Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2017-5715

Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

POC

Reference

- http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html

- http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html

- http://www.kb.cert.org/vuls/id/584653

- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

- https://cert.vde.com/en-us/advisories/vde-2018-002

- https://cert.vde.com/en-us/advisories/vde-2018-003

- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

- https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

- https://seclists.org/bugtraq/2019/Jun/36

- https://spectreattack.com/

- https://usn.ubuntu.com/3531-1/

- https://usn.ubuntu.com/3540-2/

- https://usn.ubuntu.com/3542-2/

- https://usn.ubuntu.com/3580-1/

- https://usn.ubuntu.com/3581-1/

- https://usn.ubuntu.com/3582-1/

- https://usn.ubuntu.com/3597-2/

- https://usn.ubuntu.com/3777-3/

- https://usn.ubuntu.com/usn/usn-3516-1/

- https://www.exploit-db.com/exploits/43427/

- https://www.kb.cert.org/vuls/id/180049

- https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001

- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

- https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/

- https://www.synology.com/support/security/Synology_SA_18_01

Github

- https://github.com/00052/spectre-attack-example

- https://github.com/20142995/sectool

- https://github.com/3th1c4l-t0n1/awesome-csirt

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Aakaashzz/Meltdown-Spectre

- https://github.com/AgenticAI-LLM/Hackathon

- https://github.com/BlessedRebuS/RISCV-Attacks

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/CyVerse-Ansible/ansible-prometheus-node-exporter

- https://github.com/CyberSecAI/cve_info_refs_crawler

- https://github.com/EdwardOwusuAdjei/Spectre-PoC

- https://github.com/Eugnis/spectre-attack

- https://github.com/GalloLuigi/Analisi-CVE-2017-5715

- https://github.com/GarnetSunset/CiscoSpectreTakeover

- https://github.com/GhostTroops/TOP

- https://github.com/GianLucaSpagnolo/Informe-Orgacomp-2023

- https://github.com/GregAskew/SpeculativeExecutionAssessment

- https://github.com/JERRY123S/all-poc

- https://github.com/KiRinXC/SCA-PoCs

- https://github.com/Kobra3390/DuckLoad

- https://github.com/LawrenceHwang/PesterTest-Meltdown

- https://github.com/Lee-1109/SpeculativeAttackPoC

- https://github.com/NoelBradford/Windows11-Hardening-Powershell-Scripts

- https://github.com/OscarLGH/spectre-v1.1-fr

- https://github.com/OscarLGH/spectre-v1.2-fr

- https://github.com/PastorEmil/Vulnerability_Management

- https://github.com/PooyaAlamirpour/willyb321-stars

- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories

- https://github.com/Saiprasad16/MeltdownSpectre

- https://github.com/SourceryAI/Deep-Security-Reports

- https://github.com/Spacial/awesome-csirt

- https://github.com/Spektykles/wip-kernel

- https://github.com/Viralmaniar/In-Spectre-Meltdown

- https://github.com/abouchelliga707/ansible-role-server-update-reboot

- https://github.com/adamalston/Meltdown-Spectre

- https://github.com/alyaparan/Spectre-Meltdown

- https://github.com/ambynotcoder/C-libraries

- https://github.com/amstelchen/smc_gui

- https://github.com/anquanscan/sec-tools

- https://github.com/asm/deep_spectre

- https://github.com/axxia/axxia_atf

- https://github.com/bhanukana/yum-update

- https://github.com/carloscn/raspi-aft

- https://github.com/chaitanyarahalkar/Spectre-PoC

- https://github.com/chuangshizhiqiang/selfModify

- https://github.com/codexlynx/hardware-attacks-state-of-the-art

- https://github.com/compris-com/spectre-meltdown-checker

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/danswinus/HWFW

- https://github.com/dgershman/sidecheck

- https://github.com/dmo2118/retpoline-audit

- https://github.com/dotnetjoe/Meltdown-Spectre

- https://github.com/douyamv/MeltdownTool

- https://github.com/dubididum/Meltdown_Spectre_check

- https://github.com/eclypsium/revoked_firmware_updates_spectre

- https://github.com/edsonjt81/spectre-meltdown

- https://github.com/eecheng87/mode-switch-stat

- https://github.com/es0j/hyperbleed

- https://github.com/feffi/docker-spectre

- https://github.com/garnetsunset/CiscoSpectreTakeover

- https://github.com/geeksniper/reverse-engineering-toolkit

- https://github.com/giterlizzi/secdb-feeds

- https://github.com/github-3rr0r/TEApot

- https://github.com/gonoph/ansible-meltdown-spectre

- https://github.com/hackingportal/meltdownattack-and-spectre

- https://github.com/hannob/meltdownspectre-patches

- https://github.com/hashbang/hardening

- https://github.com/hktalent/TOP

- https://github.com/igaozp/awesome-stars

- https://github.com/ionescu007/SpecuCheck

- https://github.com/ixtal23/spectreScope

- https://github.com/jarmouz/spectre_meltdown

- https://github.com/jbmihoub/all-poc

- https://github.com/jessb321/willyb321-stars

- https://github.com/jiegec/awesome-stars

- https://github.com/kali973/spectre-meltdown-checker

- https://github.com/kaosagnt/ansible-everyday

- https://github.com/kevincoakley/puppet-spectre_meltdown

- https://github.com/kin-cho/my-spectre-meltdown-checker

- https://github.com/laddp/insights_reports

- https://github.com/lizeren/spectre-latitude

- https://github.com/lnick2023/nicenice

- https://github.com/lovesec/spectre---attack

- https://github.com/malevarro/WorkshopBanRep

- https://github.com/marcan/speculation-bugs

- https://github.com/mathse/meltdown-spectre-bios-list

- https://github.com/mbruzek/check-spectre-meltdown-ansible

- https://github.com/mcd500/teep-device

- https://github.com/mdmfernandes/meta-rpi-optee

- https://github.com/merlinepedra/spectre-meltdown-checker

- https://github.com/merlinepedra25/spectre-meltdown-checker

- https://github.com/microsoft/SpeculationControl

- https://github.com/milouk/Efficient-Computing-in-a-Safe-Environment

- https://github.com/mjaggi-cavium/spectre-meltdown-checker

- https://github.com/morning21/Spectre_Meltdown_MDS_srcs

- https://github.com/n0-traces/cve_monitor

- https://github.com/nishanb/insecure-app

- https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance

- https://github.com/opsxcq/exploit-cve-2017-5715

- https://github.com/pathakabhi24/Awesome-C

- https://github.com/pedrolucasoliva/spectre-attack-demo

- https://github.com/poilynx/spectre-attack-example

- https://github.com/projectboot/SpectreCompiled

- https://github.com/pvergain/github-stars

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/ronaldogdm/Meltdown-Spectre

- https://github.com/rosenbergj/cpu-report

- https://github.com/ryandaniels/ansible-role-server-update-reboot

- https://github.com/savchenko/windows10

- https://github.com/simeononsecurity/Windows-Spectre-Meltdown-Mitigation-Script

- https://github.com/sourcery-ai-bot/Deep-Security-Reports

- https://github.com/speed47/spectre-meltdown-checker

- https://github.com/ssstonebraker/meltdown_spectre

- https://github.com/stressboi/splunk-spectre-meltdown-uf-script

- https://github.com/timidri/puppet-meltdown

- https://github.com/uhub/awesome-c

- https://github.com/v-lavrentikov/meltdown-spectre

- https://github.com/vintagesucks/awesome-stars

- https://github.com/vrdse/MeltdownSpectreReport

- https://github.com/vurtne/specter---meltdown--checker

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/willyb321/willyb321-stars

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/xymeng16/security