一、 漏洞 CVE-2017-5753 基础信息

受影响产品

二、漏洞 CVE-2017-5753 的公开POC

三、漏洞 CVE-2017-5753 的情报信息

• https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/x_refsource_CONFIRM
• 🔗 http://nvidia.custhelp.com/app/answers/detail/a_id/4614x_refsource_CONFIRM
• 🔗 https://www.vmware.com/us/security/advisories/VMSA-2018-0002.htmlx_refsource_CONFIRM
• https://support.citrix.com/article/CTX231399x_refsource_CONFIRM
• 🔗 https://www.synology.com/support/security/Synology_SA_18_01x_refsource_CONFIRM
• https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/x_refsource_CONFIRM
• 🔗 http://nvidia.custhelp.com/app/answers/detail/a_id/4611x_refsource_CONFIRM
• 🔗 http://xenbits.xen.org/xsa/advisory-254.htmlx_refsource_CONFIRM
• 🔗 https://security.netapp.com/advisory/ntap-20180104-0001/x_refsource_CONFIRM
• 🔗 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlx_refsource_MISC
• https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_usx_refsource_CONFIRM
• 🔗 http://nvidia.custhelp.com/app/answers/detail/a_id/4609x_refsource_CONFIRM
• https://spectreattack.com/x_refsource_MISC
• https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001x_refsource_CONFIRM
• https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
• https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_usx_refsource_CONFIRM
• 🔗 https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/x_refsource_CONFIRM
• 🔗 https://access.redhat.com/security/vulnerabilities/speculativeexecutionx_refsource_CONFIRM
• http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlx_refsource_CONFIRM
• 🔗 https://cdrdv2.intel.com/v1/dl/getContent/685359x_refsource_CONFIRM
• 🔗 https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfx_refsource_CONFIRM
• https://cert.vde.com/en-us/advisories/vde-2018-003x_refsource_CONFIRM
• 🔗 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txtx_refsource_CONFIRM
• 🔗 https://support.lenovo.com/us/en/solutions/LEN-18282x_refsource_CONFIRM
• https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.htmlx_refsource_MISC
• 🔗 https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.htmlx_refsource_MISC
• 🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002x_refsource_CONFIRM
• https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilityx_refsource_CONFIRM
• 🔗 https://cert.vde.com/en-us/advisories/vde-2018-002x_refsource_CONFIRM
• 🔗 https://support.f5.com/csp/article/K91229003x_refsource_CONFIRM
• http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txtx_refsource_CONFIRM
• 🔗 http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.htmlx_refsource_MISC
• 🔗 http://nvidia.custhelp.com/app/answers/detail/a_id/4613x_refsource_CONFIRM
• https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdfx_refsource_CONFIRM
• 🔗 https://www.exploit-db.com/exploits/43427/exploitx_refsource_EXPLOIT-DB
• 🔗 http://www.securityfocus.com/bid/102371vdb-entryx_refsource_BID
• 🔗 http://www.securitytracker.com/id/1040071vdb-entryx_refsource_SECTRACK
• 🔗 https://www.debian.org/security/2018/dsa-4188vendor-advisoryx_refsource_DEBIAN
• 🔗 https://www.debian.org/security/2018/dsa-4187vendor-advisoryx_refsource_DEBIAN
• https://www.kb.cert.org/vuls/id/180049third-party-advisoryx_refsource_CERT-VN
• http://www.kb.cert.org/vuls/id/584653third-party-advisoryx_refsource_CERT-VN
• 🔗 https://usn.ubuntu.com/3542-1/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/3542-2/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/3540-2/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/usn/usn-3516-1/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/3540-1/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/3597-2/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://usn.ubuntu.com/3597-1/vendor-advisoryx_refsource_UBUNTU
• 🔗 USN-3580-1: Linux kernel vulnerabilities | Ubuntu security notices | Ubuntuvendor-advisoryx_refsource_UBUNTU
• 🔗 USN-3541-2: Linux kernel (HWE) vulnerabilities | Ubuntu security notices | Ubuntuvendor-advisoryx_refsource_UBUNTU
• https://usn.ubuntu.com/3549-1/vendor-advisoryx_refsource_UBUNTU
• https://usn.ubuntu.com/3541-1/vendor-advisoryx_refsource_UBUNTU
• 🔗 https://security.gentoo.org/glsa/201810-06vendor-advisoryx_refsource_GENTOO
• 🔗 RHSA-2018:0292 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
• 🔗 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.htmlvendor-advisoryx_refsource_SUSE
• 🔗 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.htmlvendor-advisoryx_refsource_SUSE
• 🔗 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlvendor-advisoryx_refsource_SUSE
• 🔗 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.htmlvendor-advisoryx_refsource_SUSE
• 🔗 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.htmlvendor-advisoryx_refsource_SUSE
• 🔗 https://seclists.org/bugtraq/2019/Jun/36mailing-listx_refsource_BUGTRAQ
• 🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannelvendor-advisoryx_refsource_CISCO
• 🔗 https://lists.debian.org/debian-lts-announce/2018/07/msg00015.htmlmailing-listx_refsource_MLIST
• https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlmailing-listx_refsource_MLIST
• 🔗 https://lists.debian.org/debian-lts-announce/2018/07/msg00016.htmlmailing-listx_refsource_MLIST
• 🔗 https://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlmailing-listx_refsource_MLIST
• 🔗 [SECURITY] [DLA 1731-2] linux regression updatemailing-listx_refsource_MLIST
• https://nvd.nist.gov/vuln/detail/CVE-2017-5753

四、漏洞 CVE-2017-5753 的评论