Trending CVEs for the Week of August 12th, 2019
- Aug 14, 2019
- Michael Tucker
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. This SWAPGS vulnerability allows local programs, like malware, to read data from memory that is should normally not have access to, such as the Windows or Linux kernel memory.
Microsoft Advisory explained the situation here, Intel addressed the vulnerability here, Red Hat shared the patch here and Google shared here.