Amazon Linux AMI: CVE-2017-5753: Security patch for kernel (ALAS-2018-956)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:C/I:N/A:N) | January 04, 2018 | February 22, 2018 | June 21, 2018 |
Description
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- REDHAT-RHSA-2018:0292
- AMAZON-ALAS-2018-956
- SUSE-SUSE-SU-2018:0010
- SUSE-SUSE-SU-2018:0011
- SUSE-SUSE-SU-2018:0012
- BID-102371
- SECTRACK-1040071
- UBUNTU-USN-3516-1
- UBUNTU-USN-3521-1
- UBUNTU-USN-3530-1
- UBUNTU-USN-3540-1
- UBUNTU-USN-3540-2
- UBUNTU-USN-3541-1
- UBUNTU-USN-3541-2
- UBUNTU-USN-3542-1
- UBUNTU-USN-3542-2
- UBUNTU-USN-3549-1
- UBUNTU-USN-3580-1
- UBUNTU-USN-3597-1
- UBUNTU-USN-3597-2
- DEBIAN-DSA-4187
- DEBIAN-DSA-4188
- NVD-CVE-2017-5753
Solution
amazon-linux-upgrade-kernelRelated Vulnerabilities
- VMware Workstation: Bounds Check bypass (VMSA-2018-0002) (CVE-2017-5753)
- FreeBSD: VID-1CE95BC7-3278-11E8-B527-00012E582166 (CVE-2017-5753): webkit2-gtk3 -- multiple vulnerabilities
- VMware Fusion: Bounds Check bypass (VMSA-2018-0002) (CVE-2017-5753)
- Apple Safari security update for CVE-2017-5753
- Ubuntu: (Multiple Advisories) (CVE-2017-5753): Linux kernel (HWE) vulnerabilities
- OS X update for macOS High Sierra 10.13.2 Supplemental Update (CVE-2017-5753)
- VMSA-2018-0002: ESXi Bounds Check bypass (CVE-2017-5753)
- Oracle Solaris 11: CVE-2017-5753: Vulnerability in Firefox, Kernel, NVIDIA-GFX Kernel driver, WebKitGTK+
- CentOS: (CVE-2017-5753) (Multiple Advisories): kernel
- SUSE: CVE-2017-5753: SUSE Linux Security Advisory
- Debian: CVE-2017-5753: Multiple Affected Packages
- Alpine Linux: CVE-2017-5753: xen Multiple vulnerabilities
- Gentoo Linux: CVE-2017-5753: Xen: Multiple vulnerabilities
- Cisco NX-OS: CPU Side-Channel Information Disclosure Vulnerabilities (Multiple CVEs)
- Oracle Linux: (CVE-2017-5753) (Multiple Advisories): kernel security and bug fix update
- IBM AIX: spectre_meltdown_advisory (CVE-2017-5753): Speculative execution and indirect branch prediction vulnerabilities
- Red Hat: CVE-2017-5753: Important: kernel security update (Multiple Advisories)
- F5 Networks: K91229003 (CVE-2017-5753): Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754