Security News > 2018 > July > Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty
2018-07-11 11:48

Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one (CVE-2017-5753). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous. Earlier this year, Google Project Zero researchers disclosed


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/wb3Ok9S8ct0/intel-spectre-vulnerability.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-07-10 CVE-2018-3693 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. 5.6
2018-01-04 CVE-2017-5753 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
5.6