-
I noticed thatXCP-ng 7.6 (dom0) with the latest updates installed is still _very_ vulnerable to several serious CVEs:
```
# ./spectre-meltdown-checker.sh --explain
Spectre and Meltdown mitigatio…
-
**Host Environment**
- OS: Windows 10 1903
- Compiler: VS 2019
**To Reproduce**
Steps to reproduce the behavior:
`./vcpkg install gtk:x64-windows`
**Failure logs**
Console Output:
```
Th…
-
**CVE IDs:** CVE-2017-5753
**Patches:**
- https://github.com/tianocore/edk2/commit/cb54cd24634cfeccadb661f7f65aab3adee05e1c
- https://github.com/tianocore/edk2/commit/ee65b84e7663d12c1f950a418a…
-
On ArchLinux at the time of this writing, we are running the latest version of Intel's published microcode.
https://downloadcenter.intel.com/search?keyword=processor+microcode+data+file
Dated: 8/7…
-
Hi;
## I try to understand if my system is vulnerable or not
When I'm running your tool `spectre-meltdown-checker.sh`
on a debian stretch via the kernel `Debian 4.9.110-3+deb9u5`
it say I'm vu…
-
Scanned nixos/release-combined.nix @ f59a0f7. Filtered out previously reported CVEs. May contain false positives.
### exiv2-0.26 ([search](https://search.nix.gsc.io/?q=exiv2&i=fosho&repos=nixos-nix…
-
Is CVE-2017-5753 already patched ?
Because,
![screenshot-vuln](https://user-images.githubusercontent.com/27868982/35988580-2555b16a-0cff-11e8-9530-def36a7fe8e2.png)
With regards.
-
a.k.a. Meltdown and Spectre, https://meltdownattack.com/
https://news.opensuse.org/2018/01/04/current-status-opensuse-and-spectre-meltdown-vulnerabilities/
>For openSUSE Tumbleweed we have ported …
-
https://googleprojectzero.blogspot.hk/2018/01/reading-privileged-memory-with-side.html
So far, there are three known variants of the issue:
- Variant 1: bounds check bypass (CVE-2017-5753)
- Va…
-
till now, Debian has still **not release** a fix patch for issue Spectre.
there is the according:
https://security-tracker.debian.org/tracker/CVE-2017-5715
https://security-tracker.debian.org…