Oval Definition:	oval:com.ubuntu.artful:def:20175754000
Revision Date: 2018-01-04 Version: 1 Title: CVE-2017-5754 on Ubuntu 17.10 (artful) - critical. Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-5754 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND Package Information The 'firefox' package in artful was vulnerable but has been fixed (note: '57.0.4+build1-0ubuntu0.17.10.1'). OR The 'linux' package in artful was vulnerable but has been fixed (note: '4.13.0-25.29'). OR The 'linux-raspi2' package in artful was vulnerable but has been fixed (note: '4.13.0-1015.16'). OR The vulnerability of the 'linux-snapdragon' package in artful is not known (status: 'needs-triage'). It is pending evaluation.
BACK