Vigil@nce - Intel 64-bit CPU: information disclosure via SWAPGS
August 2019 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer/Computer-vulnerability-database-and-alert
SYNTHESIS OF THE VULNERABILITY
Impacted products: SNS, Arkoon FAST360, Debian, Fedora, Linux,
Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012,
Windows 2016, Windows 2019, Windows 7, Windows 8, Windows
(platform) not comprehensive, Windows RT, NETASQ, OpenBSD,
openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop,
SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix
(platform) not comprehensive.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 07/08/2019.
DESCRIPTION OF THE VULNERABILITY
A local attacker can read a memory fragment via SWAPGS of Intel
64-bit CPU, in order to obtain sensitive information.
ACCESS TO THE FULL VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Intel-64-bit-CPU-information-disclosure-via-SWAPGS-29962