vulnerability

Oracle Solaris 11: CVE-2018-15572: Vulnerability in Kernel

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	2018-08-20	2019-05-30	2022-02-17

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

2018-08-20

Added

2019-05-30

Modified

2022-02-17

Description

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

Solution(s)

oracle-solaris-11-3-upgrade-system-kernel-platform-0-5-11-0-175-3-36-0-27-0oracle-solaris-11-3-upgrade-system-zones-brand-brand-solaris-kz-0-5-11-0-175-3-36-0-18-0oracle-solaris-11-4-upgrade-consolidation-osnet-osnet-incorporation-11-4-11-4-9-0-1-5-0

References

CVE-2018-15572
https://attackerkb.com/topics/CVE-2018-15572
DEBIAN-DSA-4308
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today