Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

2018-07-11 11:48

Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one (CVE-2017-5753). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous. Earlier this year, Google Project Zero researchers disclosed

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/wb3Ok9S8ct0/intel-spectre-vulnerability.html

#bounty #CPU #intel #newspectre #spectre #CVE-2018-3693 #CVE-2017-5753

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local high complexity intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	5.6

News URL

Related news

Related Vulnerability