The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1—that affects modern computer processors. This vulnerability can be exploited to steal sensitive data present in a computer systems’ memory.

Spectre is a flaw an attacker can exploit to force a program to reveal its data. The name derives from “speculative execution”—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, and cloud servers.

CISA encourages users and administrators to review the following guidance, refer to their hardware and software vendors for additional details, and apply an appropriate patch when available:

Microsoft: Windows Kernel Information Disclosure Vulnerability
Red Hat: Spectre SWAPGS gadget vulnerability
Google: Spectre Side Channels

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

access.redhat.com/articles/4329821

chromium.googlesource.com/chromiumos/third_party/kernel/+/cc4c818b2219c58af5f0ca59f3e9f02c48bc0b65/Documentation/admin-guide/hw-vuln/spectre.rst

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125

www.us-cert.gov/ncas/alerts/TA18-004A

openvas 38

veracode 1

nessus 65

mscve 1

oraclelinux 11

redhatcve 1

threatpost 1

kaspersky 3

amazon 2

cve 1

zdt 1

debiancve 1

fedora 5

nvd 1

exploitdb 1

redhat 14

huawei 1

ubuntu 5

githubexploit 1

exploitpack 1

ubuntucve 1

cvelist 1

thn 1

centos 2

mageia 3

prion 1

f5 1

virtuozzo 2

lenovo 1

slackware 1

suse 2

debian 6

photon 3

cloudfoundry 2

osv 4

ibm 4

fortinet 1

mskb 8

openvas

Greenbone OS - 'Spectre SWAPGS' Gadget Vulnerability (Aug 2019)

2019-08-26 00:00:00

Fedora Update for kernel-headers FEDORA-2019-e37c348348

2019-08-12 00:00:00

Fedora Update for kernel-tools FEDORA-2019-6bda4c81f4

2019-08-12 00:00:00

veracode

Information Disclosure

2019-08-14 00:12:16

nessus

RHEL 6 : kernel (RHSA-2019:2695)

2019-09-11 00:00:00

RHEL 7 : Red Hat Virtualization (RHSA-2019:3011)

2019-10-15 00:00:00

Amazon Linux 2 : kernel (ALAS-2019-1253)

2019-08-12 00:00:00

mscve

Windows Kernel Information Disclosure Vulnerability

2019-08-06 07:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2019-09-05 00:00:00

Unbreakable Enterprise kernel security update

2019-09-09 00:00:00

Unbreakable Enterprise kernel security update

2019-08-06 00:00:00

redhatcve

CVE-2019-1125

2019-11-04 16:10:42

threatpost

New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses

2019-08-07 13:55:07

kaspersky

KLA11529 Windows Kernel Information Disclosure Vulnerability

2019-08-06 00:00:00

KLA11696 OSI vulnerability in Microsoft products (ESU)

2019-08-06 00:00:00

KLA11700 OSI vulnerability in Microsoft products (ESU)

2019-08-06 00:00:00

amazon

Medium: kernel

2019-08-05 17:40:00

Medium: kernel

2019-08-05 17:48:00

cve

CVE-2019-1125

2019-09-03 18:15:12

zdt

Windows Kernel - Information Disclosure Vulnerability

2020-02-15 00:00:00

debiancve

CVE-2019-1125

2019-09-03 18:15:12

fedora

[SECURITY] Fedora 29 Update: kernel-tools-5.2.7-100.fc29

2019-08-11 01:43:14

[SECURITY] Fedora 30 Update: kernel-tools-5.2.7-200.fc30

2019-08-11 01:15:14

[SECURITY] Fedora 30 Update: kernel-headers-5.2.7-200.fc30

2019-08-11 01:15:14

nvd

CVE-2019-1125

2019-09-03 18:15:12

exploitdb

Microsoft Windows Kernel - Information Disclosure

2020-01-27 00:00:00

redhat

(RHSA-2019:2695) Moderate: kernel security and bug fix update

2019-09-10 09:57:53

(RHSA-2019:3011) Moderate: Red Hat Virtualization security, bug fix, and enhancement update

2019-10-10 14:48:00

(RHSA-2019:2600) Important: kernel security and bug fix update

2019-09-03 13:19:05

huawei

Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction

2020-04-08 00:00:00

ubuntu

Linux kernel (AWS) vulnerability

2019-08-13 00:00:00

Linux kernel (Xenial HWE) vulnerabilities

2019-08-13 00:00:00

Linux kernel vulnerabilities

2019-08-13 00:00:00

githubexploit

Exploit for Vulnerability in Microsoft

2020-01-27 12:27:53

exploitpack

Windows Kernel - Information Disclosure

2020-01-27 00:00:00

ubuntucve

CVE-2019-1125

2019-08-06 00:00:00

cvelist

CVE-2019-1125 Windows Kernel Information Disclosure Vulnerability

2019-09-03 17:52:41

thn

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

2019-08-06 20:00:00

centos

bpftool, kernel, perf, python security update

2019-09-18 20:39:01

kernel, perf, python security update

2019-08-16 21:55:43

mageia

Updated kernel packages fix security vulnerabilities

2019-08-13 00:08:18

Updated kernel packages fix security vulnerabilities

2019-08-13 00:08:18

Updated kernel-linus packages fix security vulnerabilities

2019-11-20 00:16:53

prion

Information disclosure

2019-09-03 18:15:00

K31085564 : Spectre SWAPGS gadget vulnerability CVE-2019-1125

2019-08-23 00:00:00

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-08-19 00:00:00

Important kernel security update: New kernel 2.6.32-042stab140.1; Virtuozzo 6.0 Update 12 Hotfix 45 (6.0.12-3747)

2019-08-19 00:00:00

lenovo

Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US

2018-09-13 14:41:00

slackware

[slackware-security] Slackware 14.2 kernel

2019-08-14 06:12:49

suse

Security update for the Linux Kernel (important)

2019-08-16 00:00:00

Security update for the Linux Kernel (important)

2019-08-16 00:00:00

debian

[SECURITY] [DLA 1884-1] linux security update

2019-08-14 00:16:24

[SECURITY] [DSA 4495-1] linux security update

2019-08-10 21:15:57

[SECURITY] [DSA 4495-1] linux security update

2019-08-10 21:15:57

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0175

2019-09-10 00:00:00

Critical Photon OS Security Update - PHSA-2019-0175

2019-09-03 00:00:00

Critical Photon OS Security Update - PHSA-2019-0250

2019-09-03 00:00:00

cloudfoundry

USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2019-08-29 00:00:00

USN-4094-1: Linux kernel vulnerabilities | Cloud Foundry

2019-09-30 00:00:00

osv

linux - security update

2019-08-10 00:00:00

linux - security update

2019-08-13 00:00:00

linux-4.9 - security update

2019-08-13 00:00:00

ibm

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities

2020-10-28 17:16:55

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze

2020-07-24 21:16:35

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze

2020-07-24 21:16:35

fortinet

Meltdown and Spectre class vulnerabilities

2019-08-26 00:00:00

mskb

July 9, 2019—KB4507464 (Security-only update)

2019-08-06 07:00:00

July 9, 2019—KB4507461 (Security-only update)

2019-08-06 07:00:00

July 9, 2019—KB4507456 (Security-only update)

2019-08-06 07:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.001

Percentile

46.4%

JSON

Related for CISA:715DF5B957A42D91B3B79897B8FD61F2