{"vulnerability": "CVE-2017-5754", "sightings": [{"uuid": "5dd82b09-32ee-4c62-b062-dac749808b02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "MISP/5bef0001-cbc8-4ffd-b610-2f6e0a021402", "content": "", "creation_timestamp": "2018-11-16T17:39:31.000000Z"}, {"uuid": "bb5ee0a2-f51f-4023-a8a8-63c5876d9700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://msrc.microsoft.com/blog/2018/03/kva-shadow-mitigating-meltdown-on-windows/", "content": "", "creation_timestamp": "2018-03-23T06:00:00.000000Z"}, {"uuid": "f30ab85b-bb4f-424d-b1c1-f2eaf8901ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2017-5754", "type": "seen", "source": "https://gist.github.com/amcnamara/88165926a192e768cc5e86293340935d", "content": "", "creation_timestamp": "2025-01-19T04:06:12.000000Z"}, {"uuid": "f2be4bd7-2d08-4013-ad8c-8289e2c41786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/eplord/d70b16600e5a9ae87e57bbfbf2d45eac", "content": "", "creation_timestamp": "2025-01-26T08:13:49.000000Z"}, {"uuid": "f2b8d658-d4d6-4b67-b9ca-6213c317a172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/eplord/c2619f99edd1fd90f026a47bd2a689b3", "content": "", "creation_timestamp": "2025-01-31T20:01:20.000000Z"}, {"uuid": "09711e61-fd44-46e6-8f2c-bbd79af99455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/awsvpc/2096aecaf58f70a2a4ff1400fe5090d6", "content": "", "creation_timestamp": "2025-05-03T03:19:16.000000Z"}, {"uuid": "d7a29e19-46ff-430b-8193-013435f4148d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/o9-9/34af050da77df11b5e01a385f12f4aba", "content": "", "creation_timestamp": "2025-04-17T09:25:20.000000Z"}, {"uuid": "5636b2d6-2272-4aca-988d-44049166e319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/o9-9/a46ff77a56b7ed9b46903711b964bcf6", "content": "", "creation_timestamp": "2025-04-17T09:36:49.000000Z"}, {"uuid": "bc10883f-041b-4b4b-a92f-8e61e67d8b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/palonza/e56d473de33e58fa02735ba768792225", "content": "", "creation_timestamp": "2025-06-28T12:09:02.000000Z"}, {"uuid": "4536bf1c-efa8-443d-9288-c00c836453d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/o9-9/cb201e5756f243f8ec77f5c6a50903fa", "content": "", "creation_timestamp": "2025-04-13T13:35:50.000000Z"}, {"uuid": "2a6fd140-c5f8-4792-bdc6-cdeb5ec62cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/corviv/5b0f46dbc5cbeaccd6b23d65ee6b40bd", "content": "", "creation_timestamp": "2026-02-06T17:41:38.000000Z"}, {"uuid": "a49e433f-08cd-4b75-bff9-35a3b17758e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "177226c5-bec7-44eb-bcec-4c590ab0fa70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2017-5754", "type": "seen", "source": "https://gist.github.com/baonq-me/e009a8acf760f36e7218cdcb9294f211", "content": "", "creation_timestamp": "2026-04-20T06:44:52.000000Z"}, {"uuid": "cf84f80c-480b-49df-aad6-1186bfa848ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/meltdown-ja-spectre-hyokkaykset-hyodyntavat-prosessorien-ongelmia", "content": "", "creation_timestamp": "2018-12-31T06:05:10.000000Z"}, {"uuid": "ac171033-84cc-4ef0-8862-7106f297346d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "exploited", "source": "https://t.me/antichat/566", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e Meltdown \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 macOS X 10.12 \u0438 10.11 \nhttps://support.apple.com/en-gb/HT208331\n\nKernel\nAvailable for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6\nImpact: An application may be able to read kernel memory\nDescription: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.\nCVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology\nEntry added January 4, 2018", "creation_timestamp": "2018-01-05T14:03:36.000000Z"}, {"uuid": "6921cbc8-66cc-46be-aceb-dfbb9b53eb75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "exploited", "source": "https://t.me/BleepingComputer/2305", "content": "List of Meltdown and Spectre Vulnerability Advisories, Patches, & Updates\n\nThis article contains an continuously updated list of advisories, bulletins, and software updates related to the Meltdown and Spectre vulnerabilities discovered in modern processors. The related CVEs are CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754. [...]\n\nhttps://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/", "creation_timestamp": "2018-01-04T04:07:06.000000Z"}, {"uuid": "5cb48eb0-ec81-437c-9c60-4a6b22c42b16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/N0iSeBit/55", "content": "\u0415\u0449\u0435 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043c\u0438\u043a\u0440\u043e\u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u044b\u0445 \u0431\u0430\u0433\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441\u043e \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \u0418\u0442\u0430\u043a, \u0432 \u0445\u0440\u043e\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435: \n Variant 1: Bounds Check Bypass \u2013 CVE-2017-5753\n Variant 2: Branch Target Injection \u2013 CVE-2017-5715\n Variant 3: Rogue Data Cache Load \u2013 CVE-2017-5754\n Variant 3a: Rogue System Register Read \u2013 CVE-2018-3640 \n Variant 4: Speculative Store Bypass \u2013 CVE-2018-3639\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f Google P0 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b \u043d\u043e\u0432\u044b\u0439 \u0442\u0438\u043f \u0430\u0442\u0430\u043a \u0432\u0430\u0440\u0438\u0430\u043d\u0442 4, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0441\u043e \u0441\u0442\u0435\u043a\u0430 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0435\u0441\u0442, \u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 CPU. \u0412 \u0438\u0442\u043e\u0433\u0435 \u0438\u043c\u043f\u0430\u043a\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439: 1) \u0427\u0442\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 2) \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \"\u0441\u0442\u0430\u0440\u044b\u0445\" \u043a\u043e\u043c\u0430\u043d\u0434 \u0438\u0437 \u043a\u044d\u0448\u0430. https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", "creation_timestamp": "2018-05-22T07:26:30.000000Z"}, {"uuid": "3ae19418-9dc9-4306-8eb2-132d83aadecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/sysodmins/25471", "content": "\ud83d\ude31 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0423\u0434\u0430\u0440 \u043f\u043e \u041a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u0443: \u0421\u0428\u0410 \u041e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442 \u0424\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 CVE.\n\n\u041f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0421\u0428\u0410 (\u0447\u0435\u0440\u0435\u0437 DHS/CISA) \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0430\u0435\u0442 \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b CVE (Common Vulnerabilities and Exposures), \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u043c \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f MITRE. \u041a\u043e\u043d\u0442\u0440\u0430\u043a\u0442 \u0438\u0441\u0442\u0451\u043a \u0432\u0447\u0435\u0440\u0430, 16 \u0430\u043f\u0440\u0435\u043b\u044f. \u0414\u0430, *\u0442\u043e\u0439 \u0441\u0430\u043c\u043e\u0439* \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b CVE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u0435\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b (CVE-2014-0160, CVE-2017-5754 \u0438 \u0442.\u0434.) \u0432\u0441\u0435\u043c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u043c\u0438\u0440\u043e\u0432\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u0441\u043e\u0444\u0442\u0435 \u0438 \u0436\u0435\u043b\u0435\u0437\u0435.\n\n\u041f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u043a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0430 (\u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e)?\n\n* CVE \u2013 \u0444\u0443\u043d\u0434\u0430\u043c\u0435\u043d\u0442 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438. \u041d\u0430 \u044d\u0442\u0438 ID \u043e\u043f\u0438\u0440\u0430\u044e\u0442\u0441\u044f \u0432\u0435\u043d\u0434\u043e\u0440\u044b, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0441\u043a\u0430\u043d\u0435\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0430\u0442\u0447-\u043c\u0435\u043d\u0435\u0434\u0436\u043c\u0435\u043d\u0442\u0430, \u0440\u0435\u0433\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u2013 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u0432 \u0418\u0411.\n* \u0420\u0438\u0441\u043a \u0445\u0430\u043e\u0441\u0430: \u0411\u0435\u0437 \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0438\u044f ID \u043c\u043e\u0436\u0435\u0442 \u043d\u0430\u0447\u0430\u0442\u044c\u0441\u044f \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430, \u043a\u0430\u043a \u0432 \"\u0441\u0442\u0430\u0440\u044b\u0435 \u0434\u043e\u0431\u0440\u044b\u0435\" \u0432\u0440\u0435\u043c\u0435\u043d\u0430 \u0434\u043e CVE, \u043a\u043e\u0433\u0434\u0430 \u043a\u0430\u0436\u0434\u0430\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u0437\u044b\u0432\u0430\u043b\u0430 \u043e\u0434\u043d\u0443 \u0438 \u0442\u0443 \u0436\u0435 \u0434\u044b\u0440\u0443 \u043f\u043e-\u0441\u0432\u043e\u0435\u043c\u0443. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u0441\u0435\u0431\u0435 \u043f\u0430\u0442\u0447\u0438\u043d\u0433 \u0438\u043b\u0438 \u043a\u043e\u043c\u043f\u043b\u0430\u0435\u043d\u0441 \u0432 \u0442\u0430\u043a\u0438\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0412 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0431\u044b\u043b\u043e \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043e >40 000 \u043d\u043e\u0432\u044b\u0445 CVE!\n* \u041d\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c: \u041d\u0435\u044f\u0441\u043d\u043e, \u0431\u0443\u0434\u0443\u0442 \u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u043e\u0432\u044b\u0435 CVE, \u0431\u0443\u0434\u0435\u0442 \u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441\u0430\u0439\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b (cve.mitre.org), \u043a\u0430\u043a \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0431\u0430\u0437\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (NVD)? \u0418\u0441\u0442\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 CVE, \u043a \u0441\u0447\u0430\u0441\u0442\u044c\u044e, \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043d\u0430 GitHub.\n\n\u0427\u0442\u043e \u0434\u0430\u043b\u044c\u0448\u0435? \u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e. MITRE \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043d\u043e \u0437\u0430\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u0440\u0438\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f VulnCheck (\u043e\u0434\u0438\u043d \u0438\u0437 CNA \u2013 \u0446\u0435\u043d\u0442\u0440\u043e\u0432 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u0438\u044f CVE) \u043f\u0440\u0435\u0432\u0435\u043d\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0440\u0435\u0437\u0435\u0440\u0432\u0438\u0440\u043e\u0432\u0430\u043b\u0430 1000 ID \u043d\u0430 2025 \u0433\u043e\u0434, \u043d\u043e \u044d\u0442\u043e\u0433\u043e \u0445\u0432\u0430\u0442\u0438\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0443\u043c \u043d\u0430 1-2 \u043c\u0435\u0441\u044f\u0446\u0430 \u0440\u0430\u0431\u043e\u0442\u044b MITRE. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u0432\u0441\u0435\u0439 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438 \u0438\u043b\u0438 \u043f\u043e\u0438\u0441\u043a \u043d\u043e\u0432\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u041f\u0440\u0438\u0447\u0438\u043d\u0430 \u2013 \u043f\u043e\u0438\u0441\u043a \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0422\u0440\u0430\u043c\u043f\u0430 \u0441\u0442\u0430\u0442\u0435\u0439 \u0434\u043b\u044f \u0443\u0440\u0435\u0437\u0430\u043d\u0438\u044f \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0431\u044e\u0434\u0436\u0435\u0442\u0430.\n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0441\u043a\u043e\u0440\u043e \u0433\u043b\u0430\u0432\u043d\u044b\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u043c \u0434\u043b\u044f \u0442\u0440\u0435\u043a\u0438\u043d\u0433\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043d\u043e\u0432\u0430 \u0441\u0442\u0430\u043d\u0435\u0442 Excel-\u0442\u0430\u0431\u043b\u0438\u0446\u0430 \ud83d\ude28\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2025-04-16T21:44:03.000000Z"}, {"uuid": "5fed61a6-8847-49ee-a3a5-52d9e825554d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "exploited", "source": "https://t.me/alexmakus/1614", "content": "\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e Meltdown \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0432 macOS X 10.12 \u0438 10.11 \nhttps://support.apple.com/en-gb/HT208331\n\nKernel\nAvailable for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6\nImpact: An application may be able to read kernel memory\nDescription: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.\nCVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology\nEntry added January 4, 2018", "creation_timestamp": "2018-01-05T14:18:35.000000Z"}, {"uuid": "c9e58717-b5b4-406f-9d76-dcc4bf2fe169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "exploited", "source": "https://t.me/information_security_channel/14241", "content": "Microsoft Releases More Patches for Meltdown, Spectre\nhttp://feedproxy.google.com/~r/Securityweek/~3/1BeuylZzoq0/microsoft-releases-more-patches-meltdown-spectre\n\nMicrosoft informed users on Tuesday that it released additional patches for the CPU vulnerabilities known as Meltdown and Spectre, and removed antivirus compatibility checks in Windows 10.\nMeltdown and Spectre allow malicious applications to bypass memory isolation and access sensitive data. Meltdown attacks are possible due to CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). Meltdown and Spectre Variant 1 can be resolved with software updates, but Spectre Variant 2 requires microcode patches.\nIn addition to software mitigations (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002), Microsoft recently started providing microcode patches as well. It initially delivered (https://www.securityweek.com/windows-updates-deliver-intels-spectre-microcode-patches) Intel\u2019s microcode updates to devices running Windows 10 Fall Creators Update and Windows Server 2016 (1709) with Skylake processors.\nNow that Intel has developed and tested patches (https://www.securityweek.com/intel-releases-spectre-patches-broadwell-haswell-cpus) for many of its products, Microsoft has also expanded the list of processors (https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates) covered by its Windows 10 and Windows Server 2016 updates. Devices with Skylake, Coffee Lake and Kaby Lake CPUs can now receive the microcode updates from Intel via the Microsoft Update Catalog.\nMicrosoft also informed customers (https://blogs.windows.com/windowsexperience/2018/03/13/march-2018-windows-security-update-expanding-our-efforts-to-protect-customers/#sqXx51Yt7wiBOwzm.97) on Tuesday that software patches for the Meltdown vulnerability are now available for x86 editions of Windows 7 and Windows 8.1.\nThe company has also decided to remove the antivirus compatibility checks in Windows 10. The decision to introduce these checks came after the tech giant noticed that some security products had created compatibility issues with the Meltdown patches. This resulted in users not receiving security updates unless their AV vendor made some changes.\nMicrosoft has determined that this is no longer an issue on Windows 10 so the checks have been removed. On other versions of the operating system, users will still not receive updates if their antivirus is incompatible.\nMicrosoft\u2019s Patch Tuesday updates for March 2018 (https://www.securityweek.com/microsoft-patches-over-dozen-critical-browser-flaws) fix over 70 flaws, including more than a dozen critical bugs affecting the company\u2019s Edge and Internet Explorer web browsers.\nRelated: Microsoft Disables Spectre Mitigations Due to Instability (https://www.securityweek.com/microsoft-disables-spectre-mitigations-due-instability)\nRelated: Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (https://www.securityweek.com/microsoft-intel-share-data-performance-impact-cpu-flaw-patches)", "creation_timestamp": "2018-03-14T15:55:35.000000Z"}, {"uuid": "06ed3712-a9e2-4ca7-9287-f3c172949de4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "exploited", "source": "https://t.me/information_security_channel/14437", "content": "In late January, Krzanich revealed that the company had started working on processors with\u00a0built-in protections (https://www.securityweek.com/intel-working-cpus-meltdown-spectre-protections) for attacks similar to Meltdown and Spectre. Additional details have now been provided and Intel even published a video (https://www.youtube.com/watch?v=pi2ftnlfImo) that explains on a high level how these side-channel attacks work and how it plans on preventing them.\nMeltdown attacks rely on a vulnerability identified as CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). Meltdown and Variant 1 can be addressed with software patches, but Variant 2 also requires microcode updates.\nIntel\u2019s new CPUs, both for data centers and PCs, will be redesigned to protect against Meltdown and Spectre Variant 2.\n\u201cWe have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional \u2018protective walls\u2019 between applications and user privilege levels to create an obstacle for bad actors,\u201d Krzanich explained.\nThese protections are expected to become available in the second half of the year with the release of Intel Xeon Scalable (Cascade Lake) and 8th Generation Intel Core processors.\n\u201cAs we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical. Our goal is to offer not only the best performance, but also the best secure performance,\u201d Krzanich said.\nRelated: IBM Releases Spectre, Meltdown Patches for Power Systems (https://www.securityweek.com/ibm-releases-spectre-meltdown-patches-power-systems)\nRelated: New AMD Processors to Include Protections for Spectre-like Exploits (https://www.securityweek.com/new-amd-processors-include-protections-spectre-exploits)\nRelated: Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (https://www.securityweek.com/microsoft-intel-share-data-performance-impact-cpu-flaw-patches)", "creation_timestamp": "2018-03-15T21:51:29.000000Z"}, {"uuid": "6d36f5f1-5116-40b3-bd04-46d8d8db2c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/information_security_channel/14993", "content": "More Chrome OS Devices Receive Meltdown, Spectre Patches\nhttp://feedproxy.google.com/~r/Securityweek/~3/GblQCUJarZ4/more-chrome-os-devices-receive-meltdown-spectre-patches\n\nThe latest stable channel update for Google\u2019s Chrome OS operating system includes mitigations for devices with Intel processors affected by the Spectre and Meltdown vulnerabilities.\nMeltdown and Spectre attacks exploit design flaws in Intel, AMD, ARM and other processors. They allow malicious applications to bypass memory isolation mechanisms and gain access to sensitive data.\nMeltdown attacks are possible due to CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). While Meltdown and Variant 1 can be addressed with software updates, Variant 2 also requires microcode updates from the manufacturers of the impacted processors. Software mitigations include kernel page-table isolation (KPTI/KAISER) and a technique developed by Google called Retpoline.\nMeltdown and Spectre were discovered independently by three teams of researchers. Google Project Zero researcher Jann Horn was one of the experts who found the flaws, which meant the company had enough time to work on patches before the details of the vulnerabilities were disclosed.\nIn the case of Chrome OS, Google rolled out the first Meltdown mitigations with the release (https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-chrome-os.html) of version 63 in mid-December, more than two weeks before public disclosure (https://www.securityweek.com/intel-amd-chip-vulnerabilities-put-billions-devices-risk).\nAt the time, Google rolled out the KPTI/KAISER patch to roughly 70 Intel-based Chromebook models from Acer, ASUS, Dell, HP, Lenovo, Samsung and others.\nGoogle released Chrome OS 65 (https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os_19.html) on Monday and informed users that it includes the KPTI mitigation against Meltdown for additional Intel devices with version 3.14 of the kernel.\nA status page (https://www.chromium.org/chrome-os-devices-and-kernel-versions#TOC-Variant-1-CVE-2017-5753-) created by Google to help users track the availability of Meltdown and Spectre patches for Chrome OS shows that all older Chromebooks with Intel processors, including with kernel versions 3.14 and 3.8, should get the KPTI mitigation for Meltdown with the release of Chrome OS 66, which is currently scheduled for release on April 24.\nChrome OS 65 also brings the Retpoline mitigation for Spectre Variant 2 to all devices with Intel processors. Google noted that Variant 2 can be exploited using virtualization, and while Chrome OS devices don\u2019t use this type of feature, some measures have been taken to proactively protect users.\nIn the case of Spectre Variant 1, the eBPF feature in the Linux kernel can be abused for exploitation, but Chrome OS is not impacted as it disables eBPF, Google said.\nThe tech giant informs customers that Chrome OS devices with ARM processors are not affected by Meltdown. As for the Spectre vulnerabilities, Google says it has started integrating the firmware and kernel patches supplied by ARM, but release timelines have not been finalized.\nRelated: Intel Shares Details on New CPUs With Spectre, Meltdown Protections (https://www.securityweek.com/intel-shares-details-new-cpus-spectre-meltdown-protections)\nRelated: Microsoft Releases More Patches for Meltdown, Spectre (https://www.securityweek.com/microsoft-releases-more-patches-meltdown-spectre)", "creation_timestamp": "2018-03-22T16:08:23.000000Z"}, {"uuid": "6cc71463-8cf3-4d38-a413-5a8f6294bd1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/SecLabNews/1858", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f 64-\u0440\u0430\u0437\u0440\u0430\u0434\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows 7 \u0438 Windows Server 2008, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u0440\u0438\u0437\u0432\u0430\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u044b\u0435 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Meltdown (CVE-2017-5754). \nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0439 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f Windows 7 \u0438 Windows Server 2008", "creation_timestamp": "2018-03-30T10:24:13.000000Z"}, {"uuid": "0e854b8f-13a4-4133-9af6-747771af84fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/arpsyndicate/1809", "content": "#ExploitObserverAlert\n\nCVE-2017-5754\n\nDESCRIPTION: Exploit Observer has 161 entries related to CVE-2017-5754. Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.\n\nFIRST-EPSS: 0.974610000\nNVD-IS: 4.0\nNVD-ES: 1.1", "creation_timestamp": "2023-12-12T12:24:26.000000Z"}, {"uuid": "8aa91474-e43f-4b8f-96c8-245a41402380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8", "content": "#Research\n#Threat_Research\nReading privileged memory with a side-channel:\n- bounds check bypass (CVE-2017-5753);\n- branch target injection (CVE-2017-5715);\n- rogue data cache load (CVE-2017-5754);\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "creation_timestamp": "2024-07-19T14:04:22.000000Z"}, {"uuid": "42a27ebb-138b-415b-bfe3-1833cfffa738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://t.me/sysodmins/25509", "content": "\u0420\u0430\u0441\u043a\u043e\u043b CVE: \u0413\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0430\u044f \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0423\u0447\u0435\u0442\u0430 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u041d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u0414\u0440\u043e\u0431\u0438\u0442\u044c\u0441\u044f \ud83d\ude41\n\n\u041f\u0440\u0438\u0432\u044b\u0447\u043d\u0430\u044f \u043d\u0430\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430 CVE, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u0430\u044f MITRE \u0438 \u0434\u043e\u043b\u0433\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e\u043c \u0421\u0428\u0410, \u0447\u0443\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u043a\u0430\u0437\u0430\u043b\u0430 \u0434\u043e\u043b\u0433\u043e \u0436\u0438\u0442\u044c \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u0424\u0438\u043d\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0432\u043d\u0435\u0437\u0430\u043f\u043d\u043e \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u043b\u0438, \u043d\u043e \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0434\u0430\u043b\u0438 \u043e\u0442\u0441\u0440\u043e\u0447\u043a\u0443 \u043d\u0430 11 \u043c\u0435\u0441\u044f\u0446\u0435\u0432. \u042d\u0442\u043e\u0442 \"\u0437\u0432\u043e\u043d\u043e\u0447\u0435\u043a\" \u0432\u0441\u043a\u0440\u044b\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0432\u043e\u043b\u0438 \u043e\u0434\u043d\u043e\u0433\u043e, \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u043d\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0433\u043e, \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0438 \u043f\u043e\u043d\u0435\u0441\u043b\u043e\u0441\u044c...\n\n\u0418 \u0442\u0443\u0442 \u043d\u0430 \u0441\u0446\u0435\u043d\u0443 \u0432\u044b\u0445\u043e\u0434\u0438\u0442 \u0415\u0432\u0440\u043e\u043f\u0430. ENISA (\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u0415\u0421 \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u0443 \u2013 EUVD (European Union Vulnerability Database). \u042d\u0442\u0430 \u0431\u0430\u0437\u0430, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0430\u044f \u043f\u043e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u0435 NIS2, \u043f\u043e\u0445\u043e\u0436\u0430 \u043d\u0430 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0439 NVD (National Vulnerability Database): \u0430\u0433\u0440\u0435\u0433\u0438\u0440\u0443\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u0435\u0442 \u0438\u043c CVE ID, \u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0438 \u0441\u0432\u043e\u0438 EUVD ID, \u0438 \u0434\u0430\u0436\u0435 GSD ID (\u0438\u0437 \u043f\u043e\u0445\u043e\u0436\u0435 \u043c\u0435\u0440\u0442\u0432\u043e\u0439 Global Security Database). \u041d\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0432\u043e\u043a\u0440\u0443\u0433 CVE \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0442\u043e\u043b\u043a\u043d\u0443\u0442\u044c EUVD \u0441\u0442\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u043c\u0435\u043d\u043e\u0439 \u0438\u043b\u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0434\u043b\u044f \u0415\u0432\u0440\u043e\u043f\u044b.\n\n\u0427\u0442\u043e \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442? \u0412\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0440\u0438\u0441\u043a \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u0435\u0434\u0438\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0412\u043c\u0435\u0441\u0442\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u044f\u0437\u044b\u043a\u0430 (CVE-2017-5754 \u2013 \u044d\u0442\u043e \u0432\u0441\u0435\u0433\u0434\u0430 Meltdown) \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0437\u043e\u043e\u043f\u0430\u0440\u043a \u0441\u0438\u0441\u0442\u0435\u043c \u0443\u0447\u0435\u0442\u0430. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u043f\u0430\u0441\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0440\u0435\u0433\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u0433\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u043d\u0430\u0447\u043d\u0443\u0442 \u043e\u0442\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0442\u0435\u043d\u0438\u0435 \"\u0441\u0432\u043e\u0438\u043c\" \u0431\u0430\u0437\u0430\u043c \u0434\u0430\u043d\u043d\u044b\u0445 (NVD \u0432 \u0421\u0428\u0410, EUVD \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, etc).\n\n\u041f\u043e\u043c\u0438\u043c\u043e EUVD, \u043d\u0430 \u0444\u043e\u043d\u0435 \u043a\u0440\u0438\u0437\u0438\u0441\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u043d\u0438\u0446\u0438\u0430\u0442\u0438\u0432\u044b: \u043d\u0435\u043a\u0430\u044f GCVE (Global CVE Allocation System) \u043d\u0430 GitHub, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE Foundation \u2013 \u043d\u0435\u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f, \u043f\u0440\u0438\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u0432\u0437\u044f\u0442\u044c CVE \u043f\u043e\u0434 \u0441\u0432\u043e\u0435 \u043a\u0440\u044b\u043b\u043e \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \"\u0435\u0434\u0438\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 \u043e\u0442\u043a\u0430\u0437\u0430\". MITRE \u043f\u043e\u043a\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043d\u0442\u0440\u0430\u043a\u0442\u0443 \u0435\u0449\u0435 11 \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u043d\u043e \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u0442 \u0434\u0430\u043b\u044c\u0448\u0435 \u2013 \u043d\u0435\u044f\u0441\u043d\u043e.\n\n\u0412\u043e\u043f\u0440\u043e\u0441 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c - c\u043c\u043e\u0436\u0435\u0442 \u043b\u0438 \u043a\u0442\u043e-\u0442\u043e (\u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u044f) \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u0443\u044e, \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u0443\u044e \u0438 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443? \u0418\u043b\u0438 \u043d\u0430\u0441 \u0436\u0434\u0435\u0442 \u0445\u0430\u043e\u0441 \u0438\u0437 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0445 \u0431\u0430\u0437 \u0438 \u043d\u0435\u0439\u043c\u0438\u043d\u0433\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439? \u0418 \u043a\u043e\u043c\u0443 \u0442\u043e\u0433\u0434\u0430 \u0434\u043e\u0432\u0435\u0440\u044f\u0442\u044c? \ud83e\udd14\n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0441\u043a\u043e\u0440\u043e \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u0438\u0441\u0430\u0442\u044c \u0432 \u043e\u0442\u0447\u0435\u0442\u0430\u0445: \"\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-xxxx / EUVD-yyyy / GCVE-zzzz (\u043d\u0443\u0436\u043d\u043e\u0435 \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u043d\u0443\u0442\u044c)\". \u0423\u0434\u043e\u0431\u043d\u043e, \u043d\u0435 \u043f\u0440\u0430\u0432\u0434\u0430 \u043b\u0438?\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2025-04-19T18:43:09.000000Z"}, {"uuid": "87a3d678-7aa5-453a-8ad0-1ff29e618f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5754", "type": "seen", "source": "https://gist.github.com/SoulKIngx/9f1e8b1ffa1859b06c5b70915d9c28a0", "content": "<# :\n@type \"%~f0\" | powershell -c - & pause\n#>\n\nfunction Get-SpeculationControlSettings {\n <#\n\n .SYNOPSIS\n This function queries the speculation control settings for the system.\n\n .DESCRIPTION\n This function queries the speculation control settings for the system.\n\n .PARAMETER Quiet\n This parameter suppresses host output that is displayed by default.\n \n #>\n\n [CmdletBinding()]\n param (\n [switch]$Quiet\n )\n \n process {\n\n $NtQSIDefinition = @'\n [DllImport(\"ntdll.dll\")]\n public static extern int NtQuerySystemInformation(uint systemInformationClass, IntPtr systemInformation, uint systemInformationLength, IntPtr returnLength);\n'@\n \n $ntdll = Add-Type -MemberDefinition $NtQSIDefinition -Name 'ntdll' -Namespace 'Win32' -PassThru\n\n\n [System.IntPtr]$systemInformationPtr = [System.Runtime.InteropServices.Marshal]::AllocHGlobal(4)\n [System.IntPtr]$returnLengthPtr = [System.Runtime.InteropServices.Marshal]::AllocHGlobal(4)\n\n $object = New-Object -TypeName PSObject\n\n try {\n \n #\n # Query branch target injection information.\n #\n\n if ($Quiet -ne $true) {\n Write-Host \"Speculation control settings for CVE-2017-5715 [branch target injection]\" -ForegroundColor Cyan\n Write-Host \"For more information about the output below, please refer to https://support.microsoft.com/en-in/help/4074629\" -ForegroundColor Cyan\n Write-Host\n }\n\n $btiHardwarePresent = $false\n $btiWindowsSupportPresent = $false\n $btiWindowsSupportEnabled = $false\n $btiDisabledBySystemPolicy = $false\n $btiDisabledByNoHardwareSupport = $false\n \n [System.UInt32]$systemInformationClass = 201\n [System.UInt32]$systemInformationLength = 4\n\n $retval = $ntdll::NtQuerySystemInformation($systemInformationClass, $systemInformationPtr, $systemInformationLength, $returnLengthPtr)\n\n if ($retval -eq 0xc0000003 -or $retval -eq 0xc0000002) {\n # fallthrough\n }\n elseif ($retval -ne 0) {\n throw ((\"Querying branch target injection information failed with error {0:X8}\" -f $retval))\n }\n else {\n \n [System.UInt32]$scfBpbEnabled = 0x01\n [System.UInt32]$scfBpbDisabledSystemPolicy = 0x02\n [System.UInt32]$scfBpbDisabledNoHardwareSupport = 0x04\n [System.UInt32]$scfHwReg1Enumerated = 0x08\n [System.UInt32]$scfHwReg2Enumerated = 0x10\n [System.UInt32]$scfHwMode1Present = 0x20\n [System.UInt32]$scfHwMode2Present = 0x40\n [System.UInt32]$scfSmepPresent = 0x80\n\n [System.UInt32]$flags = [System.UInt32][System.Runtime.InteropServices.Marshal]::ReadInt32($systemInformationPtr)\n\n $btiHardwarePresent = ((($flags -band $scfHwReg1Enumerated) -ne 0) -or (($flags -band $scfHwReg2Enumerated)))\n $btiWindowsSupportPresent = $true\n $btiWindowsSupportEnabled = (($flags -band $scfBpbEnabled) -ne 0)\n\n if ($btiWindowsSupportEnabled -eq $false) {\n $btiDisabledBySystemPolicy = (($flags -band $scfBpbDisabledSystemPolicy) -ne 0)\n $btiDisabledByNoHardwareSupport = (($flags -band $scfBpbDisabledNoHardwareSupport) -ne 0)\n }\n\n if ($Quiet -ne $true -and $PSBoundParameters['Verbose']) {\n Write-Host \"BpbEnabled :\" (($flags -band $scfBpbEnabled) -ne 0)\n Write-Host \"BpbDisabledSystemPolicy :\" (($flags -band $scfBpbDisabledSystemPolicy) -ne 0)\n Write-Host \"BpbDisabledNoHardwareSupport :\" (($flags -band $scfBpbDisabledNoHardwareSupport) -ne 0)\n Write-Host \"HwReg1Enumerated :\" (($flags -band $scfHwReg1Enumerated) -ne 0)\n Write-Host \"HwReg2Enumerated :\" (($flags -band $scfHwReg2Enumerated) -ne 0)\n Write-Host \"HwMode1Present :\" (($flags -band $scfHwMode1Present) -ne 0)\n Write-Host \"HwMode2Present :\" (($flags -band $scfHwMode2Present) -ne 0)\n Write-Host \"SmepPresent :\" (($flags -band $scfSmepPresent) -ne 0)\n }\n }\n\n if ($Quiet -ne $true) {\n Write-Host \"Hardware support for branch target injection mitigation is present:\"($btiHardwarePresent) -ForegroundColor $(If ($btiHardwarePresent) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::Red })\n Write-Host \"Windows OS support for branch target injection mitigation is present:\"($btiWindowsSupportPresent) -ForegroundColor $(If ($btiWindowsSupportPresent) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::Red })\n Write-Host \"Windows OS support for branch target injection mitigation is enabled:\"($btiWindowsSupportEnabled) -ForegroundColor $(If ($btiWindowsSupportEnabled) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::Red })\n \n if ($btiWindowsSupportPresent -eq $true -and $btiWindowsSupportEnabled -eq $false) {\n Write-Host -ForegroundColor Red \"Windows OS support for branch target injection mitigation is disabled by system policy:\"($btiDisabledBySystemPolicy)\n Write-Host -ForegroundColor Red \"Windows OS support for branch target injection mitigation is disabled by absence of hardware support:\"($btiDisabledByNoHardwareSupport)\n }\n }\n \n $object | Add-Member -MemberType NoteProperty -Name BTIHardwarePresent -Value $btiHardwarePresent\n $object | Add-Member -MemberType NoteProperty -Name BTIWindowsSupportPresent -Value $btiWindowsSupportPresent\n $object | Add-Member -MemberType NoteProperty -Name BTIWindowsSupportEnabled -Value $btiWindowsSupportEnabled\n $object | Add-Member -MemberType NoteProperty -Name BTIDisabledBySystemPolicy -Value $btiDisabledBySystemPolicy\n $object | Add-Member -MemberType NoteProperty -Name BTIDisabledByNoHardwareSupport -Value $btiDisabledByNoHardwareSupport\n\n #\n # Query kernel VA shadow information.\n #\n \n if ($Quiet -ne $true) {\n Write-Host\n Write-Host \"Speculation control settings for CVE-2017-5754 [rogue data cache load]\" -ForegroundColor Cyan\n Write-Host \n }\n\n $kvaShadowRequired = $true\n $kvaShadowPresent = $false\n $kvaShadowEnabled = $false\n $kvaShadowPcidEnabled = $false\n\n $cpu = Get-WmiObject Win32_Processor\n\n if ($cpu -is [array]) {\n $cpu = $cpu[0]\n }\n\n $manufacturer = $cpu.Manufacturer\n\n if ($manufacturer -eq \"AuthenticAMD\") {\n $kvaShadowRequired = $false\n }\n elseif ($manufacturer -eq \"GenuineIntel\") {\n $regex = [regex]'Family (\\d+) Model (\\d+) Stepping (\\d+)'\n $result = $regex.Match($cpu.Description)\n \n if ($result.Success) {\n $family = [System.UInt32]$result.Groups[1].Value\n $model = [System.UInt32]$result.Groups[2].Value\n $stepping = [System.UInt32]$result.Groups[3].Value\n \n if (($family -eq 0x6) -and \n (($model -eq 0x1c) -or\n ($model -eq 0x26) -or\n ($model -eq 0x27) -or\n ($model -eq 0x36) -or\n ($model -eq 0x35))) {\n\n $kvaShadowRequired = $false\n }\n }\n }\n else {\n throw (\"Unsupported processor manufacturer: {0}\" -f $manufacturer)\n }\n\n [System.UInt32]$systemInformationClass = 196\n [System.UInt32]$systemInformationLength = 4\n\n $retval = $ntdll::NtQuerySystemInformation($systemInformationClass, $systemInformationPtr, $systemInformationLength, $returnLengthPtr)\n\n if ($retval -eq 0xc0000003 -or $retval -eq 0xc0000002) {\n }\n elseif ($retval -ne 0) {\n throw ((\"Querying kernel VA shadow information failed with error {0:X8}\" -f $retval))\n }\n else {\n \n [System.UInt32]$kvaShadowEnabledFlag = 0x01\n [System.UInt32]$kvaShadowUserGlobalFlag = 0x02\n [System.UInt32]$kvaShadowPcidFlag = 0x04\n [System.UInt32]$kvaShadowInvpcidFlag = 0x08\n\n [System.UInt32]$flags = [System.UInt32][System.Runtime.InteropServices.Marshal]::ReadInt32($systemInformationPtr)\n\n $kvaShadowPresent = $true\n $kvaShadowEnabled = (($flags -band $kvaShadowEnabledFlag) -ne 0)\n $kvaShadowPcidEnabled = ((($flags -band $kvaShadowPcidFlag) -ne 0) -and (($flags -band $kvaShadowInvpcidFlag) -ne 0))\n\n if ($Quiet -ne $true -and $PSBoundParameters['Verbose']) {\n Write-Host \"KvaShadowEnabled :\" (($flags -band $kvaShadowEnabledFlag) -ne 0)\n Write-Host \"KvaShadowUserGlobal :\" (($flags -band $kvaShadowUserGlobalFlag) -ne 0)\n Write-Host \"KvaShadowPcid :\" (($flags -band $kvaShadowPcidFlag) -ne 0)\n Write-Host \"KvaShadowInvpcid :\" (($flags -band $kvaShadowInvpcidFlag) -ne 0)\n }\n }\n \n if ($Quiet -ne $true) {\n Write-Host \"Hardware requires kernel VA shadowing:\"$kvaShadowRequired\n\n if ($kvaShadowRequired) {\n\n Write-Host \"Windows OS support for kernel VA shadow is present:\"$kvaShadowPresent -ForegroundColor $(If ($kvaShadowPresent) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::Red })\n Write-Host \"Windows OS support for kernel VA shadow is enabled:\"$kvaShadowEnabled -ForegroundColor $(If ($kvaShadowEnabled) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::Red })\n\n if ($kvaShadowEnabled) {\n Write-Host \"Windows OS support for PCID performance optimization is enabled: $kvaShadowPcidEnabled [not required for security]\" -ForegroundColor $(If ($kvaShadowPcidEnabled) { [System.ConsoleColor]::Green } Else { [System.ConsoleColor]::White })\n }\n }\n }\n \n $object | Add-Member -MemberType NoteProperty -Name KVAShadowRequired -Value $kvaShadowRequired\n $object | Add-Member -MemberType NoteProperty -Name KVAShadowWindowsSupportPresent -Value $kvaShadowPresent\n $object | Add-Member -MemberType NoteProperty -Name KVAShadowWindowsSupportEnabled -Value $kvaShadowEnabled\n $object | Add-Member -MemberType NoteProperty -Name KVAShadowPcidEnabled -Value $kvaShadowPcidEnabled\n\n #\n # Provide guidance as appropriate.\n #\n\n $actions = @()\n \n if ($btiHardwarePresent -eq $false) {\n $actions += \"Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.\"\n }\n\n if ($btiWindowsSupportPresent -eq $false -or $kvaShadowPresent -eq $false) {\n $actions += \"Install the latest available updates for Windows with support for speculation control mitigations.\"\n }\n\n if (($btiHardwarePresent -eq $true -and $btiWindowsSupportEnabled -eq $false) -or ($kvaShadowRequired -eq $true -and $kvaShadowEnabled -eq $false)) {\n $guidanceUri = \"\"\n $guidanceType = \"\"\n\n \n $os = Get-WmiObject Win32_OperatingSystem\n\n if ($os.ProductType -eq 1) {\n # Workstation\n $guidanceUri = \"https://support.microsoft.com/help/4073119\"\n $guidanceType = \"Client\"\n }\n else {\n # Server/DC\n $guidanceUri = \"https://support.microsoft.com/help/4072698\"\n $guidanceType = \"Server\"\n }\n\n $actions += \"Follow the guidance for enabling Windows $guidanceType support for speculation control mitigations described in $guidanceUri\"\n }\n\n if ($Quiet -ne $true -and $actions.Length -gt 0) {\n\n Write-Host\n Write-Host \"Suggested actions\" -ForegroundColor Cyan\n Write-Host \n\n foreach ($action in $actions) {\n Write-Host \" *\" $action\n }\n }\n\n return $object\n\n }\n finally\n {\n if ($systemInformationPtr -ne [System.IntPtr]::Zero) {\n [System.Runtime.InteropServices.Marshal]::FreeHGlobal($systemInformationPtr)\n }\n \n if ($returnLengthPtr -ne [System.IntPtr]::Zero) {\n [System.Runtime.InteropServices.Marshal]::FreeHGlobal($returnLengthPtr)\n }\n } \n }\n}\n\nGet-SpeculationControlSettings \n#", "creation_timestamp": "2026-05-12T07:49:43.000000Z"}]}