20180113

RSSING.COM

RSSING.COM

【外部リンク】
http://www.rssing.com/account.php?a=ssm&r=o5_0
Content Removal Request

RSS 結合 

RSS 結合 

RSS関連リンク

Yahoo! Pipesはサービス終了

【外部リンク】
http://pipes.yahoo.com/pipes/

【外部リンク】
http://www.rssmix.com/


【外部リンク】※未確認
http://www.feedrinse.com/login.php
Sign up for Feed Rinse.

【外部リンク】※未確認
https://happyou.info/fs/
http://www.balluche.fr/html2rss.php

【外部リンク】※未確認
http://dailyfeed.jp/
http://www.webrss.com/index.php
http://gplusrss.com/home/prices
http://fivefilters.org/content-only/
http://feed43.com/
https://www.chimpfeedr.com/





20180109

How do I check if my Linux server is still vulnerable to Spectre and Meltdown CPU bugs?

【外部リンク】
https://www.cyberciti.biz/faq/check-linux-server-for-spectre-meltdown-vulnerability/
Meltdown vulnerability
Posted on January 8, 2018in Categories CentOS, Debian / Ubuntu, Linux, RedHat and Friends, Security, Suse last updated January 8, 2018
How do I check if my Linux server is still vulnerable to Spectre and Meltdown CPU bugs?

Installation
The script must be run as root user. You can view source code here. Use the wget command or curl command to grab the source code on your Linux box:
$ cd /tmp/
$ wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh

OR
$ git clone https://github.com/speed47/spectre-meltdown-checker.git

Sample outputs:

Cloning into 'spectre-meltdown-checker'...

Run the script as root user using sudo command or su command:
$ sudo sh spectre-meltdown-checker.sh

Sample outputs from Ubuntu Linux desktop:

[sudo] password for vivek:


Another output from my CentOS 7.x server where Meltdown/Spectre v1 was patched with Kernel:
$ sudo sh spectre-meltdown-checker.sh

【外部リンク】

https://github.com/speed47/spectre-meltdown-checker
Spectre & Meltdown Checker

Initial Benchmarks Of The Performance Impact Resulting From Linux's x86 Security Changes

Initial Benchmarks Of The Performance Impact Resulting From Linux's x86 Security Changes

【外部リンク】

https://www.phoronix.com/scan.php?page=article&item=linux-415-x86pti

20180108

2018 年 1 月 4 日 — KB4056892 (OS ビルド 16299.192)

2018 年 1 月 4 日 — KB4056892 (OS ビルド 16299.192)
適用対象: Windows 10 version 1709
【外部リンク】
https://support.microsoft.com/ja-jp/help/4056892/windows-10-update-kb4056892
更新プログラムのインストールが 99% で停止し、CPU またはディスク使用率が高く表示されることがある問題を修正しました。 この問題は、4054022 をインストールした後に、[この PC を初期状態に戻す] を使用してデバイスをリセットした場合に発生します。
Windows SMB Server、Windows Subsystem for Linux、Windows カーネル、Windows Datacenter Networking、Windows Graphics、Microsoft Edge、Internet Explorer、および Microsoft Scripting Engine のセキュリティ更新プログラム。


Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Kernel Side-Channel Attacks - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
【外部リンク】
https://access.redhat.com/security/vulnerabilities/speculativeexecution

Red Hat has been made aware of multiple microarchitectural (hardware) implementation issues affecting many modern microprocessors, requiring updates to the Linux kernel, virtualization-related components, and/or in combination with a microcode update.  An unprivileged attacker can use these flaws to bypass conventional memory security restrictions in order to gain read access to privileged memory that would otherwise be inaccessible. There are 3 known CVEs related to this issue in combination with Intel, AMD, and ARM architectures. Additional exploits for other architectures are also known to exist. These include IBM System Z,  POWER8 (Big Endian and Little Endian), and POWER9 (Little Endian).

VMware Security Advisories VMSA-2018-0002

【外部リンク】
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
VMware Security Advisories
VMSA-2018-0002
1. Summary
VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.
2. Relevant Products
VMware vSphere ESXi (ESXi)
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion) 

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

【外部リンク】
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Intel ID: INTEL-SA-00088
Product family: Systems with Speculative Execution

Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
Intel® Atom™ Processor C Series
Intel® Atom™ Processor E Series
Intel® Atom™ Processor A Series
Intel® Atom™ Processor x3 Series
Intel® Atom™ Processor Z Series
Intel® Celeron® Processor J Series
Intel® Celeron® Processor N Series
Intel® Pentium® Processor J Series
Intel® Pentium® Processor N Series

-         CVE-2017-5753 https://01.org/security/advisories/intel-oss-10002

-         CVE-2017-5754 https://01.org/security/advisories/intel-oss-10003 

Cisco Security Advisory CPU Side-Channel Information Disclosure Vulnerabilities

Cisco Security Advisory
CPU Side-Channel Information Disclosure Vulnerabilities


【外部リンク】
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Advisory ID:  cisco-sa-20180104-cpusidechannel
First Published: 2018 January 4 22:20 GMT
Last Updated:  2018 January 5 20:52 GMT
Version 1.2:  Interim
Workarounds:  No workarounds available
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CWE-200

Products Under Investigation

Network Application, Service, and Acceleration
Cisco Cloud Services Platform 2100
Cisco vBond Orchestrator
Cisco vEdge 1000
Cisco vEdge 100
Cisco vEdge 2000
Cisco vEdge 5000
Cisco vEdge Cloud
Cisco vManage NMS
Cisco vSmart Controller

Routing and Switching - Enterprise and Service Provider
ASR9000 XR64bit Series Routers
Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers)
Cisco 4000 Series Integrated Services Routers (IOx feature)
Cisco 500 Series WPAN Industrial Routers (IOx feature)
Cisco ASR 1000 Series Aggregation Services Routers with RP2 or RP3 (IOS XE Open Service Containers)
Cisco CGR 1000 Compute Module (IOx feature)
Cisco Catalyst 3650 Series Switches (IOx feature)
Cisco Catalyst 3850 Series Switches (IOx feature)
Cisco Catalyst 9300 Series Switches (IOx feature)
Cisco Catalyst 9400 Series Switches (IOx feature)
Cisco Catalyst 9500 Series Switches (IOx feature)
Cisco Industrial Ethernet 4000 Series Switches (IOx feature)
Cisco NCS 1000 Series Routers
Cisco NCS 5000 Series Routers
Cisco NCS 5500 Series Routers
Cisco Nexus 3000 Series Switches
Cisco Nexus 4000 Series Blade Switches
Cisco Nexus 5000 Series Switches
Cisco Nexus 6000 Series Switches
Cisco Nexus 7000 Series Switches
Cisco Nexus 9000 Series Fabric Switches - ACI mode
Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode
XRv9000 Series Routers

CVE-2017-18017

CVE-2017-18017

【外部リンク】
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18017

Description
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.


--

注目の投稿

cURL error 60: SSL certificate problem: unable to get local issuer certificate

cURL error 60: SSL certificate problem: unable to get local issuer certificate 更新失敗: ダウンロードに失敗しました。 cURL error 60: SSL certificate problem: ...

人気の投稿