Concept

Posted Jan 4, 2018

Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Spectre information disclosure proof of concept exploit that affects multiple CPUs.

tags | exploit, proof of concept, info disclosure

advisories | CVE-2017-5715, CVE-2017-5753

SHA-256 | 473bf133f40fdcb9c9fa158c19b9d4681907d8e8c18230aea02e37e689ee7f95

Download | Favorite | View

Reading Privileged Memory With A Side-Channel

Posted Jan 4, 2018

Authored by Jann Horn, Google Security Research | Site googleprojectzero.blogspot.co.uk

This is the very thorough blog write-up discussing three variants of side-channel attacks that can be leveraged against CPU data cache timing.

tags | paper

advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

SHA-256 | 9107d6c0e85e587e6d3264885ffff091ea3bdc700da9a36dac144dc15d23913b

Download | Favorite | View