NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Trending CVEs for the Week of August 12th, 2019

CVE-2019-1125 – SWAPGS Vulnerability

Description 

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. This SWAPGS vulnerability allows local programs, like malware, to read data from memory that is should normally not have access to, such as the Windows or Linux kernel memory.

Affected Products

  • Windows Modern CPUs
  • Intel Modern CPUs
  • Red Hat Modern CPUs
  • ChromeOS 4.19 and Android 4.19

Fixes

Microsoft Advisory explained the situation here, Intel addressed the vulnerability here, Red Hat shared the patch here and Google shared here.

References

Microsoft Security Advisor

Intel Security Advisor

Linux Kernel Source Tree

Google

Related Posts

Schedule a Product Demo Today!

See how NopSec's end-to-end Cyber Exposure Management platform can organize your security chaos.