mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
8.7 KiB
8.7 KiB
CVE-2017-5715
Description
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
POC
Reference
- http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
- http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
- http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
- http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
- http://www.kb.cert.org/vuls/id/584653
- http://www.kb.cert.org/vuls/id/584653
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://cert.vde.com/en-us/advisories/vde-2018-002
- https://cert.vde.com/en-us/advisories/vde-2018-002
- https://cert.vde.com/en-us/advisories/vde-2018-003
- https://cert.vde.com/en-us/advisories/vde-2018-003
- https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
- https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://seclists.org/bugtraq/2019/Jun/36
- https://seclists.org/bugtraq/2019/Jun/36
- https://spectreattack.com/
- https://spectreattack.com/
- https://usn.ubuntu.com/3540-2/
- https://usn.ubuntu.com/3540-2/
- https://usn.ubuntu.com/3580-1/
- https://usn.ubuntu.com/3580-1/
- https://usn.ubuntu.com/3581-1/
- https://usn.ubuntu.com/3581-1/
- https://usn.ubuntu.com/3582-1/
- https://usn.ubuntu.com/3582-1/
- https://usn.ubuntu.com/3597-2/
- https://usn.ubuntu.com/3597-2/
- https://usn.ubuntu.com/3777-3/
- https://usn.ubuntu.com/3777-3/
- https://www.exploit-db.com/exploits/43427/
- https://www.exploit-db.com/exploits/43427/
- https://www.kb.cert.org/vuls/id/180049
- https://www.kb.cert.org/vuls/id/180049
- https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001
- https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001
- https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
- https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
- https://www.synology.com/support/security/Synology_SA_18_01
- https://www.synology.com/support/security/Synology_SA_18_01
Github
- https://github.com/00052/spectre-attack-example
- https://github.com/20142995/sectool
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Aakaashzz/Meltdown-Spectre
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CyVerse-Ansible/ansible-prometheus-node-exporter
- https://github.com/EdwardOwusuAdjei/Spectre-PoC
- https://github.com/Eugnis/spectre-attack
- https://github.com/GalloLuigi/Analisi-CVE-2017-5715
- https://github.com/GarnetSunset/CiscoSpectreTakeover
- https://github.com/GhostTroops/TOP
- https://github.com/GregAskew/SpeculativeExecutionAssessment
- https://github.com/JERRY123S/all-poc
- https://github.com/Kobra3390/DuckLoad
- https://github.com/LawrenceHwang/PesterTest-Meltdown
- https://github.com/Lee-1109/SpeculativeAttackPoC
- https://github.com/OscarLGH/spectre-v1.1-fr
- https://github.com/OscarLGH/spectre-v1.2-fr
- https://github.com/PastorEmil/Vulnerability_Management
- https://github.com/PooyaAlamirpour/willyb321-stars
- https://github.com/Saiprasad16/MeltdownSpectre
- https://github.com/Spacial/awesome-csirt
- https://github.com/Spektykles/wip-kernel
- https://github.com/Viralmaniar/In-Spectre-Meltdown
- https://github.com/abouchelliga707/ansible-role-server-update-reboot
- https://github.com/adamalston/Meltdown-Spectre
- https://github.com/ambynotcoder/C-libraries
- https://github.com/amstelchen/smc_gui
- https://github.com/anquanscan/sec-tools
- https://github.com/asm/deep_spectre
- https://github.com/bhanukana/yum-update
- https://github.com/carloscn/raspi-aft
- https://github.com/chaitanyarahalkar/Spectre-PoC
- https://github.com/chuangshizhiqiang/selfModify
- https://github.com/codexlynx/hardware-attacks-state-of-the-art
- https://github.com/compris-com/spectre-meltdown-checker
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/danswinus/HWFW
- https://github.com/dgershman/sidecheck
- https://github.com/dmo2118/retpoline-audit
- https://github.com/dotnetjoe/Meltdown-Spectre
- https://github.com/douyamv/MeltdownTool
- https://github.com/dubididum/Meltdown_Spectre_check
- https://github.com/eclypsium/revoked_firmware_updates_spectre
- https://github.com/edsonjt81/spectre-meltdown
- https://github.com/eecheng87/mode-switch-stat
- https://github.com/es0j/hyperbleed
- https://github.com/feffi/docker-spectre
- https://github.com/geeksniper/reverse-engineering-toolkit
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/github-3rr0r/TEApot
- https://github.com/gonoph/ansible-meltdown-spectre
- https://github.com/hackingportal/meltdownattack-and-spectre
- https://github.com/hannob/meltdownspectre-patches
- https://github.com/hashbang/hardening
- https://github.com/hktalent/TOP
- https://github.com/igaozp/awesome-stars
- https://github.com/ionescu007/SpecuCheck
- https://github.com/ixtal23/spectreScope
- https://github.com/jarmouz/spectre_meltdown
- https://github.com/jbmihoub/all-poc
- https://github.com/jessb321/willyb321-stars
- https://github.com/jiegec/awesome-stars
- https://github.com/kali973/spectre-meltdown-checker
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/kevincoakley/puppet-spectre_meltdown
- https://github.com/kin-cho/my-spectre-meltdown-checker
- https://github.com/laddp/insights_reports
- https://github.com/lizeren/spectre-latitude
- https://github.com/lnick2023/nicenice
- https://github.com/lovesec/spectre---attack
- https://github.com/malevarro/WorkshopBanRep
- https://github.com/marcan/speculation-bugs
- https://github.com/mathse/meltdown-spectre-bios-list
- https://github.com/mbruzek/check-spectre-meltdown-ansible
- https://github.com/mcd500/teep-device
- https://github.com/merlinepedra/spectre-meltdown-checker
- https://github.com/merlinepedra25/spectre-meltdown-checker
- https://github.com/microsoft/SpeculationControl
- https://github.com/milouk/Efficient-Computing-in-a-Safe-Environment
- https://github.com/mjaggi-cavium/spectre-meltdown-checker
- https://github.com/morning21/Spectre_Meltdown_MDS_srcs
- https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance
- https://github.com/opsxcq/exploit-cve-2017-5715
- https://github.com/pathakabhi24/Awesome-C
- https://github.com/pedrolucasoliva/spectre-attack-demo
- https://github.com/poilynx/spectre-attack-example
- https://github.com/projectboot/SpectreCompiled
- https://github.com/pvergain/github-stars
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ronaldogdm/Meltdown-Spectre
- https://github.com/rosenbergj/cpu-report
- https://github.com/ryandaniels/ansible-role-server-update-reboot
- https://github.com/savchenko/windows10
- https://github.com/simeononsecurity/Windows-Spectre-Meltdown-Mitigation-Script
- https://github.com/sourcery-ai-bot/Deep-Security-Reports
- https://github.com/speed47/spectre-meltdown-checker
- https://github.com/ssstonebraker/meltdown_spectre
- https://github.com/stressboi/splunk-spectre-meltdown-uf-script
- https://github.com/timidri/puppet-meltdown
- https://github.com/uhub/awesome-c
- https://github.com/v-lavrentikov/meltdown-spectre
- https://github.com/vintagesucks/awesome-stars
- https://github.com/vrdse/MeltdownSpectreReport
- https://github.com/vurtne/specter---meltdown--checker
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/willyb321/willyb321-stars
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xymeng16/security