Search criteria Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.

354 vulnerabilities found for fusion by vmware

VAR-201801-1712

Vulnerability from variot - Updated: 2026-03-09 22:55

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \"melts\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \"cross-border\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Xeon CPU E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4 ; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc.

In this update mitigations for x86-64 architecture are provided. Relevant releases/architectures:

RHEL 7-based RHEV-H ELS - noarch RHEV Hypervisor for RHEL-6 ELS - noarch

  1. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. (CVE-2017-5754)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS: linux-image-4.4.0-1011-aws 4.4.0-1011.11 linux-image-4.4.0-111-generic 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-lowlatency 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc-e500mc 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc-smp 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc64-emb 4.4.0-111.134~14.04.1 linux-image-4.4.0-111-powerpc64-smp 4.4.0-111.134~14.04.1 linux-image-aws 4.4.0.1011.11 linux-image-generic-lts-xenial 4.4.0.111.95 linux-image-lowlatency-lts-xenial 4.4.0.111.95 linux-image-powerpc-e500mc-lts-xenial 4.4.0.111.95 linux-image-powerpc-smp-lts-xenial 4.4.0.111.95 linux-image-powerpc64-emb-lts-xenial 4.4.0.111.95 linux-image-powerpc64-smp-lts-xenial 4.4.0.111.95

Please note that fully mitigating CVE-2017-5715 (Spectre Variant 2) requires corresponding processor microcode/firmware updates or, in virtual environments, hypervisor updates. Ubuntu is working with Intel and AMD to provide future microcode updates that implement IBRS and IBPB as they are made available. Ubuntu users with a processor from a different vendor should contact the vendor to identify necessary firmware updates. Ubuntu will provide corresponding QEMU updates in the future for users of self-hosted virtual environments in coordination with upstream QEMU. Ubuntu users in cloud environments should contact the cloud provider to confirm that the hypervisor has been updated to expose the new CPU features to virtual machines. 5.9 server) - i386, ia64, noarch, x86_64

Bug Fix(es):

  • Previously, the page table isolation feature was able to modify the kernel Page Global Directory (PGD) entries with the _NX bit even for CPUs without the capability to use the "no execute" (NX) bit technology. Consequently, the page tables got corrupted, and the kernel panicked at the first page-fault occurrence. This update adds the check of CPU capabilities before modifying kernel PGD entries with _NX. As a result, the operating system no longer panics on boot due to corrupted page tables under the described circumstances. (BZ#1538169)

  • When booting the operating system with the Kernel Page Table Isolation option enabled, the HPET VSYSCALL shadow mapping was not placed correctly. Consequently, the High Precision Event Timer (HPET) feature was not available early enough, and warnings on boot time occurred. This update fixes the placement of HPET VSYSCALL, and the warnings on boot time due to this behavior no longer occur. (BZ#1541281)

  • Previously, the routine preparing the kexec crashkernel area did not properly clear the page allocated to be kexec's Page Global Directory (PGD). Consequently, the page table isolation shadow mapping routines failed with a warning message when setting up page table entries. With this update, the underlying source code has been fixed to clear the kexec PGD allocated page before setting up its page table entries. As a result, warnings are no longer issued when setting up kexec. (BZ#1541285)

  • When changing a kernel page mapping from Read Only (RO) to Read Write (RW), the Translation Lookaside Buffer (TLB) entry was previously not updated. Consequently, a protection fault on a write operation occurred, which led to a kernel panic. With this update, the underlying source code has been fixed to handle such kind of fault properly, and the kernel no longer panics in the described situation. (BZ#1541892)

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 7.3) - ppc64, ppc64le, x86_64

Bug Fix(es):

  • When attempting to reread parent blocks in btree traversal, the xfs code which deletes extended attributes from an inode assumed that the parent blocks were still on the cache. Under memory pressure and memory reclaim, such parent blocks were sometimes removed from the cache. Consequently, attempts to reread previously cached parent blocks caused the file system to read invalid memory. This update fixes xfs to reinitialize the pointer to the parent block buffers after the block has been reread. As a result, pointers to btree blocks now point to valid memory, and the kernel no longer crashes due to an invalid memory access. (BZ#1512811)

  • The write access check for huge pages did not function correctly on IBM z Systems. Consequently, if asynchronous I/O reads were used, buffers sometimes contained zeroes rather than data from a file, even when the io_getevents() system call reported that the associated read had finished successfully. This update fixes the write access check in the gup_huge_pmd() function in memory management, and read data is stored in asynchronous I/O buffers properly. (BZ#1513315)

  • With this update, the rule for iptables reloading has been optimized to complete faster. (BZ#1514040)

  • -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:0151-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0151 Issue date: 2018-01-25 CVE Names: CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 CVE-2017-12193 CVE-2017-15649 =====================================================================

  1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.

Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

In this update initial mitigations for IBM Power (PowerPC) and IBM zSeries (S390) architectures are provided.

  • Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 processors. (CVE-2017-5715, Important)

  • Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. This fix specifically addresses S390 and PowerPC processors. (CVE-2017-5753, Important)

  • Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue. This fix specifically addresses PowerPC processors. (CVE-2017-5754, Important)

Red Hat would like to thank Google Project Zero for reporting CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754.

This update also fixes the following security issues and bugs:

Space precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/articles/3327131.

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1284450 - CVE-2015-8539 kernel: local privesc in key management 1442086 - CVE-2017-7472 kernel: keyctl_set_reqkey_keyring() leaks thread keyrings 1493435 - CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key 1501215 - CVE-2017-12193 kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation 1504574 - CVE-2017-15649 kernel: Use-after-free in the af_packet.c 1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling

  1. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source: kernel-3.10.0-693.17.1.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm

x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source: kernel-3.10.0-693.17.1.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm

x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source: kernel-3.10.0-693.17.1.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm

ppc64: kernel-3.10.0-693.17.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm kernel-devel-3.10.0-693.17.1.el7.ppc64.rpm kernel-headers-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.ppc64.rpm perf-3.10.0-693.17.1.el7.ppc64.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm python-perf-3.10.0-693.17.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm

ppc64le: kernel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.17.1.el7.ppc64le.rpm perf-3.10.0-693.17.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm

s390x: kernel-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-debug-devel-3.10.0-693.17.1.el7.s390x.rpm kernel-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.17.1.el7.s390x.rpm kernel-devel-3.10.0-693.17.1.el7.s390x.rpm kernel-headers-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.17.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.17.1.el7.s390x.rpm perf-3.10.0-693.17.1.el7.s390x.rpm perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm python-perf-3.10.0-693.17.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm

x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm

ppc64le: kernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm

x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source: kernel-3.10.0-693.17.1.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm kernel-doc-3.10.0-693.17.1.el7.noarch.rpm

x86_64: kernel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm kernel-headers-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm perf-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64: kernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2015-8539 https://access.redhat.com/security/cve/CVE-2017-7472 https://access.redhat.com/security/cve/CVE-2017-12192 https://access.redhat.com/security/cve/CVE-2017-12193 https://access.redhat.com/security/cve/CVE-2017-15649 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754 https://access.redhat.com/articles/3327131

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFaab47XlSAg2UNWIIRAgi2AKDDW6z/9di3aoNQMX6PaIOzYTu39gCgncrF n+VQu/CVEmiUW8aXZCnplaM= =Km2i -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures:

Image Updates for RHV-H - noarch Management Agent for RHEL 7 Hosts - noarch

  1. The appliance is available to download as an OVA file from the Customer Portal. ========================================================================== Kernel Live Patch Security Notice 0046-1 December 20, 2018

linux vulnerability

A security issue affects these releases of Ubuntu:

| Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |

Summary:

Several security issues were fixed in the kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710)

It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)

It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)

Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10880)

Kanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)

It was discovered that an integer overflow existed in the HID Bluetooth implementation in the Linux kernel that could lead to a buffer overwrite. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5753)

It was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16276)

It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-16658)

Update instructions:

The problem can be corrected by updating your livepatches to the following versions:

| Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-133.159 | 46.3 | generic, lowlatency | | 4.4.0-133.159~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-134.160 | 46.3 | generic, lowlatency | | 4.4.0-134.160~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-135.161~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-137.163 | 46.3 | generic, lowlatency | | 4.4.0-137.163~14.04.1 | 46.3 | generic, lowlatency | | 4.4.0-138.164 | 46.3 | generic, lowlatency | | 4.4.0-138.164~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-139.165 | 46.3 | generic, lowlatency | | 4.4.0-139.165~14.04.1 | 46.3 | lowlatency, generic | | 4.4.0-140.166 | 46.3 | lowlatency, generic | | 4.4.0-140.166~14.04.1 | 46.3 | lowlatency, generic | | 4.15.0-32.35 | 46.3 | lowlatency, generic | | 4.15.0-33.36 | 46.3 | lowlatency, generic | | 4.15.0-34.37 | 46.3 | generic, lowlatency | | 4.15.0-36.39 | 46.3 | generic, lowlatency | | 4.15.0-38.41 | 46.3 | lowlatency, generic | | 4.15.0-39.42 | 46.3 | generic, lowlatency | | 4.15.0-42.45 | 46.3 | lowlatency, generic |

References: CVE-2018-18710, CVE-2018-10902, CVE-2018-18445, CVE-2018-14734, CVE-2018-10880, CVE-2018-18690, CVE-2018-9363, CVE-2017-5753, CVE-2018-16276, CVE-2018-16658

-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03805en_us Version: 7

HPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2018-01-23 Last Updated: 2018-01-22

Potential Security Impact: Local: Disclosure of Information, Elevation of Privilege

Source: Hewlett Packard Enterprise, Product Security Response Team

VULNERABILITY SUMMARY On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE.

Note:

References:

  • CVE-2017-5715 - aka Spectre, branch target injection
  • CVE-2017-5753 - aka Spectre, bounds check bypass
  • CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access permission check performed after kernel memory read

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HPE ProLiant DL380 Gen10 Server - To be delivered
  • HPE ProLiant DL180 Gen10 Server - To be delivered
  • HPE ProLiant DL160 Gen10 Server - To be delivered
  • HPE ProLiant DL360 Gen10 Server - To be delivered
  • HPE ProLiant ML110 Gen10 Server - To be delivered
  • HPE ProLiant DL580 Gen10 Server - To be delivered
  • HPE ProLiant DL560 Gen10 Server - To be delivered
  • HPE ProLiant DL120 Gen10 Server - To be delivered
  • HPE ProLiant ML350 Gen10 Server - To be delivered
  • HPE ProLiant XL450 Gen10 Server - To be delivered
  • HPE Synergy 660 Gen10 Compute Module - To be delivered
  • HPE ProLiant DL385 Gen10 Server - prior to v1.04
  • HPE ProLiant XL170r Gen10 Server - To be delivered
  • HPE ProLiant BL460c Gen10 Server Blade - To be delivered
  • HPE ProLiant XL190r Gen10 Server - To be delivered
  • HPE ProLiant XL230k Gen10 Server - To be delivered
  • HPE Synergy 480 Gen10 Compute Module - To be delivered
  • HPE ProLiant XL730f Gen9 Server - To be delivered
  • HPE ProLiant XL230a Gen9 Server - To be delivered
  • HPE ProLiant XL740f Gen9 Server - To be delivered
  • HPE ProLiant XL750f Gen9 Server - To be delivered
  • HPE ProLiant XL170r Gen9 Server - To be delivered
  • HP ProLiant DL60 Gen9 Server - To be delivered
  • HP ProLiant DL160 Gen9 Server - To be delivered
  • HPE ProLiant DL360 Gen9 Server - To be delivered
  • HP ProLiant DL380 Gen9 Server - To be delivered
  • HPE ProLiant XL450 Gen9 Server - To be delivered
  • HPE Apollo 4200 Gen9 Server - To be delivered
  • HP ProLiant BL460c Gen9 Server Blade - To be delivered
  • HP ProLiant ML110 Gen9 Server - To be delivered
  • HP ProLiant ML150 Gen9 Server - To be delivered
  • HPE ProLiant ML350 Gen9 Server - To be delivered
  • HP ProLiant DL120 Gen9 Server - To be delivered
  • HPE ProLiant DL560 Gen9 Server - To be delivered
  • HP ProLiant BL660c Gen9 Server - To be delivered
  • HPE ProLiant ML30 Gen9 Server - To be delivered
  • HPE ProLiant XL170r Gen10 Server - To be delivered
  • HPE ProLiant DL20 Gen9 Server - To be delivered
  • HPE Synergy 660 Gen9 Compute Module - To be delivered
  • HPE Synergy 480 Gen9 Compute Module - To be delivered
  • HPE ProLiant XL250a Gen9 Server - To be delivered
  • HPE ProLiant XL190r Gen9 Server - To be delivered
  • HP ProLiant DL80 Gen9 Server - To be delivered
  • HPE ProLiant DL180 Gen9 Server - To be delivered
  • HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server - To be delivered
  • HPE ProLiant WS460c Gen9 Workstation - To be delivered
  • HPE ProLiant XL260a Gen9 Server - To be delivered
  • HPE Synergy 620 Gen9 Compute Module - To be delivered
  • HPE ProLiant DL580 Gen9 Server - To be delivered
  • HP ProLiant XL220a Gen8 v2 Server - To be delivered
  • HPE Synergy 680 Gen9 Compute Module - To be delivered
  • HPE ProLiant m510 Server Cartridge - To be delivered
  • HPE ProLiant m710p Server Cartridge - To be delivered
  • HPE ProLiant m710x Server Cartridge - To be delivered
  • HP ProLiant m710 Server Cartridge - To be delivered
  • HP ProLiant DL980 G7 Server - To be delivered
  • HPE Synergy Composer - To be delivered
  • HPE ProLiant Thin Micro TM200 Server - To be delivered
  • HPE ProLiant ML10 v2 Server - To be delivered
  • HPE ProLiant m350 Server Cartridge - To be delivered
  • HPE ProLiant m300 Server Cartridge - To be delivered
  • HPE ProLiant MicroServer Gen8 - To be delivered
  • HPE ProLiant ML310e Gen8 v2 Server - To be delivered
  • HPE Superdome Flex Server - To be delivered
  • HP 3PAR StoreServ File Controller - To be delivered - v3 impacted
  • HPE StoreVirtual 3000 File Controller - To be delivered
  • HPE StoreEasy 1450 Storage - To be delivered
  • HPE StoreEasy 1550 Storage - To be delivered
  • HPE StoreEasy 1650 Storage - To be delivered
  • HPE StoreEasy 3850 Gateway Storage - To be delivered
  • HPE StoreEasy 1850 Storage - To be delivered
  • HP ConvergedSystem 700 - To be delivered
  • HPE Converged Architecture 700 - To be delivered
  • HP ProLiant DL580 Gen8 Server - To be delivered
  • HPE Cloudline CL2100 Gen10 Server - To be delivered
  • HPE Cloudline CL2200 Gen10 Server - To be delivered
  • HPE Cloudline CL3150 G4 Server - To be delivered
  • HPE Cloudline CL5200 G3 Server - To be delivered
  • HPE Cloudline CL3100 G3 Server - To be delivered
  • HPE Cloudline CL2100 G3 807S 8 SFF Configure-to-order Server - To be delivered
  • HPE Cloudline CL2100 G3 407S 4 LFF Configure-to-order Server - To be delivered
  • HPE Cloudline CL2100 G3 806R 8SFF Configure-to-order Server - To be delivered
  • HPE Cloudline CL2200 G3 1211R 12 LFF Configure-to-order Server - To be delivered

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

CVE-2017-5715
  8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
  6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)

CVE-2017-5753
  5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
  5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)

CVE-2017-5754
  7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)

Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

RESOLUTION

On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Intel has now identified the root cause of these issues and determined that these microcodes may introduce reboots and other unpredictable system behavior. Due to the severity of the potential issues that may occur when using these microcodes, Intel is now recommending that customers discontinue their use. Additional information is available from Intels Security Exploit Newsroom here: https://newsroom.intel.com/press-kits/security-exploits-intel-products/ . HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions.

All System ROMs including impacted microcodes have been removed from the HPE Support Site. This impacts HPE ProLiant and Synergy Gen10, Gen9, and Gen8 v2 servers as well as HPE Superdome servers for which updated System ROMs had previously been made available. Intel is working on updated microcodes to address these issues, and HPE will validate updated System ROMs including these microcodes and make them available to our customers in the coming weeks.

Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

  • HPE has provided a customer bulletin https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us with specific instructions to obtain the udpated sytem ROM

  • Note:

    • CVE-2017-5715 (Variant 2) requires that the System ROM be updated and a vendor supplied operating system update be applied as well.
    • For CVE-2017-5753, CVE-2017-5754 (Variants 1 and 3) require only updates of a vendor supplied operating system.
    • HPE will continue to add additional products to the list.

HISTORY

Version:1 (rev.1) - 4 January 2018 Initial release

Version:2 (rev.2) - 5 January 2018 Added additional impacted products

Version:3 (rev.3) - 10 January 2018 Added more impacted products

Version:4 (rev.4) - 9 January 2018 Fixed product ID

Version:5 (rev.5) - 18 January 2018 Added additional impacted products

Version:6 (rev.6) - 19 January 2018 updated impacted product list

Version:7 (rev.7) - 23 January 2018 Marked impacted products with TBD for System ROM updates per Intel's guidance on microcode issues

Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

Copyright 2016 Hewlett Packard Enterprise

Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update

macOS High Sierra 10.13.2 Supplemental Update is now available and addresses the following:

Available for: macOS High Sierra 10.13.2 Description: macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.

Installation note:

macOS High Sierra 10.13.2 Supplemental Update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpTsDUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZMSg// WW0oSMlU0KgLL1Fe6z2fCSXF06I/QMdUTFV3tt7Rwb49BfnhLstNb0hE/XRcX/fy IMTurdMlRwOqamrOC7LdSiBvCCeJqyfudEq52uqbFpYDLDK6D/RxUKagTJip+M5P 3KCrTt8qpFA2Ip8KzEmBeS3Of9GnNoGdfI7ir38dFrqCADuWYtd6bVxurcM/Uhs0 yjH38JPGyvRXvxM9Qy5wAezQM9oFN1Jlly79n+RX1d9vDpjfExhUV7n1JS9zTOXw Dy+bjYsXcrlzrmcSlHaRa4E4FTPVYWyLSZmEokoQmTbsIABHiPSc9s92CEEzd2LQ FiOyHgT+QWA3zyySjQ+InhSf17QRpUUIYkgTsZJhbcdLSHXW/2etHq6vh5z5wD92 +HfmKYGozUk6QH7TEApYmS71lKaAFRQscP7D0EGhi81YIlu6shqxZr/HnK2Q1FXJ I7yWXtsZq7BSvYu31uSc/YAr76VBgplETE0hnsPZRdRNiaJyNg6ForfDA7kn7t8W GIdJvjkZzG55fUpW1b/GqPxv8wSb/DDzlrJjb7yAffDyCRr4KGVT0lk2f1aBVYSY NVxrdDtGOEWfd/P+6bU0s5v09mFefCbhIqGTFrqEjrDifYz7nW6BhoBAK+I0cyQf U1316sNsG/gmTuOx7wO6sqyOkYyPGZzDI882U8un+n8= =r0HS -----END PGP SIGNATURE----- . The vulnerability could be exploited to Local Disclosure of Information.

References:

  • CVE-2017-5753
  • CVE-2017-5715
  • CVE-2017-5754

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01, v3.02, v3.03
  • HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

RESOLUTION

Micro Focus is actively working with its vendors to address any systems-level Spectre and Meltdown impacts.However, if you have immediate concerns or questions regarding CentOS and its approach to Spectre or Meltdown, please contact them directly. Please note that you will need to sign in using a Passport account.

3P = 3rd Party Software GN = Micro Focus General Software MU = Multi-Platform Software

System management and security procedures must be reviewed frequently to maintain system integrity. Micro Focus is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends that all users determine the applicability of this information to their individual situations and take appropriate action. Micro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, Micro Focus will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

Copyright 2017 EntIT Software LLC

Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. 6.6) - noarch, x86_64

3

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "xeon e5 2450l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5550"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340"
      },
      {
        "_id": null,
        "model": "vl2 ppc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "dl ppc15 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "14.04"
      },
      {
        "_id": null,
        "model": "virtual machine manager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "synology",
        "version": "6.2-23739"
      },
      {
        "_id": null,
        "model": "xeon e5 2430",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic itc2200 pro",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v3"
      },
      {
        "_id": null,
        "model": "vl2 ppc12 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2677m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5509"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y57"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110"
      },
      {
        "_id": null,
        "model": "xeon e3 1246 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "router manager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "synology",
        "version": "1.1.7-6941-1"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4108"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670qm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2750"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210u"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585l_v5"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2300"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2760"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3830"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y32"
      },
      {
        "_id": null,
        "model": "local service management system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "965"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650u"
      },
      {
        "_id": null,
        "model": "vl2 ppc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3958"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8894_v4"
      },
      {
        "_id": null,
        "model": "simatic itc1900 pro",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940"
      },
      {
        "_id": null,
        "model": "xeon e5 2470",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2657m"
      },
      {
        "_id": null,
        "model": "btc12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pepperl fuchs",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4308u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5200u"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176f"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3455"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460s"
      },
      {
        "_id": null,
        "model": "xeon e3 1240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "diskstation manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "synology",
        "version": "5.2"
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5010u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3010"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010y"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v2"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3445"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10c"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740d"
      },
      {
        "_id": null,
        "model": "solaris",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "11.3"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4617"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200y"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1260l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4558u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520e"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6267u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660ue"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3338"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5750hq"
      },
      {
        "_id": null,
        "model": "leap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "42.2"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3150"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "655k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775r"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217ue"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3520m"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770k"
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3200rk"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3537u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700ec"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120"
      },
      {
        "_id": null,
        "model": "bl2 ppc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1575m_v5"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6102e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2520m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3320m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v3"
      },
      {
        "_id": null,
        "model": "vs960hd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2830"
      },
      {
        "_id": null,
        "model": "cortex-a12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "neoverse n2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3229y"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2560"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8857_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6136"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v2"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8168"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2377m"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3845"
      },
      {
        "_id": null,
        "model": "cortex-a78",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "650"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330m"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3060"
      },
      {
        "_id": null,
        "model": "xeon e3 1280",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "820qm"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620um"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v2"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3826"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700hq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5504"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4302y"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850eq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5650"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2637m"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v5"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4750hq"
      },
      {
        "_id": null,
        "model": "local service management system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.1"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4200"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5506"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5119t"
      },
      {
        "_id": null,
        "model": "vs360hd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470"
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850"
      },
      {
        "_id": null,
        "model": "vl ipc p7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5118"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138t"
      },
      {
        "_id": null,
        "model": "vl ppc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770s"
      },
      {
        "_id": null,
        "model": "simatic winac rtx \\ 2010",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3339y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4960hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590s"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "880"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "960"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6320"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690s"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3110m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2518"
      },
      {
        "_id": null,
        "model": "vl2 ppc7 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5630"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3430"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160m"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y70"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603_v2"
      },
      {
        "_id": null,
        "model": "bl bpc 7001",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2320"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4950hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2430 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2515e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "875k"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138f"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920xm"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.5.8"
      },
      {
        "_id": null,
        "model": "bl bpc 3001",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "470um"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3680"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v4"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2308"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3630qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570te"
      },
      {
        "_id": null,
        "model": "xeon e3 1286 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700eq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2460"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v4"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2820"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4020y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5005u"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5649"
      },
      {
        "_id": null,
        "model": "leap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "42.3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607"
      },
      {
        "_id": null,
        "model": "vl2 ppc 9000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5557u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400t"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3825"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2340ue"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2538"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "930"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100h"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2830"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2430m"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2930"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2803"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440hq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775d"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3580"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600t"
      },
      {
        "_id": null,
        "model": "local service management system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "13.2"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2810"
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5020u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210y"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3950"
      },
      {
        "_id": null,
        "model": "vl2 bpc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4102e"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3508"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3230m"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3815"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5606"
      },
      {
        "_id": null,
        "model": "xeon e3 1501l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2350m"
      },
      {
        "_id": null,
        "model": "vl2 ppc9 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6360u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735d"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2312m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7530"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5506"
      },
      {
        "_id": null,
        "model": "xeon e5 2440 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1900"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2640m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112e"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330m"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2430l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v4"
      },
      {
        "_id": null,
        "model": "linux enterprise desktop",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "12"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4628l_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3337u"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v6"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2805"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2718"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3708"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2630",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2580"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v4"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1505m_v6"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4260u"
      },
      {
        "_id": null,
        "model": "xeon e5 2650l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600k"
      },
      {
        "_id": null,
        "model": "xeon e5 2438l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540um"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2730"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2760qm"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7600u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v2"
      },
      {
        "_id": null,
        "model": "bl bpc 2001",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "740qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4910mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2467m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3360m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "460m"
      },
      {
        "_id": null,
        "model": "xeon e3 1501m v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6585r"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2470 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4578u"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y30"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3635qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1220",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "linux enterprise software development kit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "11"
      },
      {
        "_id": null,
        "model": "xeon e3 12201",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5675"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2130"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8550u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5560"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870_v2"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3795"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860hq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735g"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v2"
      },
      {
        "_id": null,
        "model": "bl2 bpc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "vl2 bpc 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6152"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7560u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4288u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699r_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "bl ppc17 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "17.10"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570s"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x6550"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3470"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5530"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134m"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3235rk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3475s"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1750"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3230rk"
      },
      {
        "_id": null,
        "model": "xeon e3 1505m v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6287u"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210h"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8830"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300y"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v2"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300u"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3758"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v2"
      },
      {
        "_id": null,
        "model": "cortex-a15",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3440"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v3"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6132"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8156"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2375m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hk"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5638"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "970"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3858"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340te"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5518"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6154"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210f"
      },
      {
        "_id": null,
        "model": "vl2 ppc 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v3"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y71"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5570"
      },
      {
        "_id": null,
        "model": "xeon e5 2408l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1278l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5580"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10a"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7567u"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6098p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2617m"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2910"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3000"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670r"
      },
      {
        "_id": null,
        "model": "simatic itc1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4025u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470s"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126f"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230f"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7555"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2316"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2655le"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4720hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2403",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4000m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2115c"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2920xm"
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4980hq"
      },
      {
        "_id": null,
        "model": "bl bpc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675r"
      },
      {
        "_id": null,
        "model": "xeon e3 1231 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2890_v2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "550"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3710"
      },
      {
        "_id": null,
        "model": "vl bpc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "990x"
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330e"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "480m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3480"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3460"
      },
      {
        "_id": null,
        "model": "xeon e3 1225",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870_v2"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3538"
      },
      {
        "_id": null,
        "model": "router manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "synology",
        "version": "1.1"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100e"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3700"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1545m_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3530"
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4220y"
      },
      {
        "_id": null,
        "model": "cortex-a75",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "bl ppc15 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700k"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5603"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870"
      },
      {
        "_id": null,
        "model": "xeon e5 1620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660um"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5680"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745d"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5257u"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670s"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5590"
      },
      {
        "_id": null,
        "model": "xeon e3 1271 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4657l_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610me"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "720qm"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697a_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3740qm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3808"
      },
      {
        "_id": null,
        "model": "xeon e3 1125c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "950"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8153"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5607"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5520"
      },
      {
        "_id": null,
        "model": "xeon e3 1226 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4410e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2390t"
      },
      {
        "_id": null,
        "model": "bl bpc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3850"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1800"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2650l_v4"
      },
      {
        "_id": null,
        "model": "dl ppc18.5m 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4120u"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2510e"
      },
      {
        "_id": null,
        "model": "xeon e3 1286l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5690"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "370m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6167u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4250u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980x"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2665"
      },
      {
        "_id": null,
        "model": "bl ppc12 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "vl2 bpc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5015u"
      },
      {
        "_id": null,
        "model": "xeon e3 1275",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "450m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7545"
      },
      {
        "_id": null,
        "model": "el ppc 1000\\/wt",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3820qm"
      },
      {
        "_id": null,
        "model": "xeon e5 2609",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x5-e3930",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1258l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v3"
      },
      {
        "_id": null,
        "model": "bl ppc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "760"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3205rk"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6006u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3439y"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2557m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2357m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "840qm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3308"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4500u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700eq"
      },
      {
        "_id": null,
        "model": "xeon e5 1650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867l"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4550u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820eq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y30"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1281 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7660u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4158u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2880_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860s"
      },
      {
        "_id": null,
        "model": "xeon e-1105c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5539"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2630qm"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2840"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4400e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4205"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3520"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3115c"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2435m"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2807"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120me"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2407 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100t"
      },
      {
        "_id": null,
        "model": "xeon e5 2430l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "bl2 ppc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3295rk"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "975"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2808"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4765t"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "16.04"
      },
      {
        "_id": null,
        "model": "vl2 bpc 9000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2365m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5650u"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1558l_v5"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100e"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114"
      },
      {
        "_id": null,
        "model": "cortex-a77",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6260u"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2610ue"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2758"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qe"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5502"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5645"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic itc2200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675c"
      },
      {
        "_id": null,
        "model": "cortex-a72",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5640"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5647"
      },
      {
        "_id": null,
        "model": "xeon bronze 3106",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3689y"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3670"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y31"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3710"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5157u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2620m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4771"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7542"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770d"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2637",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5667"
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860_v2"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736g"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3785"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250f"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v4"
      },
      {
        "_id": null,
        "model": "cortex-a73",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150"
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7295"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3750"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4807"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4810mq"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3558"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6540"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v4"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3590"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v3"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3050"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v4"
      },
      {
        "_id": null,
        "model": "xeon bronze 3104",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600u"
      },
      {
        "_id": null,
        "model": "dl ppc21.5m 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100m"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3160"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5687"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "661"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4258u"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3805"
      },
      {
        "_id": null,
        "model": "linux enterprise software development kit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "12"
      },
      {
        "_id": null,
        "model": "xeon e3 1105c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "bl rackmount 4u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5620"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2348m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "390m"
      },
      {
        "_id": null,
        "model": "el ppc 1000\\/m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6442eq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8600k"
      },
      {
        "_id": null,
        "model": "bl2 bpc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3827"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4648_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2125"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2550k"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v2"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "5.5.0"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic itc1500 pro",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "8.0.0"
      },
      {
        "_id": null,
        "model": "cortex-a8",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2420",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8650u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v4"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4100"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2520"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6685r"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4785t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v4"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5618"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2675qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6510"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3555le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450p"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3955"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4278u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2629m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640m"
      },
      {
        "_id": null,
        "model": "diskstation manager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "synology",
        "version": "6.2.2-24922"
      },
      {
        "_id": null,
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "12"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3840qm"
      },
      {
        "_id": null,
        "model": "simatic itc1900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4760hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2649m"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4510u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5600u"
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3530"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030y"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5609"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3460"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3130"
      },
      {
        "_id": null,
        "model": "vl2 ppc 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3380m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310u"
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "11"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5630"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5670"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "solidfire",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3426"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2380p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500t"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2530"
      },
      {
        "_id": null,
        "model": "cortex-r8",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3632qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "12.04"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5503"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3060"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2715qe"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v4"
      },
      {
        "_id": null,
        "model": "vl bpc 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y75"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620lm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "610e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702ec"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3130m"
      },
      {
        "_id": null,
        "model": "bl ppc15 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "cortex-a78ae",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702mq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v4"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8158"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v3"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3265rk"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v3"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1578l_v5"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4000"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3427u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qe"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140m"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7285"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.0.0"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2700k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5575r"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v4"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3687u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3245"
      },
      {
        "_id": null,
        "model": "xeon e3 1125c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5508"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7235"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2370m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5677"
      },
      {
        "_id": null,
        "model": "hci",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8250u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600m"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2850"
      },
      {
        "_id": null,
        "model": "xeon e3 1220l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2650l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2105"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700k"
      },
      {
        "_id": null,
        "model": "xeon e5 2407",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2450l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "btc14",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pepperl fuchs",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310m"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2900"
      },
      {
        "_id": null,
        "model": "xeon e5 2650l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6350hq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5520"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700"
      },
      {
        "_id": null,
        "model": "cortex-a17",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3227u"
      },
      {
        "_id": null,
        "model": "xeon e3 1235l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "cortex-a9",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670t"
      },
      {
        "_id": null,
        "model": "xeon e3 1260l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5122"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660lm"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v3"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2738"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770te"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5672"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3317u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3570"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5950hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610"
      },
      {
        "_id": null,
        "model": "xeon e5 1660",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 12201 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2806"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6157u"
      },
      {
        "_id": null,
        "model": "bl2 bpc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500k"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4202y"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300t"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2338"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "350m"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6146"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7520"
      },
      {
        "_id": null,
        "model": "cortex-x1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850"
      },
      {
        "_id": null,
        "model": "atom x5-e3940",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3510"
      },
      {
        "_id": null,
        "model": "xeon e3 1290",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4800mq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620ue"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3480"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2350"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699a_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2643",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2410m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v3"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5550u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5640"
      },
      {
        "_id": null,
        "model": "bl ppc17 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8164"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2537m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3350p"
      },
      {
        "_id": null,
        "model": "xeon e3 1230l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640lm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5540"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y51"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710hq"
      },
      {
        "_id": null,
        "model": "xeon e3 1245",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v3"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "17.04"
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1270",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170m"
      },
      {
        "_id": null,
        "model": "bl rackmount 2u",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440eq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702hq"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y54"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670"
      },
      {
        "_id": null,
        "model": "neoverse n1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5500u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940xm"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4005"
      },
      {
        "_id": null,
        "model": "xeon e5 2450 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650l"
      },
      {
        "_id": null,
        "model": "atom x7-e3950",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "bl ppc17 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "cortex-r7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.5"
      },
      {
        "_id": null,
        "model": "xeon e3 1276 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3450"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8100"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6128"
      },
      {
        "_id": null,
        "model": "xeon e5 2403 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v4"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2558"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3720qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310m"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4109t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5507"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2420"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2508"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4012y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5530"
      },
      {
        "_id": null,
        "model": "vl ppc 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3405"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5250u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770r"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8180"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210m"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690k"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250"
      },
      {
        "_id": null,
        "model": "bl bpc 3000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2603",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736f"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3225"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700hq"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5518"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5660"
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3450"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5287u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qe"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134"
      },
      {
        "_id": null,
        "model": "solaris",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "10"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "580m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170t"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4105"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570t"
      },
      {
        "_id": null,
        "model": "bl2 ppc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7500u"
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2367m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2540m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7550"
      },
      {
        "_id": null,
        "model": "xeon e3 1235",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "vl2 bpc 2000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658a_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7540"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4624l_v2"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5528"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735e"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "530"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700hq"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100u"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4422e"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2960xm"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142m"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5115"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5549"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2940"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3350"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "xeon e3 1290 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340s"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1850"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3437u"
      },
      {
        "_id": null,
        "model": "dl ppc15m 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1241 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2516"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585_v5"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xeon e3 1230",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570r"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300hq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2480"
      },
      {
        "_id": null,
        "model": "bl ppc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3667u"
      },
      {
        "_id": null,
        "model": "cortex-a57",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2358"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3355"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v4"
      },
      {
        "_id": null,
        "model": "visunet rm shell",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pepperl fuchs",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160t"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "8.5.9"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5300u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2635qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2102"
      },
      {
        "_id": null,
        "model": "xeon e5 2440",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4900mq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4005u"
      },
      {
        "_id": null,
        "model": "el ppc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6150"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4722hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "670"
      },
      {
        "_id": null,
        "model": "simatic winac rtx \\ 2010",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "_id": null,
        "model": "cortex-a76",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1565l_v5"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200u"
      },
      {
        "_id": null,
        "model": "vl bpc 1000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1275l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2405s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680um"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v2"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2420 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6200u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402e"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4880_v2"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4890_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v3"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2920"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150t"
      },
      {
        "_id": null,
        "model": "bl ppc15 7000",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8837"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6402p"
      },
      {
        "_id": null,
        "model": "core m7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y75"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7560"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3406"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7920hq"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2815"
      },
      {
        "_id": null,
        "model": "skynas",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": "valueline ipc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "phoenixcontact",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2710qe"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3540"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3540m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2328m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8400"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1515m_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6144"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110m"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell emc",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fortinet",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "qualcomm incorporated",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "suse linux",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ubuntu",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "windows sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "internet explorer",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "11"
      },
      {
        "_id": null,
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "v8"
      },
      {
        "_id": null,
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "10"
      },
      {
        "_id": null,
        "model": "edge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon cpu e5-1650",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "v3"
      },
      {
        "_id": null,
        "model": "cortex a57",
        "scope": null,
        "trust": 0.6,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "pro a8-9600 r7",
        "scope": null,
        "trust": 0.6,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": "compute cores 4c+6g",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "amd",
        "version": "10"
      },
      {
        "_id": null,
        "model": "fx -8320 eight-core processor",
        "scope": null,
        "trust": 0.6,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": null,
        "trust": 0.6,
        "vendor": "microsoft",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "145642"
      },
      {
        "db": "PACKETSTORM",
        "id": "145717"
      },
      {
        "db": "PACKETSTORM",
        "id": "146683"
      },
      {
        "db": "PACKETSTORM",
        "id": "146090"
      },
      {
        "db": "PACKETSTORM",
        "id": "145667"
      },
      {
        "db": "PACKETSTORM",
        "id": "146098"
      },
      {
        "db": "PACKETSTORM",
        "id": "145721"
      },
      {
        "db": "PACKETSTORM",
        "id": "146315"
      }
    ],
    "trust": 0.8
  },
  "cve": "CVE-2017-5753",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2017-5753",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2018-00304",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-113956",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "id": "CVE-2017-5753",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5753",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-00304",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113956",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \\\"melts\\\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \\\"cross-border\\\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Xeon CPU E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4 ; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. \n\nIn this update mitigations for x86-64 architecture are provided. Relevant releases/architectures:\n\nRHEL 7-based RHEV-H ELS - noarch\nRHEV Hypervisor for RHEL-6 ELS - noarch\n\n3. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. (CVE-2017-5754)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n  linux-image-4.4.0-1011-aws      4.4.0-1011.11\n  linux-image-4.4.0-111-generic   4.4.0-111.134~14.04.1\n  linux-image-4.4.0-111-lowlatency  4.4.0-111.134~14.04.1\n  linux-image-4.4.0-111-powerpc-e500mc  4.4.0-111.134~14.04.1\n  linux-image-4.4.0-111-powerpc-smp  4.4.0-111.134~14.04.1\n  linux-image-4.4.0-111-powerpc64-emb  4.4.0-111.134~14.04.1\n  linux-image-4.4.0-111-powerpc64-smp  4.4.0-111.134~14.04.1\n  linux-image-aws                 4.4.0.1011.11\n  linux-image-generic-lts-xenial  4.4.0.111.95\n  linux-image-lowlatency-lts-xenial  4.4.0.111.95\n  linux-image-powerpc-e500mc-lts-xenial  4.4.0.111.95\n  linux-image-powerpc-smp-lts-xenial  4.4.0.111.95\n  linux-image-powerpc64-emb-lts-xenial  4.4.0.111.95\n  linux-image-powerpc64-smp-lts-xenial  4.4.0.111.95\n\nPlease note that fully mitigating CVE-2017-5715 (Spectre Variant 2)\nrequires corresponding processor microcode/firmware updates or,\nin virtual environments, hypervisor updates. Ubuntu is working with Intel and AMD to provide\nfuture microcode updates that implement IBRS and IBPB as they are made\navailable. Ubuntu users with a processor from a different vendor should\ncontact the vendor to identify necessary firmware updates. Ubuntu\nwill provide corresponding QEMU updates in the future for users of\nself-hosted virtual environments in coordination with upstream QEMU. \nUbuntu users in cloud environments should contact the cloud provider\nto confirm that the hypervisor has been updated to expose the new\nCPU features to virtual machines. 5.9 server) - i386, ia64, noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* Previously, the page table isolation feature was able to modify the\nkernel Page Global Directory (PGD) entries with the _NX bit even for CPUs\nwithout the capability to use the \"no execute\" (NX) bit technology. \nConsequently, the page tables got corrupted, and the kernel panicked at the\nfirst page-fault occurrence. This update adds the check of CPU capabilities\nbefore modifying kernel PGD entries with _NX. As a result, the operating\nsystem no longer panics on boot due to corrupted page tables under the\ndescribed circumstances. (BZ#1538169)\n\n* When booting the operating system with the Kernel Page Table Isolation\noption enabled, the HPET VSYSCALL shadow mapping was not placed correctly. \nConsequently, the High Precision Event Timer (HPET) feature was not\navailable early enough, and warnings on boot time occurred. This update\nfixes the placement of HPET VSYSCALL, and the warnings on boot time due to\nthis behavior no longer occur. (BZ#1541281)\n\n* Previously, the routine preparing the kexec crashkernel area did not\nproperly clear the page allocated to be kexec\u0027s Page Global Directory\n(PGD). Consequently, the page table isolation shadow mapping routines\nfailed with a warning message when setting up page table entries. With this\nupdate, the underlying source code has been fixed to clear the kexec PGD\nallocated page before setting up its page table entries. As a result,\nwarnings are no longer issued when setting up kexec. (BZ#1541285)\n\n* When changing a kernel page mapping from Read Only (RO) to Read Write\n(RW), the Translation Lookaside Buffer (TLB) entry was previously not\nupdated. Consequently, a protection fault on a write operation occurred,\nwhich led to a kernel panic. With this update, the underlying source code\nhas been fixed to handle such kind of fault properly, and the kernel no\nlonger panics in the described situation. (BZ#1541892)\n\n4. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. 7.3) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* When attempting to reread parent blocks in btree traversal, the xfs code\nwhich deletes extended attributes from an inode assumed that the parent\nblocks were still on the cache. Under memory pressure and memory reclaim,\nsuch parent blocks were sometimes removed from the cache. Consequently,\nattempts to reread previously cached parent blocks caused the file system\nto read invalid memory. This update fixes xfs to reinitialize the pointer\nto the parent block buffers after the block has been reread. As a result,\npointers to btree blocks now point to valid memory, and the kernel no\nlonger crashes due to an invalid memory access. (BZ#1512811)\n\n* The write access check for huge pages did not function correctly on IBM z\nSystems. Consequently, if asynchronous I/O reads were used, buffers\nsometimes contained zeroes rather than data from a file, even when the\nio_getevents() system call reported that the associated read had finished\nsuccessfully. This update fixes the write access check in the\ngup_huge_pmd() function in memory management, and read data is stored in\nasynchronous I/O buffers properly. (BZ#1513315)\n\n* With this update, the rule for iptables reloading has been optimized to\ncomplete faster. (BZ#1514040)\n\n4. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2018:0151-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2018:0151\nIssue date:        2018-01-25\nCVE Names:         CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 \n                   CVE-2017-12193 CVE-2017-15649 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update initial mitigations for IBM Power (PowerPC) and IBM zSeries\n(S390) architectures are provided. \n\n* Variant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. This fix specifically addresses S390\nprocessors. (CVE-2017-5715, Important)\n\n* Variant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. This fix specifically addresses S390 and PowerPC\nprocessors. (CVE-2017-5753, Important)\n\n* Variant CVE-2017-5754 relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is suppressed\nuntil the retirement of the whole instruction block. In a combination with\nthe fact that memory accesses may populate the cache even when the block is\nbeing dropped and never committed (executed), an unprivileged local\nattacker could use this flaw to read privileged (kernel space) memory by\nconducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects\nIntel x86-64 microprocessors. AMD x86-64 microprocessors are not affected\nby this issue. This fix specifically addresses PowerPC processors. \n(CVE-2017-5754, Important)\n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. \n\nThis update also fixes the following security issues and bugs:\n\nSpace precludes documenting all of the bug fixes and enhancements included\nin this advisory. To see the complete list of bug fixes and enhancements,\nrefer to the following KnowledgeBase article:\nhttps://access.redhat.com/articles/3327131. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1284450 - CVE-2015-8539 kernel: local privesc in key management\n1442086 - CVE-2017-7472 kernel: keyctl_set_reqkey_keyring() leaks thread keyrings\n1493435 - CVE-2017-12192 kernel: NULL pointer dereference due to KEYCTL_READ on negative key\n1501215 - CVE-2017-12193 kernel: Null pointer dereference due to incorrect node-splitting in assoc_array implementation\n1504574 - CVE-2017-15649 kernel: Use-after-free in the af_packet.c\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-devel-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-headers-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.ppc64.rpm\nperf-3.10.0-693.17.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-693.17.1.el7.s390x.rpm\nkernel-devel-3.10.0-693.17.1.el7.s390x.rpm\nkernel-headers-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-693.17.1.el7.s390x.rpm\nperf-3.10.0-693.17.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\npython-perf-3.10.0-693.17.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-693.17.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.17.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpm\nperf-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.17.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-8539\nhttps://access.redhat.com/security/cve/CVE-2017-7472\nhttps://access.redhat.com/security/cve/CVE-2017-12192\nhttps://access.redhat.com/security/cve/CVE-2017-12193\nhttps://access.redhat.com/security/cve/CVE-2017-15649\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\nhttps://access.redhat.com/articles/3327131\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFaab47XlSAg2UNWIIRAgi2AKDDW6z/9di3aoNQMX6PaIOzYTu39gCgncrF\nn+VQu/CVEmiUW8aXZCnplaM=\n=Km2i\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Relevant releases/architectures:\n\nImage Updates for RHV-H - noarch\nManagement Agent for RHEL 7 Hosts - noarch\n\n3. The appliance is available\nto download as an OVA file from the Customer Portal. ==========================================================================\nKernel Live Patch Security Notice 0046-1\nDecember 20, 2018\n\nlinux vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu:\n\n| Series           | Base kernel  | Arch     | flavors          |\n|------------------+--------------+----------+------------------|\n| Ubuntu 14.04 LTS | 4.4.0        | amd64    | generic          |\n| Ubuntu 14.04 LTS | 4.4.0        | amd64    | lowlatency       |\n| Ubuntu 16.04 LTS | 4.4.0        | amd64    | generic          |\n| Ubuntu 16.04 LTS | 4.4.0        | amd64    | lowlatency       |\n| Ubuntu 18.04 LTS | 4.15.0       | amd64    | generic          |\n| Ubuntu 18.04 LTS | 4.15.0       | amd64    | lowlatency       |\n\nSummary:\n\nSeveral security issues were fixed in the kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\n\nIt was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2018-18445)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux\nkernel did not properly ensure that xattr information remained in inode\nbodies. An attacker could use this to construct a malicious ext4 image\nthat, when mounted, could cause a denial of service (system crash). \n(CVE-2018-10880)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow existed in the HID Bluetooth\nimplementation in the Linux kernel that could lead to a buffer overwrite. \nAn attacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. This flaw is known as Spectre. A local attacker could use this to\nexpose sensitive information, including kernel memory. (CVE-2017-5753)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nIt was discovered that an integer overflow existed in the CD-ROM driver of\nthe Linux kernel. A local attacker could use this to expose sensitive\ninformation (kernel memory). (CVE-2018-16658)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your livepatches to the following\nversions:\n\n| Kernel                   | Version  | flavors                  |\n|--------------------------+----------+--------------------------|\n| 4.4.0-133.159            | 46.3     | generic, lowlatency      |\n| 4.4.0-133.159~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.4.0-134.160            | 46.3     | generic, lowlatency      |\n| 4.4.0-134.160~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.4.0-135.161~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.4.0-137.163            | 46.3     | generic, lowlatency      |\n| 4.4.0-137.163~14.04.1    | 46.3     | generic, lowlatency      |\n| 4.4.0-138.164            | 46.3     | generic, lowlatency      |\n| 4.4.0-138.164~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.4.0-139.165            | 46.3     | generic, lowlatency      |\n| 4.4.0-139.165~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.4.0-140.166            | 46.3     | lowlatency, generic      |\n| 4.4.0-140.166~14.04.1    | 46.3     | lowlatency, generic      |\n| 4.15.0-32.35             | 46.3     | lowlatency, generic      |\n| 4.15.0-33.36             | 46.3     | lowlatency, generic      |\n| 4.15.0-34.37             | 46.3     | generic, lowlatency      |\n| 4.15.0-36.39             | 46.3     | generic, lowlatency      |\n| 4.15.0-38.41             | 46.3     | lowlatency, generic      |\n| 4.15.0-39.42             | 46.3     | generic, lowlatency      |\n| 4.15.0-42.45             | 46.3     | lowlatency, generic      |\n\nReferences:\n  CVE-2018-18710, CVE-2018-10902, CVE-2018-18445, CVE-2018-14734, \n  CVE-2018-10880, CVE-2018-18690, CVE-2018-9363, CVE-2017-5753, \n  CVE-2018-16276, CVE-2018-16658\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03805en_us\nVersion: 7\n\nHPESBHF03805 rev.7 - Certain HPE products using Microprocessors from Intel,\nAMD, and ARM, with Speculative Execution, Elevation of Privilege and\nInformation Disclosure. \n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2018-01-23\nLast Updated: 2018-01-22\n\nPotential Security Impact: Local: Disclosure of Information, Elevation of\nPrivilege\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nOn January 3 2018, side-channel security vulnerabilities involving\nspeculative execution were publicly disclosed. These vulnerabilities may\nimpact the listed HPE products, potentially leading to information disclosure\nand elevation of privilege. Mitigation and resolution of these\nvulnerabilities may call for both an operating system update, provided by the\nOS vendor, and a system ROM update from HPE. \n\n\n**Note:**\n\n  * This issue takes advantage of techniques commonly used in many modern\nprocessor architectures.  \n  * For further information, microprocessor vendors have provided security\nadvisories:\n  \n    - Intel:\n\u003chttps://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu\ngeid=en-fr\u003e\n    - AMD: \u003chttp://www.amd.com/en/corporate/speculative-execution\u003e\n    - ARM: \u003chttps://developer.arm.com/support/security-update\u003e\n\nReferences:\n\n  - CVE-2017-5715 - aka Spectre, branch target injection\n  - CVE-2017-5753 - aka Spectre,  bounds check bypass\n  - CVE-2017-5754 - aka  Meltdown,  rogue data cache load, memory access\npermission check performed after kernel memory read\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HPE ProLiant DL380 Gen10 Server  - To be delivered\n  - HPE ProLiant DL180 Gen10 Server  - To be delivered\n  - HPE ProLiant DL160 Gen10 Server  - To be delivered\n  - HPE ProLiant DL360 Gen10 Server - To be delivered\n  - HPE ProLiant ML110 Gen10 Server  - To be delivered\n  - HPE ProLiant DL580 Gen10 Server  - To be delivered\n  - HPE ProLiant DL560 Gen10 Server  - To be delivered\n  - HPE ProLiant DL120 Gen10 Server  - To be delivered\n  - HPE ProLiant ML350 Gen10 Server  - To be delivered\n  - HPE ProLiant XL450 Gen10 Server  - To be delivered\n  - HPE Synergy 660 Gen10 Compute Module  - To be delivered\n  - HPE ProLiant DL385 Gen10 Server - prior to v1.04 \n  - HPE ProLiant XL170r Gen10 Server  - To be delivered\n  - HPE ProLiant BL460c Gen10 Server Blade  - To be delivered\n  - HPE ProLiant XL190r Gen10 Server  - To be delivered\n  - HPE ProLiant XL230k Gen10 Server  - To be delivered\n  - HPE Synergy 480 Gen10 Compute Module  - To be delivered\n  - HPE ProLiant XL730f Gen9 Server  - To be delivered\n  - HPE ProLiant XL230a Gen9 Server  - To be delivered\n  - HPE ProLiant XL740f Gen9 Server  - To be delivered\n  - HPE ProLiant XL750f Gen9 Server  - To be delivered\n  - HPE ProLiant XL170r Gen9 Server - To be delivered\n  - HP ProLiant DL60 Gen9 Server - To be delivered\n  - HP ProLiant DL160 Gen9 Server - To be delivered\n  - HPE ProLiant DL360 Gen9 Server - To be delivered\n  - HP ProLiant DL380 Gen9 Server - To be delivered\n  - HPE ProLiant XL450 Gen9 Server - To be delivered\n  - HPE Apollo 4200 Gen9 Server - To be delivered\n  - HP ProLiant BL460c Gen9 Server Blade - To be delivered\n  - HP ProLiant ML110 Gen9 Server - To be delivered\n  - HP ProLiant ML150 Gen9 Server - To be delivered\n  - HPE ProLiant ML350 Gen9 Server - To be delivered\n  - HP ProLiant DL120 Gen9 Server - To be delivered\n  - HPE ProLiant DL560 Gen9 Server - To be delivered\n  - HP ProLiant BL660c Gen9 Server - To be delivered\n  - HPE ProLiant ML30 Gen9 Server - To be delivered\n  - HPE ProLiant XL170r Gen10 Server - To be delivered\n  - HPE ProLiant DL20 Gen9 Server - To be delivered\n  - HPE Synergy 660 Gen9 Compute Module - To be delivered\n  - HPE Synergy 480 Gen9 Compute Module - To be delivered\n  - HPE ProLiant XL250a Gen9 Server - To be delivered\n  - HPE ProLiant XL190r Gen9 Server - To be delivered\n  - HP ProLiant DL80 Gen9 Server - To be delivered\n  - HPE ProLiant DL180 Gen9 Server - To be delivered\n  - HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server -\nTo be delivered\n  - HPE ProLiant WS460c Gen9 Workstation - To be delivered\n  - HPE ProLiant XL260a Gen9 Server - To be delivered\n  - HPE Synergy 620 Gen9 Compute Module - To be delivered\n  - HPE ProLiant DL580 Gen9 Server - To be delivered\n  - HP ProLiant XL220a Gen8 v2 Server - To be delivered\n  - HPE Synergy 680 Gen9 Compute Module - To be delivered\n  - HPE ProLiant m510 Server Cartridge - To be delivered\n  - HPE ProLiant m710p Server Cartridge - To be delivered\n  - HPE ProLiant m710x Server Cartridge - To be delivered\n  - HP ProLiant m710 Server Cartridge - To be delivered\n  - HP ProLiant DL980 G7 Server - To be delivered\n  - HPE Synergy Composer - To be delivered\n  - HPE ProLiant Thin Micro TM200 Server - To be delivered\n  - HPE ProLiant ML10 v2 Server - To be delivered\n  - HPE ProLiant m350 Server Cartridge - To be delivered\n  - HPE ProLiant m300 Server Cartridge - To be delivered\n  - HPE ProLiant MicroServer Gen8 - To be delivered\n  - HPE ProLiant ML310e Gen8 v2 Server - To be delivered\n  - HPE Superdome Flex Server - To be delivered\n  - HP 3PAR StoreServ File Controller - To be delivered - v3 impacted\n  - HPE StoreVirtual 3000 File Controller - To be delivered\n  - HPE StoreEasy 1450 Storage - To be delivered\n  - HPE StoreEasy 1550 Storage - To be delivered\n  - HPE StoreEasy 1650 Storage - To be delivered\n  - HPE StoreEasy 3850 Gateway Storage - To be delivered\n  - HPE StoreEasy 1850 Storage - To be delivered\n  - HP ConvergedSystem 700 - To be delivered\n  - HPE Converged Architecture 700 - To be delivered\n  - HP ProLiant DL580 Gen8 Server - To be delivered\n  - HPE Cloudline CL2100 Gen10 Server - To be delivered\n  - HPE Cloudline CL2200 Gen10 Server - To be delivered\n  - HPE Cloudline CL3150 G4 Server - To be delivered\n  - HPE Cloudline CL5200 G3 Server - To be delivered\n  - HPE Cloudline CL3100 G3 Server - To be delivered\n  - HPE Cloudline CL2100 G3 807S 8 SFF Configure-to-order Server - To be\ndelivered\n  - HPE Cloudline CL2100 G3 407S 4 LFF Configure-to-order Server - To be\ndelivered\n  - HPE Cloudline CL2100 G3 806R 8SFF Configure-to-order Server - To be\ndelivered\n  - HPE Cloudline CL2200 G3 1211R 12 LFF Configure-to-order Server - To be\ndelivered\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2017-5715\n      8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\n      6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)\n\n    CVE-2017-5753\n      5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\n      5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2017-5754\n      7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n      7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nOn January 11, Intel announced issues with an increased frequency of reboots\nwhen using the microcodes they released to address Variant 2 of the Spectre\nVulnerability for numerous processors including Broadwell, Haswell, Skylake,\nKaby Lake, Ivybridge, and Sandybridge processors.  Intel has now identified\nthe root cause of these issues and determined that these microcodes may\nintroduce reboots and other unpredictable system behavior.  Due to the\nseverity of the potential issues that may occur when using these microcodes,\nIntel is now recommending that customers discontinue their use.  Additional\ninformation is available from Intels Security Exploit Newsroom here:\n\u003chttps://newsroom.intel.com/press-kits/security-exploits-intel-products/\u003e . \nHPE is in alignment with Intel in our recommendation that customers\ndiscontinue use of System ROMs including impacted microcodes and revert to\nearlier System ROM versions.  \n\nAll System ROMs including impacted microcodes have been removed from the HPE\nSupport Site.  This impacts HPE ProLiant and Synergy Gen10, Gen9, and Gen8 v2\nservers as well as HPE Superdome servers for which updated System ROMs had\npreviously been made available.  Intel is working on updated microcodes to\naddress these issues, and HPE will validate updated System ROMs including\nthese microcodes and make them available to our customers in the coming\nweeks.  \n\nMitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities\nrequire only OS updates and are not impacted. \n\n  * HPE has provided a customer bulletin\n\u003chttps://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us\u003e\nwith specific instructions to obtain the udpated sytem ROM\n  \n  - Note:\n   \n    + CVE-2017-5715 (Variant 2) requires that the System ROM be updated and a\nvendor supplied operating system update be applied as well. \n    + For CVE-2017-5753, CVE-2017-5754 (Variants 1 and 3) require only\nupdates of a vendor supplied operating system. \n    + HPE will continue to add additional products to the list. \n\nHISTORY\n\nVersion:1 (rev.1) - 4 January 2018 Initial release\n\nVersion:2 (rev.2) - 5 January 2018 Added additional impacted products\n\nVersion:3 (rev.3) - 10 January 2018 Added  more impacted products\n\nVersion:4 (rev.4) - 9 January 2018 Fixed product ID\n\nVersion:5 (rev.5) - 18 January 2018 Added additional impacted products\n\nVersion:6 (rev.6) - 19 January 2018 updated impacted product list\n\nVersion:7 (rev.7) - 23 January 2018 Marked impacted products with TBD for\nSystem ROM updates per Intel\u0027s guidance on microcode issues\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update\n\nmacOS High Sierra 10.13.2 Supplemental Update is now available\nand addresses the following:\n\nAvailable for: macOS High Sierra 10.13.2\nDescription: macOS High Sierra 10.13.2 Supplemental Update includes\nsecurity improvements to Safari and WebKit to mitigate the effects of\nSpectre (CVE-2017-5753 and CVE-2017-5715). \n\nWe would like to acknowledge Jann Horn of Google Project Zero; and\nPaul Kocher in collaboration with Daniel Genkin of University of\nPennsylvania and University of Maryland, Daniel Gruss of Graz\nUniversity of Technology, Werner Haas of Cyberus Technology,\nMike Hamburg of Rambus (Cryptography Research Division),\nMoritz Lipp of Graz University of Technology, Stefan Mangard of\nGraz University of Technology, Thomas Prescher of Cyberus Technology,\nMichael Schwarz of Graz University of Technology, and Yuval Yarom of\nUniversity of Adelaide and Data61 for their assistance. \n\nInstallation note:\n\nmacOS High Sierra 10.13.2 Supplemental Update may be obtained from\nthe Mac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpTsDUpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZMSg//\nWW0oSMlU0KgLL1Fe6z2fCSXF06I/QMdUTFV3tt7Rwb49BfnhLstNb0hE/XRcX/fy\nIMTurdMlRwOqamrOC7LdSiBvCCeJqyfudEq52uqbFpYDLDK6D/RxUKagTJip+M5P\n3KCrTt8qpFA2Ip8KzEmBeS3Of9GnNoGdfI7ir38dFrqCADuWYtd6bVxurcM/Uhs0\nyjH38JPGyvRXvxM9Qy5wAezQM9oFN1Jlly79n+RX1d9vDpjfExhUV7n1JS9zTOXw\nDy+bjYsXcrlzrmcSlHaRa4E4FTPVYWyLSZmEokoQmTbsIABHiPSc9s92CEEzd2LQ\nFiOyHgT+QWA3zyySjQ+InhSf17QRpUUIYkgTsZJhbcdLSHXW/2etHq6vh5z5wD92\n+HfmKYGozUk6QH7TEApYmS71lKaAFRQscP7D0EGhi81YIlu6shqxZr/HnK2Q1FXJ\nI7yWXtsZq7BSvYu31uSc/YAr76VBgplETE0hnsPZRdRNiaJyNg6ForfDA7kn7t8W\nGIdJvjkZzG55fUpW1b/GqPxv8wSb/DDzlrJjb7yAffDyCRr4KGVT0lk2f1aBVYSY\nNVxrdDtGOEWfd/P+6bU0s5v09mFefCbhIqGTFrqEjrDifYz7nW6BhoBAK+I0cyQf\nU1316sNsG/gmTuOx7wO6sqyOkYyPGZzDI882U8un+n8=\n=r0HS\n-----END PGP SIGNATURE-----\n. The vulnerability could be exploited to Local Disclosure of\nInformation. \n\nReferences:\n\n  - CVE-2017-5753\n  - CVE-2017-5715\n  - CVE-2017-5754\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01,\nv3.02, v3.03\n  - HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n\nRESOLUTION\n\nMicro Focus is actively working with its vendors to address any systems-level\nSpectre and Meltdown impacts.However, if you have immediate concerns or\nquestions regarding CentOS and its approach to Spectre or Meltdown, please\ncontact them directly. \n Please note that you will need to sign in using a Passport account. \n\n3P = 3rd Party Software\nGN = Micro Focus General Software\nMU = Multi-Platform Software\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. \nMicro Focus is continually reviewing and enhancing the security features of software products to provide \ncustomers with current secure solutions. \n\n\"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the \naffected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends \nthat all users determine the applicability of this information to their individual situations and take appropriate action. \nMicro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, \nMicro Focus will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in \nthis Security Bulletin. To the extent permitted by law, Micro Focus  disclaims  all warranties, either express or \nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\" \n\n\nCopyright 2017 EntIT Software LLC\n\nMicro Focus shall not be liable for technical or editorial errors or omissions contained herein. 6.6) - noarch, x86_64\n\n3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      },
      {
        "db": "PACKETSTORM",
        "id": "145642"
      },
      {
        "db": "PACKETSTORM",
        "id": "145717"
      },
      {
        "db": "PACKETSTORM",
        "id": "146017"
      },
      {
        "db": "PACKETSTORM",
        "id": "146683"
      },
      {
        "db": "PACKETSTORM",
        "id": "146771"
      },
      {
        "db": "PACKETSTORM",
        "id": "146090"
      },
      {
        "db": "PACKETSTORM",
        "id": "146098"
      },
      {
        "db": "PACKETSTORM",
        "id": "145721"
      },
      {
        "db": "PACKETSTORM",
        "id": "150863"
      },
      {
        "db": "PACKETSTORM",
        "id": "146026"
      },
      {
        "db": "PACKETSTORM",
        "id": "145767"
      },
      {
        "db": "PACKETSTORM",
        "id": "146315"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      },
      {
        "db": "PACKETSTORM",
        "id": "145667"
      }
    ],
    "trust": 3.51
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-113956",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5753",
        "trust": 3.1
      },
      {
        "db": "CERT/CC",
        "id": "VU#584653",
        "trust": 1.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "102371",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1040071",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-505225",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-608355",
        "trust": 1.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145645",
        "trust": 1.1
      },
      {
        "db": "LENOVO",
        "id": "LEN-18282",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43427",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-003",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-002",
        "trust": 1.1
      },
      {
        "db": "USCERT",
        "id": "TA18-141A",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "150863",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145837",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145774",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145715",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-150",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145642",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145717",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146017",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146683",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146771",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146090",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145667",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146098",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145721",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146026",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145767",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146315",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "147582",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      },
      {
        "db": "PACKETSTORM",
        "id": "145642"
      },
      {
        "db": "PACKETSTORM",
        "id": "145717"
      },
      {
        "db": "PACKETSTORM",
        "id": "146017"
      },
      {
        "db": "PACKETSTORM",
        "id": "146683"
      },
      {
        "db": "PACKETSTORM",
        "id": "146771"
      },
      {
        "db": "PACKETSTORM",
        "id": "146090"
      },
      {
        "db": "PACKETSTORM",
        "id": "145667"
      },
      {
        "db": "PACKETSTORM",
        "id": "146098"
      },
      {
        "db": "PACKETSTORM",
        "id": "145721"
      },
      {
        "db": "PACKETSTORM",
        "id": "150863"
      },
      {
        "db": "PACKETSTORM",
        "id": "146026"
      },
      {
        "db": "PACKETSTORM",
        "id": "145767"
      },
      {
        "db": "PACKETSTORM",
        "id": "146315"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      }
    ]
  },
  "id": "VAR-201801-1712",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      }
    ],
    "trust": 1.32920724375
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      }
    ]
  },
  "last_update_date": "2026-03-09T22:55:08.285000Z",
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-203",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.9,
        "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
      },
      {
        "trust": 1.9,
        "url": "http://www.kb.cert.org/vuls/id/584653"
      },
      {
        "trust": 1.9,
        "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/102371"
      },
      {
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
      },
      {
        "trust": 1.6,
        "url": "https://support.apple.com//ht208394"
      },
      {
        "trust": 1.6,
        "url": "http://www.dell.com/support/speculative-store-bypass"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:0292"
      },
      {
        "trust": 1.1,
        "url": "https://seclists.org/bugtraq/2019/jun/36"
      },
      {
        "trust": 1.1,
        "url": "https://www.kb.cert.org/vuls/id/180049"
      },
      {
        "trust": 1.1,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
      },
      {
        "trust": 1.1,
        "url": "http://xenbits.xen.org/xsa/advisory-254.html"
      },
      {
        "trust": 1.1,
        "url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
      },
      {
        "trust": 1.1,
        "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
      },
      {
        "trust": 1.1,
        "url": "https://cdrdv2.intel.com/v1/dl/getcontent/685359"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
      },
      {
        "trust": 1.1,
        "url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
      },
      {
        "trust": 1.1,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
      },
      {
        "trust": 1.1,
        "url": "https://support.citrix.com/article/ctx231399"
      },
      {
        "trust": 1.1,
        "url": "https://support.f5.com/csp/article/k91229003"
      },
      {
        "trust": 1.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
      },
      {
        "trust": 1.1,
        "url": "https://support.lenovo.com/us/en/solutions/len-18282"
      },
      {
        "trust": 1.1,
        "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
      },
      {
        "trust": 1.1,
        "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
      },
      {
        "trust": 1.1,
        "url": "https://www.synology.com/support/security/synology_sa_18_01"
      },
      {
        "trust": 1.1,
        "url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0002.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4187"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4188"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/43427/"
      },
      {
        "trust": 1.1,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.1,
        "url": "http://packetstormsecurity.com/files/145645/spectre-information-disclosure-proof-of-concept.html"
      },
      {
        "trust": 1.1,
        "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
      },
      {
        "trust": 1.1,
        "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
      },
      {
        "trust": 1.1,
        "url": "https://spectreattack.com/"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1040071"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3540-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3540-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3541-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3541-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3542-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3542-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3549-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3580-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-2/"
      },
      {
        "trust": 1.0,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 0.8,
        "url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
      },
      {
        "trust": 0.8,
        "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
      },
      {
        "trust": 0.8,
        "url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/208.html"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
      },
      {
        "trust": 0.8,
        "url": "https://fortiguard.com/psirt/fg-ir-18-002"
      },
      {
        "trust": 0.8,
        "url": "https://support.hp.com/us-en/document/c06001626"
      },
      {
        "trust": 0.8,
        "url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
      },
      {
        "trust": 0.8,
        "url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
      },
      {
        "trust": 0.8,
        "url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/vulnerabilities/ssbd"
      },
      {
        "trust": 0.8,
        "url": "https://www.suse.com/support/kb/doc/?id=7022937"
      },
      {
        "trust": 0.8,
        "url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
      },
      {
        "trust": 0.8,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
      },
      {
        "trust": 0.8,
        "url": "https://kb.vmware.com/s/article/54951"
      },
      {
        "trust": 0.8,
        "url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2017-5753"
      },
      {
        "trust": 0.8,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2017-5754"
      },
      {
        "trust": 0.8,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2017-5715"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
      },
      {
        "trust": 0.6,
        "url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/solutions/3307851"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0007"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0046"
      },
      {
        "trust": 0.1,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/spectreandmeltdown"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3540-2"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3540-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1011.11"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-111.134~14.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0464"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3523-1,"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3541-1,"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/4.13.0-37.42"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.13.0-1015.16"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3597-1,"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0182"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0017"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7472"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8539"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12192"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/3327131"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2015-8539"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-12193"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-15649"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-7472"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12193"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0151"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-12192"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15649"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/3327131."
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0045"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-18690"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14734"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16658"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-9363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16276"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-18445"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-18710"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10880"
      },
      {
        "trust": 0.1,
        "url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-a00039267en_us\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu"
      },
      {
        "trust": 0.1,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
      },
      {
        "trust": 0.1,
        "url": "http://www.hpe.com/support/security_bulletin_archive"
      },
      {
        "trust": 0.1,
        "url": "https://www.hpe.com/info/report-security-vulnerability"
      },
      {
        "trust": 0.1,
        "url": "http://www.hpe.com/support/subscriber_choice"
      },
      {
        "trust": 0.1,
        "url": "https://developer.arm.com/support/security-update\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.amd.com/en/corporate/speculative-execution\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://newsroom.intel.com/press-kits/security-exploits-intel-products/\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://www.microfocus.com/support-and-services/report-security"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification"
      },
      {
        "trust": 0.1,
        "url": "https://cf.passport.softwaregrp.com/hppcf/createuser.do"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/security-vulnerability"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/km03158629"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956"
      },
      {
        "db": "PACKETSTORM",
        "id": "145642"
      },
      {
        "db": "PACKETSTORM",
        "id": "145717"
      },
      {
        "db": "PACKETSTORM",
        "id": "146017"
      },
      {
        "db": "PACKETSTORM",
        "id": "146683"
      },
      {
        "db": "PACKETSTORM",
        "id": "146771"
      },
      {
        "db": "PACKETSTORM",
        "id": "146090"
      },
      {
        "db": "PACKETSTORM",
        "id": "145667"
      },
      {
        "db": "PACKETSTORM",
        "id": "146098"
      },
      {
        "db": "PACKETSTORM",
        "id": "145721"
      },
      {
        "db": "PACKETSTORM",
        "id": "150863"
      },
      {
        "db": "PACKETSTORM",
        "id": "146026"
      },
      {
        "db": "PACKETSTORM",
        "id": "145767"
      },
      {
        "db": "PACKETSTORM",
        "id": "146315"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00304",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-113956",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145642",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145717",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146017",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146683",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146771",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146090",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145667",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146098",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145721",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "150863",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146026",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145767",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146315",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "147582",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5753",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-21T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00304",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113956",
        "ident": null
      },
      {
        "date": "2018-01-04T01:21:13",
        "db": "PACKETSTORM",
        "id": "145642",
        "ident": null
      },
      {
        "date": "2018-01-06T18:01:01",
        "db": "PACKETSTORM",
        "id": "145717",
        "ident": null
      },
      {
        "date": "2018-01-23T04:32:09",
        "db": "PACKETSTORM",
        "id": "146017",
        "ident": null
      },
      {
        "date": "2018-03-07T18:09:17",
        "db": "PACKETSTORM",
        "id": "146683",
        "ident": null
      },
      {
        "date": "2018-03-15T15:54:32",
        "db": "PACKETSTORM",
        "id": "146771",
        "ident": null
      },
      {
        "date": "2018-01-25T21:43:32",
        "db": "PACKETSTORM",
        "id": "146090",
        "ident": null
      },
      {
        "date": "2018-01-04T17:53:11",
        "db": "PACKETSTORM",
        "id": "145667",
        "ident": null
      },
      {
        "date": "2018-01-25T21:47:22",
        "db": "PACKETSTORM",
        "id": "146098",
        "ident": null
      },
      {
        "date": "2018-01-06T18:01:22",
        "db": "PACKETSTORM",
        "id": "145721",
        "ident": null
      },
      {
        "date": "2018-12-20T23:02:22",
        "db": "PACKETSTORM",
        "id": "150863",
        "ident": null
      },
      {
        "date": "2018-01-24T00:28:48",
        "db": "PACKETSTORM",
        "id": "146026",
        "ident": null
      },
      {
        "date": "2018-01-09T17:19:48",
        "db": "PACKETSTORM",
        "id": "145767",
        "ident": null
      },
      {
        "date": "2018-02-09T15:01:04",
        "db": "PACKETSTORM",
        "id": "146315",
        "ident": null
      },
      {
        "date": "2018-05-10T23:27:00",
        "db": "PACKETSTORM",
        "id": "147582",
        "ident": null
      },
      {
        "date": "2018-01-04T13:29:00.257000",
        "db": "NVD",
        "id": "CVE-2017-5753",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-06-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00304",
        "ident": null
      },
      {
        "date": "2021-11-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113956",
        "ident": null
      },
      {
        "date": "2025-01-14T19:29:55.853000",
        "db": "NVD",
        "id": "CVE-2017-5753",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "146017"
      },
      {
        "db": "PACKETSTORM",
        "id": "146771"
      },
      {
        "db": "PACKETSTORM",
        "id": "150863"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      }
    ],
    "trust": 0.4
  },
  "title": {
    "_id": null,
    "data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "overflow, arbitrary",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "150863"
      }
    ],
    "trust": 0.1
  }
}

VAR-201801-0826

Vulnerability from variot - Updated: 2026-03-09 21:54

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \"melts\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \"cross-border\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Intel Xeon CPU E5-1650 v3, v2, v4 versions; Xeon E3-1265l v2, v3, v4 Version; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. Description:

The microcode_ctl packages provide microcode updates for Intel and AMD processors. 7) - x86_64

  1. Description:

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. (CVE-2017-5715)

Note: This is the qemu-kvm side of the CVE-2017-5715 mitigation. Once all virtual machines have shut down, start them again for this update to take effect. (CVE-2017-17712)

Laurent Guerby discovered that the mbcache feature in the ext2 and ext4 filesystems in the Linux kernel improperly handled xattr block caching. ========================================================================== Ubuntu Security Notice USN-3777-3 October 23, 2018

linux-azure vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Jann Horn discovered that the vmacache subsystem did not properly handle sequence number overflows, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-17182)

It was discovered that the paravirtualization implementation in the Linux kernel did not properly handle some indirect calls, reducing the effectiveness of Spectre v2 mitigations for paravirtual guests. A local attacker could use this to expose sensitive information. An attacker could use this to expose sensitive information. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715)

It was discovered that a stack-based buffer overflow existed in the iSCSI target implementation of the Linux kernel. A remote attacker could use this to cause a denial of service (system crash). A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2018-3639)

It was discovered that a memory leak existed in the IRDA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (kernel memory exhaustion). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-6555)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS: linux-image-4.15.0-1025-azure 4.15.0-1025.26 linux-image-azure 4.15.0.1025.25

Ubuntu 16.04 LTS: linux-image-4.15.0-1025-azure 4.15.0-1025.26~16.04.1 linux-image-azure 4.15.0.1025.31

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. On i386 and amd64 architectures, the IBRS and IBPB features are required to enable the kernel mitigations. Ubuntu users with a processor from a different vendor should contact the vendor to identify necessary firmware updates. Ubuntu will provide corresponding QEMU updates in the future for users of self-hosted virtual environments in coordination with upstream QEMU. Ubuntu users in cloud environments should contact the cloud provider to confirm that the hypervisor has been updated to expose the new CPU features to virtual machines. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: kernel security update Advisory ID: RHSA-2018:0009-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0009 Issue date: 2018-01-03 =====================================================================

  1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.

Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

In this update mitigations for x86-64 architecture are provided.

Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)

Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)

Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)

Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.

Red Hat would like to thank Google Project Zero for reporting these issues.

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling

  1. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.3):

Source: kernel-3.10.0-514.36.5.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm kernel-doc-3.10.0-514.36.5.el7.noarch.rpm

x86_64: kernel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-headers-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm perf-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3):

x86_64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.3):

Source: kernel-3.10.0-514.36.5.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm kernel-doc-3.10.0-514.36.5.el7.noarch.rpm

ppc64: kernel-3.10.0-514.36.5.el7.ppc64.rpm kernel-bootwrapper-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm kernel-devel-3.10.0-514.36.5.el7.ppc64.rpm kernel-headers-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.ppc64.rpm perf-3.10.0-514.36.5.el7.ppc64.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm python-perf-3.10.0-514.36.5.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm

ppc64le: kernel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm kernel-devel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-headers-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.36.5.el7.ppc64le.rpm perf-3.10.0-514.36.5.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm

s390x: kernel-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-debug-devel-3.10.0-514.36.5.el7.s390x.rpm kernel-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-514.36.5.el7.s390x.rpm kernel-devel-3.10.0-514.36.5.el7.s390x.rpm kernel-headers-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-514.36.5.el7.s390x.rpm kernel-kdump-devel-3.10.0-514.36.5.el7.s390x.rpm perf-3.10.0-514.36.5.el7.s390x.rpm perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm python-perf-3.10.0-514.36.5.el7.s390x.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm

x86_64: kernel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-devel-3.10.0-514.36.5.el7.x86_64.rpm kernel-headers-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm perf-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.3):

ppc64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm

ppc64le: kernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm

x86_64: kernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFaTW74XlSAg2UNWIIRAhXJAKCJMCaZ0NVTHbMZVqJo/apc0riu6gCeKrRp V5hk1dX+MUEGL5NsOPmBa6w= =ki2K -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7550"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6442eq"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y31"
      },
      {
        "_id": null,
        "model": "xeon e5 1620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5528"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640um"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4302y"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2807"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3480"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8164"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3530"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2367m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3460"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2460"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3427u"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4105"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v2"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3520m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6102e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100e"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5570"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217u"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2810"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v4"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2480"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4980hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6402p"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7295"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5300u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5540"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4000"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3540m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3508"
      },
      {
        "_id": null,
        "model": "atom x5-e3940",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3820qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5500u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4890_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3689y"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3827"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "950"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380um"
      },
      {
        "_id": null,
        "model": "xeon e5 2470 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775r"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5157u"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2518"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5506"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4628l_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5122"
      },
      {
        "_id": null,
        "model": "xeon e3 1260l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126t"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2930"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2580"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250f"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4250u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7542"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2910"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "740qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1235l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8158"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217ue"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5606"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675c"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2760"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450p"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5509"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v3"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1578l_v5"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2760qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770"
      },
      {
        "_id": null,
        "model": "xeon e5 2440",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3437u"
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2380p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5549"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3540"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "350m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570"
      },
      {
        "_id": null,
        "model": "xeon e3 1125c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3630qm"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v2"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3000"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790k"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2320"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660lm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770r"
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v3"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y30"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1850"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3690"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xeon e3 1125c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5020u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2312m"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4005"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8830"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400"
      },
      {
        "_id": null,
        "model": "xeon e5 2420",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1750"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3805"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v2"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2550k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3245"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5680"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3130"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1505m_v6"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4200"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3632qm"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2358"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "875k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "820qm"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5115"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4800mq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3560"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4005u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735d"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3060"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3350p"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620ue"
      },
      {
        "_id": null,
        "model": "xeon e3 1245",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y71"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3740qm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2350"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5257u"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2840"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4765t"
      },
      {
        "_id": null,
        "model": "xeon e3 1281 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3785"
      },
      {
        "_id": null,
        "model": "xeon e3 1271 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3455"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qm"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2308"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "670"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "480m"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3150"
      },
      {
        "_id": null,
        "model": "xeon e3 1290 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8857_v2"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3808"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6098p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600m"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2920"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4750hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4260u"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6136"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4722hq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745d"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440s"
      },
      {
        "_id": null,
        "model": "xeon e5 2450 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2637m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2405s"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2316"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2940"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2700k"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4880_v2"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290f"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x6550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360u"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2830"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3130m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460t"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610m"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3825"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2558"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2420"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3360m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6006u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3440"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8180"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620lm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2960xm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5518"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5520"
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "16.04"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120t"
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2830"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "650"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3537u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3720qm"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3700"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4202y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "990x"
      },
      {
        "_id": null,
        "model": "xeon bronze 3106",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200y"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y70"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3110m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5575r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8600k"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5660"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2805"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870_v2"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5118"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8650u"
      },
      {
        "_id": null,
        "model": "xeon e3 1220",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2537m"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3520"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "880"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3225"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5630"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2418l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5620"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2617m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6132"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "18.04"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6260u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210m"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v5"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2620m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775d"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2649m"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7500u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2603",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500k"
      },
      {
        "_id": null,
        "model": "xeon e5 2407 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2435m"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4108"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3439y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702ec"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "15"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750"
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330t"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4910mq"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2900"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770d"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6585r"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2438l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2440 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350h"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3590"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850_v2"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "12.04"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250t"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6146"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3558"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7600u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2665"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370t"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3850"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5618"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2430 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v4"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3670"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4648_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607"
      },
      {
        "_id": null,
        "model": "xeon e3 1246 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7285"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4109t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100t"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735g"
      },
      {
        "_id": null,
        "model": "simatic winac rtx \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3950"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2880_v2"
      },
      {
        "_id": null,
        "model": "xeon e3 1278l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5119t"
      },
      {
        "_id": null,
        "model": "xeon e5 2403 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820eq"
      },
      {
        "_id": null,
        "model": "xeon e3 1230l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4012y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150t"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100te"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v4"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5250u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940xm"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2750"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2520m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2105"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500te"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6128"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710hq"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2430",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1558l_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1290",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "vm virtualbox",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "5.2.0"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2357m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4158u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4102e"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3450"
      },
      {
        "_id": null,
        "model": "xeon e5 2407",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5672"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qe"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "14.04"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100u"
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350t"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126f"
      },
      {
        "_id": null,
        "model": "xeon e-1105c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8837"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5557u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4422e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6510"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v4"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3050"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134"
      },
      {
        "_id": null,
        "model": "xeon e3 12201",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402ec"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142f"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2115c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2675qm"
      },
      {
        "_id": null,
        "model": "xeon e5 2640",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4000m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4288u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2540m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370"
      },
      {
        "_id": null,
        "model": "xeon e3 1225",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3430"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8894_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148f"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3445"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610me"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4025u"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3710"
      },
      {
        "_id": null,
        "model": "atom x7-e3950",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138t"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1800"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670k"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3858"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3680"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430um"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699r_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5630"
      },
      {
        "_id": null,
        "model": "xeon e5 2609",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200h"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "73"
      },
      {
        "_id": null,
        "model": "xeon e5 2450l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4558u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570s"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4578u"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3160"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620le"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3426"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3667u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660ue"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "460m"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2715qe"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3555le"
      },
      {
        "_id": null,
        "model": "xeon e3 1240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "solidfire",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7545"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8100"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "530"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867l"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4410e"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2738"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3815"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "17.04"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "580m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5645"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5530"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5647"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "17"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "390m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6157u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550s"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3580"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4720hq"
      },
      {
        "_id": null,
        "model": "xeon e3 1280",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "450m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "720qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350u"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "840qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2635qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5502"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "550"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4900mq"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120t"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134m"
      },
      {
        "_id": null,
        "model": "xeon e3 1286 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1565l_v5"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3235rk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2510e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7920hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2420 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100h"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5670"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4960hq"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3230rk"
      },
      {
        "_id": null,
        "model": "hci compute node",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2758"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6150"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160f"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2718"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5560"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540m"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5287u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702mq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2650l_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2348m"
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4278u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400t"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140m"
      },
      {
        "_id": null,
        "model": "atom x5-e3930",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6154"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430m"
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.3"
      },
      {
        "_id": null,
        "model": "xeon e5 2650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1575m_v5"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "965"
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210f"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2920xm"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3010"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3060"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5600u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2560"
      },
      {
        "_id": null,
        "model": "xeon e3 1501l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300hq"
      },
      {
        "_id": null,
        "model": "vm virtualbox",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "5.2.6"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5950hq"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8168"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3355"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699a_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5580"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v3"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3708"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2610ue"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v2"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2657m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3338"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10c"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3710"
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5750hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2408l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2125"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y51"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5518"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7530"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620um"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2655le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "960"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5539"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5677"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2430l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3510"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3830"
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200u"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8153"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2630qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7540"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2538"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5603"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "610e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350k"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2730"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700ec"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100m"
      },
      {
        "_id": null,
        "model": "core m7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y75"
      },
      {
        "_id": null,
        "model": "xeon e3 1241 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qe"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230f"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585l_v5"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3295rk"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3200rk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5200u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2710qe"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "470um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120me"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5650"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v3"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8550u"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v3"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "9"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4550u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670r"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4624l_v2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450s"
      },
      {
        "_id": null,
        "model": "xeon e5 1660",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3687u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770k"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5675"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3265rk"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2516"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2130"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v3"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3758"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3480"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2365m"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1545m_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380m"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3840qm"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7560u"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2530"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qe"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4220y"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2557m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210y"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3470"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980x"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712hq"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5609"
      },
      {
        "_id": null,
        "model": "xeon e3 1275",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2328m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5649"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3750"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v2"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1900"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702hq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y30"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v4"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130f"
      },
      {
        "_id": null,
        "model": "xeon e3 1275l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114t"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3205rk"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640lm"
      },
      {
        "_id": null,
        "model": "xeon e5 2470",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3320m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2508"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5607"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4617"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330e"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850hq"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2338"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330te"
      },
      {
        "_id": null,
        "model": "xeon e5 2650l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3460"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3475s"
      },
      {
        "_id": null,
        "model": "xeon e3 1270",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v4"
      },
      {
        "_id": null,
        "model": "vm virtualbox",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "5.1.32"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2340ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5010u"
      },
      {
        "_id": null,
        "model": "xeon e3 1105c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3570"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500t"
      },
      {
        "_id": null,
        "model": "xeon e3 1258l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6360u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560"
      },
      {
        "_id": null,
        "model": "xeon bronze 3104",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "72"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1515m_v5"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4205"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2720qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3227u"
      },
      {
        "_id": null,
        "model": "xeon e5 2643",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735e"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "930"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6200u"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2820"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2350m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2300"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330"
      },
      {
        "_id": null,
        "model": "xeon e5 2430l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.0.0"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3115c"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920xm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4810mq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658a_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5503"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2550"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3845"
      },
      {
        "_id": null,
        "model": "xeon e3 1220l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735f"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5530"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4657l_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v3"
      },
      {
        "_id": null,
        "model": "xeon e3 1226 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3635qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5667"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2375m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2677m"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6320"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "655k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570t"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3160"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1231 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v4"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7555"
      },
      {
        "_id": null,
        "model": "xeon e3 1260l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4771"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "760"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "57"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3826"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4500u"
      },
      {
        "_id": null,
        "model": "xeon e3 1286l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2890_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675r"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650l"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6144"
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2377m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860qm"
      },
      {
        "_id": null,
        "model": "xeon e5 1650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5640"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5520"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6152"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "970"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4308u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4258u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v2"
      },
      {
        "_id": null,
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "17.10"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v4"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5687"
      },
      {
        "_id": null,
        "model": "xeon e3 1501m v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6267u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3317u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2815"
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2430m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850eq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y32"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3795"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7567u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7560"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4807"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6287u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w"
      },
      {
        "_id": null,
        "model": "xeon e5 2630",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590s"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3530"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10a"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520um"
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4020y"
      },
      {
        "_id": null,
        "model": "xeon e5 2637",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3955"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2803"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v4"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5590"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5508"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "661"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4950hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3380m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6350hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440eq"
      },
      {
        "_id": null,
        "model": "xeon e3 12201 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1235",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5550u"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7235"
      },
      {
        "_id": null,
        "model": "xeon e3 1505m v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170t"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740d"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142"
      },
      {
        "_id": null,
        "model": "xeon e3 1276 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "370m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3538"
      },
      {
        "_id": null,
        "model": "xeon e5 2630l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3406"
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5550"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v6"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2515e"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220t"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8156"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5504"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2629m"
      },
      {
        "_id": null,
        "model": "xeon e5 2450l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "75"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2410m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7660u"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4100"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2808"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4120u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2467m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3337u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hq"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2850"
      },
      {
        "_id": null,
        "model": "xeon e3 1230",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v3"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y54"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700eq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697a_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775c"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6540"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y75"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700k"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110e"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5015u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2102"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4510u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "975"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736f"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3308"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2520"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3339y"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3450"
      },
      {
        "_id": null,
        "model": "xeon e5 2403",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700t"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2390t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5650u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736g"
      },
      {
        "_id": null,
        "model": "hci management node",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3350"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5506"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700hq"
      },
      {
        "_id": null,
        "model": "communications diameter signaling router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6167u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2648l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7520"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4400e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100t"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540um"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5507"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3230m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670t"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2806"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5638"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210h"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3958"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6685r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4760hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3229y"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160m"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3405"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4785t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5640"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y57"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680um"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell emc",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fortinet",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "qualcomm incorporated",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "suse linux",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ubuntu",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "windows sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "internet explorer",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "11"
      },
      {
        "_id": null,
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "v8"
      },
      {
        "_id": null,
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "10"
      },
      {
        "_id": null,
        "model": "edge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon cpu e5-1650",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "v3"
      },
      {
        "_id": null,
        "model": "cortex a57",
        "scope": null,
        "trust": 0.6,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": "pro a8-9600 r7",
        "scope": null,
        "trust": 0.6,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": "compute cores 4c+6g",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "amd",
        "version": "10"
      },
      {
        "_id": null,
        "model": "fx -8320 eight-core processor",
        "scope": null,
        "trust": 0.6,
        "vendor": "amd",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "146772"
      },
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "145853"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      },
      {
        "db": "PACKETSTORM",
        "id": "149917"
      },
      {
        "db": "PACKETSTORM",
        "id": "146019"
      },
      {
        "db": "PACKETSTORM",
        "id": "146009"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2017-5715",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.4,
            "id": "CVE-2017-5715",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.0,
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2018-00302",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-113918",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "id": "CVE-2017-5715",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5715",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            "id": "CVE-2017-5715",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-00302",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113918",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Meltdown vulnerability exists in the CPU processor core, which \\\"melts\\\" the security boundary implemented by hardware, allowing low-privileged user-level applications to \\\"cross-border\\\" access to system-level memory, causing data leakage. The following products and versions are affected: ARM Cortex-R7; Cortex-R8; Cortex-A8; Cortex-A9; Cortex-A12; Intel Xeon CPU E5-1650 v3, v2, v4 versions; Xeon E3-1265l v2, v3, v4 Version; Xeon E3-1245 v2, v3, v5, v6 versions; Xeon X7542, etc. Description:\n\nThe microcode_ctl packages provide microcode updates for Intel and AMD\nprocessors. 7) - x86_64\n\n3. Description:\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for\nLinux on a variety of architectures. The qemu-kvm package provides the\nuser-space component for running virtual machines that use KVM. (CVE-2017-5715)\n\nNote: This is the qemu-kvm side of the CVE-2017-5715 mitigation. Once\nall virtual machines have shut down, start them again for this update to\ntake effect. (CVE-2017-17712)\n\nLaurent Guerby discovered that the mbcache feature in the ext2 and ext4\nfilesystems in the Linux kernel improperly handled xattr block caching. ==========================================================================\nUbuntu Security Notice USN-3777-3\nOctober 23, 2018\n\nlinux-azure vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nJann Horn discovered that the vmacache subsystem did not properly handle\nsequence number overflows, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor execute arbitrary code. (CVE-2018-17182)\n\nIt was discovered that the paravirtualization implementation in the Linux\nkernel did not properly handle some indirect calls, reducing the\neffectiveness of Spectre v2 mitigations for paravirtual guests. A local\nattacker could use this to expose sensitive information. An attacker could use\nthis to expose sensitive information. This flaw is known as Spectre. A local attacker could use this to\nexpose sensitive information, including kernel memory. (CVE-2017-5715)\n\nIt was discovered that a stack-based buffer overflow existed in the iSCSI\ntarget implementation of the Linux kernel. A remote attacker could use this\nto cause a denial of service (system crash). A local\nattacker could use this to expose sensitive information, including kernel\nmemory. (CVE-2018-3639)\n\nIt was discovered that a memory leak existed in the IRDA subsystem of the\nLinux kernel. A local attacker could use this to cause a denial of service\n(kernel memory exhaustion). A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-6555)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n  linux-image-4.15.0-1025-azure   4.15.0-1025.26\n  linux-image-azure               4.15.0.1025.25\n\nUbuntu 16.04 LTS:\n  linux-image-4.15.0-1025-azure   4.15.0-1025.26~16.04.1\n  linux-image-azure               4.15.0.1025.31\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. On i386 and amd64\narchitectures, the IBRS and IBPB features are required to enable the\nkernel mitigations. Ubuntu users with a processor from a different vendor should\ncontact the vendor to identify necessary firmware updates. Ubuntu\nwill provide corresponding QEMU updates in the future for users of\nself-hosted virtual environments in coordination with upstream QEMU. \nUbuntu users in cloud environments should contact the cloud provider\nto confirm that the hypervisor has been updated to expose the new\nCPU features to virtual machines. Regressions\nwere discovered in the microcode updates which could cause system\ninstability on certain hardware platforms. At the request of Intel, we have\nreverted to the previous packaged microcode version, the 20170707 release. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security update\nAdvisory ID:       RHSA-2018:0009-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2018:0009\nIssue date:        2018-01-03\n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.3\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.3) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.3) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.3) - ppc64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update mitigations for x86-64 architecture are provided. \n\nVariant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors,\nduring speculative execution of instruction permission faults, exception\ngeneration triggered by a faulting access is suppressed until the\nretirement of the whole instruction block. In a combination with the fact\nthat memory accesses may populate the cache even when the block is being\ndropped and never committed (executed), an unprivileged local attacker\ncould use this flaw to read privileged (kernel space) memory by conducting\ntargeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64\nmicroprocessors are not affected by this issue. \n\nRed Hat would like to thank Google Project Zero for reporting these issues. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.3):\n\nSource:\nkernel-3.10.0-514.36.5.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm\nkernel-doc-3.10.0-514.36.5.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-headers-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm\nperf-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.3):\n\nSource:\nkernel-3.10.0-514.36.5.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-514.36.5.el7.noarch.rpm\nkernel-doc-3.10.0-514.36.5.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-devel-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-headers-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.ppc64.rpm\nperf-3.10.0-514.36.5.el7.ppc64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-headers-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-514.36.5.el7.s390x.rpm\nkernel-devel-3.10.0-514.36.5.el7.s390x.rpm\nkernel-headers-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-514.36.5.el7.s390x.rpm\nperf-3.10.0-514.36.5.el7.s390x.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\npython-perf-3.10.0-514.36.5.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-devel-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-headers-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-514.36.5.el7.x86_64.rpm\nperf-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.3):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-514.36.5.el7.x86_64.rpm\nperf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-514.36.5.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFaTW74XlSAg2UNWIIRAhXJAKCJMCaZ0NVTHbMZVqJo/apc0riu6gCeKrRp\nV5hk1dX+MUEGL5NsOPmBa6w=\n=ki2K\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      },
      {
        "db": "PACKETSTORM",
        "id": "146772"
      },
      {
        "db": "PACKETSTORM",
        "id": "145676"
      },
      {
        "db": "PACKETSTORM",
        "id": "145660"
      },
      {
        "db": "PACKETSTORM",
        "id": "145999"
      },
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "145853"
      },
      {
        "db": "PACKETSTORM",
        "id": "145713"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      },
      {
        "db": "PACKETSTORM",
        "id": "149917"
      },
      {
        "db": "PACKETSTORM",
        "id": "146019"
      },
      {
        "db": "PACKETSTORM",
        "id": "146009"
      },
      {
        "db": "PACKETSTORM",
        "id": "145636"
      }
    ],
    "trust": 3.33
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-113918",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5715",
        "trust": 2.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#584653",
        "trust": 1.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "102376",
        "trust": 1.7
      },
      {
        "db": "PACKETSTORM",
        "id": "155281",
        "trust": 1.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145645",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1040071",
        "trust": 1.1
      },
      {
        "db": "LENOVO",
        "id": "LEN-18282",
        "trust": 1.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "43427",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-003",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-002",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-608355",
        "trust": 1.1
      },
      {
        "db": "USCERT",
        "id": "TA18-141A",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "146019",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "149917",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "146009",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "146772",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145853",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145844",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146026",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146014",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146298",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145767",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146301",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146018",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146556",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148260",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145769",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146016",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150083",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145852",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145801",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146315",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148446",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146771",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146167",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146762",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "147179",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145800",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "147582",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146308",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145768",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145964",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146283",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146017",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146957",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146015",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145762",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146714",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145809",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146501",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-152",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145676",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145660",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145999",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146526",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145713",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146525",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145636",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      },
      {
        "db": "PACKETSTORM",
        "id": "146772"
      },
      {
        "db": "PACKETSTORM",
        "id": "145676"
      },
      {
        "db": "PACKETSTORM",
        "id": "145660"
      },
      {
        "db": "PACKETSTORM",
        "id": "145999"
      },
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "145853"
      },
      {
        "db": "PACKETSTORM",
        "id": "145713"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      },
      {
        "db": "PACKETSTORM",
        "id": "149917"
      },
      {
        "db": "PACKETSTORM",
        "id": "146019"
      },
      {
        "db": "PACKETSTORM",
        "id": "146009"
      },
      {
        "db": "PACKETSTORM",
        "id": "145636"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      }
    ]
  },
  "id": "VAR-201801-0826",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      }
    ],
    "trust": 1.3670634874999998
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      }
    ]
  },
  "last_update_date": "2026-03-09T21:54:12.830000Z",
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-203",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.9,
        "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
      },
      {
        "trust": 1.9,
        "url": "http://www.kb.cert.org/vuls/id/584653"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/102376"
      },
      {
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
      },
      {
        "trust": 1.6,
        "url": "https://support.apple.com//ht208394"
      },
      {
        "trust": 1.6,
        "url": "http://www.dell.com/support/speculative-store-bypass"
      },
      {
        "trust": 1.6,
        "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
      },
      {
        "trust": 1.1,
        "url": "https://seclists.org/bugtraq/2019/jun/36"
      },
      {
        "trust": 1.1,
        "url": "https://seclists.org/bugtraq/2019/nov/16"
      },
      {
        "trust": 1.1,
        "url": "https://www.kb.cert.org/vuls/id/180049"
      },
      {
        "trust": 1.1,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
      },
      {
        "trust": 1.1,
        "url": "http://xenbits.xen.org/xsa/advisory-254.html"
      },
      {
        "trust": 1.1,
        "url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
      },
      {
        "trust": 1.1,
        "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
      },
      {
        "trust": 1.1,
        "url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
      },
      {
        "trust": 1.1,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
      },
      {
        "trust": 1.1,
        "url": "https://security.paloaltonetworks.com/cve-2017-5715"
      },
      {
        "trust": 1.1,
        "url": "https://support.citrix.com/article/ctx231399"
      },
      {
        "trust": 1.1,
        "url": "https://support.f5.com/csp/article/k91229003"
      },
      {
        "trust": 1.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
      },
      {
        "trust": 1.1,
        "url": "https://support.lenovo.com/us/en/solutions/len-18282"
      },
      {
        "trust": 1.1,
        "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
      },
      {
        "trust": 1.1,
        "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
      },
      {
        "trust": 1.1,
        "url": "https://www.synology.com/support/security/synology_sa_18_01"
      },
      {
        "trust": 1.1,
        "url": "https://www.vmware.com/security/advisories/vmsa-2018-0007.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0002.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.vmware.com/us/security/advisories/vmsa-2018-0004.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4120"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4187"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4188"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4213"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/43427/"
      },
      {
        "trust": 1.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc"
      },
      {
        "trust": 1.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-19:26.mcu.asc"
      },
      {
        "trust": 1.1,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.1,
        "url": "http://packetstormsecurity.com/files/145645/spectre-information-disclosure-proof-of-concept.html"
      },
      {
        "trust": 1.1,
        "url": "http://packetstormsecurity.com/files/155281/freebsd-security-advisory-freebsd-sa-19-26.mcu.html"
      },
      {
        "trust": 1.1,
        "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
      },
      {
        "trust": 1.1,
        "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
      },
      {
        "trust": 1.1,
        "url": "https://spectreattack.com/"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0292"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1040071"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3531-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3531-3/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3540-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3541-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3542-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3549-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3560-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3561-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3580-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3581-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3581-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3582-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3582-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3594-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3620-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3690-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3777-3/"
      },
      {
        "trust": 1.0,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 1.0,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026languageid=en-fr"
      },
      {
        "trust": 0.8,
        "url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
      },
      {
        "trust": 0.8,
        "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
      },
      {
        "trust": 0.8,
        "url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/208.html"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
      },
      {
        "trust": 0.8,
        "url": "https://fortiguard.com/psirt/fg-ir-18-002"
      },
      {
        "trust": 0.8,
        "url": "https://support.hp.com/us-en/document/c06001626"
      },
      {
        "trust": 0.8,
        "url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
      },
      {
        "trust": 0.8,
        "url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
      },
      {
        "trust": 0.8,
        "url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/vulnerabilities/ssbd"
      },
      {
        "trust": 0.8,
        "url": "https://www.suse.com/support/kb/doc/?id=7022937"
      },
      {
        "trust": 0.8,
        "url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
      },
      {
        "trust": 0.8,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
      },
      {
        "trust": 0.8,
        "url": "https://kb.vmware.com/s/article/54951"
      },
      {
        "trust": 0.8,
        "url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
      },
      {
        "trust": 0.6,
        "url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates"
      },
      {
        "trust": 0.5,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.5,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2017-5715"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-8824"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17712"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15115"
      },
      {
        "trust": 0.2,
        "url": "https://www.ubuntu.com/usn/usn-3531-1"
      },
      {
        "trust": 0.1,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026amp;languageid=en-fr"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3541-2,"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3523-2,"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-37.42~16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3597-1,"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3597-2,"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0037"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0023"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0106"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8952"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3582-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1087.92"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1085.93"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-116.140"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1019.24"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12190"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1052.61"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu17.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu16.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu17.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0~ubuntu14.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0060"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/solutions/3307851"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-36.40~16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1011.14"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3581-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1011.15"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3581-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1021.23"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15572"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1025.26"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-6554"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-6555"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-14633"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15594"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1025.26~16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-17182"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3777-3"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3777-1"
      },
      {
        "trust": 0.1,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/spectreandmeltdown"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3541-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1006.8"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3541-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1017.18"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-31.34~16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1007.10"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1742933"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3531-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu17.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/intel-microcode/3.20180108.0+really20170707ubuntu14.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-5753"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-5754"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0009"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918"
      },
      {
        "db": "PACKETSTORM",
        "id": "146772"
      },
      {
        "db": "PACKETSTORM",
        "id": "145676"
      },
      {
        "db": "PACKETSTORM",
        "id": "145660"
      },
      {
        "db": "PACKETSTORM",
        "id": "145999"
      },
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "145853"
      },
      {
        "db": "PACKETSTORM",
        "id": "145713"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      },
      {
        "db": "PACKETSTORM",
        "id": "149917"
      },
      {
        "db": "PACKETSTORM",
        "id": "146019"
      },
      {
        "db": "PACKETSTORM",
        "id": "146009"
      },
      {
        "db": "PACKETSTORM",
        "id": "145636"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00302",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-113918",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146772",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145676",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145660",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145999",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146526",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145853",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145713",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146525",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "149917",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146019",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146009",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145636",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5715",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-21T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00302",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113918",
        "ident": null
      },
      {
        "date": "2018-03-15T15:54:52",
        "db": "PACKETSTORM",
        "id": "146772",
        "ident": null
      },
      {
        "date": "2018-01-05T00:37:41",
        "db": "PACKETSTORM",
        "id": "145676",
        "ident": null
      },
      {
        "date": "2018-01-04T17:52:11",
        "db": "PACKETSTORM",
        "id": "145660",
        "ident": null
      },
      {
        "date": "2018-01-22T03:06:00",
        "db": "PACKETSTORM",
        "id": "145999",
        "ident": null
      },
      {
        "date": "2018-02-22T10:13:00",
        "db": "PACKETSTORM",
        "id": "146526",
        "ident": null
      },
      {
        "date": "2018-01-12T01:15:58",
        "db": "PACKETSTORM",
        "id": "145853",
        "ident": null
      },
      {
        "date": "2018-01-06T18:00:08",
        "db": "PACKETSTORM",
        "id": "145713",
        "ident": null
      },
      {
        "date": "2018-02-22T10:11:00",
        "db": "PACKETSTORM",
        "id": "146525",
        "ident": null
      },
      {
        "date": "2018-10-23T23:24:55",
        "db": "PACKETSTORM",
        "id": "149917",
        "ident": null
      },
      {
        "date": "2018-01-23T04:32:21",
        "db": "PACKETSTORM",
        "id": "146019",
        "ident": null
      },
      {
        "date": "2018-01-22T03:17:00",
        "db": "PACKETSTORM",
        "id": "146009",
        "ident": null
      },
      {
        "date": "2018-01-04T00:53:47",
        "db": "PACKETSTORM",
        "id": "145636",
        "ident": null
      },
      {
        "date": "2018-01-04T13:29:00.227000",
        "db": "NVD",
        "id": "CVE-2017-5715",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-06-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00302",
        "ident": null
      },
      {
        "date": "2020-05-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113918",
        "ident": null
      },
      {
        "date": "2025-05-06T15:15:51.640000",
        "db": "NVD",
        "id": "CVE-2017-5715",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "145853"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      },
      {
        "db": "PACKETSTORM",
        "id": "149917"
      },
      {
        "db": "PACKETSTORM",
        "id": "146019"
      },
      {
        "db": "PACKETSTORM",
        "id": "146009"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "arbitrary",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "146526"
      },
      {
        "db": "PACKETSTORM",
        "id": "146525"
      }
    ],
    "trust": 0.2
  }
}

VAR-201801-1711

Vulnerability from variot - Updated: 2026-03-09 21:41

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Spectre vulnerability exists in the CPU processor core. Because Intel does not separate low-privileged applications from accessing kernel memory, an attacker can use a malicious application to obtain private data that should be quarantined. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Intel and ARM CPU chips have an information disclosure vulnerability, which originates from a flaw in the processor data boundary mechanism. The following products and versions are affected: ARM Cortex-A75; Intel Xeon E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4; Xeon E3-1245 v2, v3, v5, v6; Xeon X7542 wait. Relevant releases/architectures:

Image Updates for RHV-H - noarch

  1. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. ========================================================================== Ubuntu Security Notice USN-3522-4 January 10, 2018

linux-lts-xenial regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS

Summary:

USN-3522-2 introduced a regression in the Linux Hardware Enablement kernel. Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem.

We apologize for the inconvenience.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS: linux-image-4.4.0-109-generic 4.4.0-109.132~14.04.1 linux-image-4.4.0-109-lowlatency 4.4.0-109.132~14.04.1 linux-image-generic-lts-xenial 4.4.0.109.92 linux-image-lowlatency-lts-xenial 4.4.0.109.92

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack. This solution might have a performance impact, and can be disabled at boot time by passing `pti=off' to the kernel command line.

We also identified a regression for ancient userspaces using the vsyscall interface, for example chroot and containers using (e)glibc 2.13 and older, including those based on Debian 7 or RHEL/CentOS 6.

The other vulnerabilities (named Spectre) published at the same time are not addressed in this update and will be fixed in a later update.

For the stable distribution (stretch), this problem has been fixed in version 4.9.65-3+deb9u2.

For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlpOqZMACgkQ3rYcyPpX RFuTTQf/btBqg9/I3XlnJFyGAmd4eQolTcU5cfDJqNhD4TZoyMocghvw1kYtu7z9 bYVhwCRukJym8O8AXJOxvlcsP7g0ANXqVDHpzCN8byKYgzigVP9brfOu/zDa4uYY EYf8V3pc2QzNo5OV4G+sK5ZklkDnNIde+OxUfU0Otl9fUG2rS5JTFvaRgvGazlbb cN5wltoHD6DBeSRnfadwYPHQR5U+KAJNImh34Y6T73i7n5dGTnNhs6E7n0wlJL9O SQLwoqQeiDpcE7C4TZ1pb4AbFCZXaic+1ONbWy8D7erKNA7kV1U2LQDmPDw9kmua Lc5heEX026Xfdy83v6NAPwR+NU8stg== =GGyG -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03805en_us Version: 4

HPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2018-01-10 Last Updated: 2018-01-09

Potential Security Impact: Local: Disclosure of Information, Elevation of Privilege

Source: Hewlett Packard Enterprise, Product Security Response Team

VULNERABILITY SUMMARY On January 3 2018, side-channel security vulnerabilities involving speculative execution were publicly disclosed. These vulnerabilities may impact the listed HPE products, potentially leading to information disclosure and elevation of privilege. Mitigation and resolution of these vulnerabilities may call for both an operating system update, provided by the OS vendor, and a system ROM update from HPE.

Note:

References:

  • PSRT110634
  • PSRT110633
  • PSRT110632
  • CVE-2017-5715 - aka Spectre, branch target injection
  • CVE-2017-5753 - aka Spectre, bounds check bypass
  • CVE-2017-5754 - aka Meltdown, rogue data cache load, memory access permission check performed after kernel memory read

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HPE ProLiant DL380 Gen10 Server prior to v1.28
  • HPE ProLiant DL180 Gen10 Server prior to v1.28
  • HPE ProLiant DL160 Gen10 Server prior to v1.28
  • HPE ProLiant DL360 Gen10 Server prior to v1.28
  • HPE ProLiant ML110 Gen10 Server prior to v1.28
  • HPE ProLiant DL580 Gen10 Server prior to v1.28
  • HPE ProLiant DL560 Gen10 Server prior to v1.28
  • HPE ProLiant DL120 Gen10 Server prior to v1.28
  • HPE ProLiant ML350 Gen10 Server prior to v1.28
  • HPE ProLiant XL450 Gen10 Server prior to v1.28
  • HPE ProLiant XL170r Gen10 Server prior to v1.28
  • HPE ProLiant BL460c Gen10 Server Blade prior to v1.28
  • HPE ProLiant XL230a Gen9 Server prior to v2.54
  • HPE ProLiant XL230k Gen10 Server prior to v1.28
  • HPE ProLiant XL730f Gen9 Server prior to v2.54
  • HPE ProLiant XL740f Gen9 Server prior to v2.54
  • HPE ProLiant XL750f Gen9 Server prior to v2.54
  • HPE ProLiant XL170r Gen9 Server prior to v2.54
  • HP ProLiant DL60 Gen9 Server prior to v2.54
  • HPE ProLiant XL450 Gen9 Server prior to v2.54
  • HP ProLiant DL160 Gen9 Server prior to v2.54
  • HPE Apollo 4200 Gen9 Server prior to v2.54
  • HP ProLiant BL460c Gen9 Server Blade prior to v2.54
  • HP ProLiant ML110 Gen9 Server prior to v2.54
  • HP ProLiant ML150 Gen9 Server prior to v2.54
  • HPE ProLiant ML350 Gen9 Server prior to v2.54
  • HP ProLiant DL380 Gen9 Server prior to v2.54
  • HP ProLiant DL120 Gen9 Server prior to v2.54
  • HPE ProLiant DL560 Gen9 Server prior to v2.54
  • HPE ProLiant XL270d Gen9 Special Server prior to v2.54
  • HP ProLiant BL660c Gen9 Server prior to v2.54
  • HPE ProLiant m710x Server Cartridge prior to v1.60
  • HPE ProLiant DL20 Gen9 Server prior to v2.52
  • HPE ProLiant DL385 Gen10 Server prior to v1.04
  • HPE Synergy 660 Gen9 Compute Module prior to v2.54
  • HPE Synergy 480 Gen10 Compute Module prior to v1.28
  • HPE Synergy 480 Gen9 Compute Module prior to v2.54
  • HPE ProLiant ML30 Gen9 Server prior to v2.52
  • HPE ProLiant XL190r Gen10 Server prior to v1.28
  • HPE ProLiant XL250a Gen9 Server prior to v2.54
  • HPE ProLiant XL190r Gen9 Server prior to v2.54
  • HP ProLiant DL80 Gen9 Server prior to v2.54
  • HPE ProLiant DL180 Gen9 Server prior to v2.54
  • HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server prior to v2.54
  • HPE ProLiant WS460c Gen9 Workstation prior to v2.54
  • HPE ProLiant DL580 Gen9 Special Server prior to v2.54
  • HPE Synergy 680 Gen9 Compute Modules prior to v2.54
  • HPE ProLiant XL260a Gen9 Server prior to 1/22/2018
  • HPE ProLiant m510 Server Cartridge prior to 1/22/2018
  • HPE ProLiant m710p Server Cartridge prior to 12/12/2017
  • HP ProLiant m350 Server Cartridge prior to 12/12/2017
  • HP ProLiant m300 Server Cartridge prior to 12/12/2017
  • HP ProLiant ML350e Gen8 Server prior to 12/12/2017
  • HPE ProLiant ML350e Gen8 v2 Server prior to 12/12/2017
  • HP ProLiant BL460c Gen8 Server prior to 12/12/2017
  • HP ProLiant BL660c Gen8 Server prior to 12/12/2017
  • HPE ProLiant SL4540 Gen8 1 Node Server prior to 12/12/2017
  • HP ProLiant DL380e Gen8 Server prior to 12/12/2017
  • HP ProLiant DL360e Gen8 Server prior to 12/12/2017
  • HP ProLiant ML350p Gen8 Server prior to 12/12/2017
  • HP ProLiant DL360p Gen8 Server prior to 12/12/2017
  • HP ProLiant DL380p Gen8 Server prior to 12/12/2017
  • HP ProLiant DL320e Gen8 Server prior to 12/12/2017
  • HPE ProLiant DL320e Gen8 v2 Server prior to 12/12/2017
  • HP ProLiant ML310e Gen8 Server prior to 12/12/2017
  • HPE ProLiant ML310e Gen8 v2 Server prior to 12/12/2017
  • HP ProLiant DL160 Gen8 Server prior to 12/12/2017
  • HP ProLiant SL270s Gen8 Server prior to 12/12/2017
  • HP ProLiant SL250s Gen8 Server prior to 12/12/2017
  • HP ProLiant SL230s Gen8 Server prior to 12/12/2017
  • HP ProLiant DL560 Gen8 Server prior to 12/12/2017
  • HPE ProLiant SL210t Gen8 Server prior to 12/12/2017
  • HP ProLiant DL580 Gen8 Server prior to 12/12/2017 (v1.98)
  • HP ProLiant ML10 Server prior to 12/12/2017
  • HP ProLiant m710 Server Cartridge prior to 12/12/2017 (v1.60)
  • HPE Synergy Composer prior to 12/12/2017
  • HPE Integrity Superdome X with BL920s Blades prior to 8.8.6
  • HPE Superdome Flex Server prior to 2.3.110
  • HP ProLiant DL360 Gen9 Server prior to v2.54
  • HPE Synergy 620 Gen9 Compute Module prior to v2.54
  • HPE ProLiant Thin Micro TM200 Server prior to 1/16/2017
  • HPE ProLiant ML350 Gen10 Server prior to v1.28
  • HP ProLiant BL420c Gen8 Server prior to 12/12/2017
  • HPE ProLiant ML10 v2 Server prior to 12/12/2017
  • HPE ProLiant MicroServer Gen8 prior to 12/12/2017
  • HPE Synergy 660 Gen10 Compute Module prior to v1.28

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

CVE-2017-5715
  8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
  6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)

CVE-2017-5753
  5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
  5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)

CVE-2017-5754
  7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)

Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

RESOLUTION

HPE has made the following system ROM updates which include an updated microcode to resolve the vulnerability:

  • HPE has provided a customer bulletin https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us with specific instructions to obtain the udpated sytem ROM

  • Note:

    • CVE-2017-5715 requires that the System ROM be updated and a vendor supplied operating system update be applied as well.
    • For CVE-2017-5753, CVE-2017-5754 require only updates of a vendor supplied operating system.
    • HPE will continue to add additional products to the list. Not all listed products have updated system ROMs yet. Impacted products awaiting system ROM updates are marked TBS (to be supplied).

HISTORY

Version:1 (rev.1) - 4 January 2018 Initial release

Version:2 (rev.2) - 5 January 2018 Added additional impacted products

Version:3 (rev.3) - 10 January 2018 Added more impacted products

Version:4 (rev.4) - 9 January 2018 Fixed product ID

Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

Copyright 2016 Hewlett Packard Enterprise

Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

============================================================================= FreeBSD-SA-18:03.speculative_execution Security Advisory The FreeBSD Project

Topic: Speculative Execution Vulnerabilities

Category: core Module: kernel Announced: 2018-03-14 Credits: Jann Horn (Google Project Zero); Werner Haas, Thomas Prescher (Cyberus Technology); Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz (Graz University of Technology); Paul Kocher; Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus); Yuval Yarom (University of Adelaide and Data6) Affects: All supported versions of FreeBSD. Corrected: 2018-02-17 18:00:01 UTC (stable/11, 11.1-STABLE) 2018-03-14 04:00:00 UTC (releng/11.1, 11.1-RELEASE-p8) CVE Name: CVE-2017-5715, CVE-2017-5754

Special Note: Speculative execution vulnerability mitigation is a work in progress. This advisory addresses the most significant issues for FreeBSD 11.1 on amd64 CPUs. We expect to update this advisory to include 10.x for amd64 CPUs. Future FreeBSD releases will address this issue on i386 and other CPUs. freebsd-update will include changes on i386 as part of this update due to common code changes shared between amd64 and i386, however it contains no functional changes for i386 (in particular, it does not mitigate the issue on i386).

For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .

I.

II. Problem Description

A number of issues relating to speculative execution were found last year and publicly announced January 3rd. Two of these, known as Meltdown and Spectre V2, are addressed here.

CVE-2017-5754 (Meltdown)

This issue relies on an affected CPU speculatively executing instructions beyond a faulting instruction. When this happens, changes to architectural state are not committed, but observable changes may be left in micro- architectural state (for example, cache). This may be used to infer privileged data.

CVE-2017-5715 (Spectre V2)

Spectre V2 uses branch target injection to speculatively execute kernel code at an address under the control of an attacker.

III. Impact

An attacker may be able to read secret data from the kernel or from a process when executing untrusted code (for example, in a web browser).

IV. Workaround

No workaround is available.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot.

2) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility, followed by a reboot into the new kernel:

freebsd-update fetch

freebsd-update install

shutdown -r now

3) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

[FreeBSD 11.1]

fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch

fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch.asc

gpg --verify speculative_execution-amd64-11.patch.asc

b) Apply the patch. Execute the following commands as root:

cd /usr/src

patch < /path/to/patch

c) Recompile your kernel as described in and reboot the system.

VI. Correction details

CVE-2017-5754 (Meltdown)

The mitigation is known as Page Table Isolation (PTI). PTI largely separates kernel and user mode page tables, so that even during speculative execution most of the kernel's data is unmapped and not accessible.

A demonstration of the Meltdown vulnerability is available at https://github.com/dag-erling/meltdown. A positive result is definitive (that is, the vulnerability exists with certainty). A negative result indicates either that the CPU is not affected, or that the test is not capable of demonstrating the issue on the CPU (and may need to be modified).

A patched kernel will automatically enable PTI on Intel CPUs. The status can be checked via the vm.pmap.pti sysctl:

sysctl vm.pmap.pti

vm.pmap.pti: 1

The default setting can be overridden by setting the loader tunable vm.pmap.pti to 1 or 0 in /boot/loader.conf. This setting takes effect only at boot.

PTI introduces a performance regression. The observed performance loss is significant in microbenchmarks of system call overhead, but is much smaller for many real workloads.

CVE-2017-5715 (Spectre V2)

There are two common mitigations for Spectre V2. This patch includes a mitigation using Indirect Branch Restricted Speculation, a feature available via a microcode update from processor manufacturers. The alternate mitigation, Retpoline, is a feature available in newer compilers. The feasibility of applying Retpoline to stable branches and/or releases is under investigation.

The patch includes the IBRS mitigation for Spectre V2. To use the mitigation the system must have an updated microcode; with older microcode a patched kernel will function without the mitigation.

IBRS can be disabled via the hw.ibrs_disable sysctl (and tunable), and the status can be checked via the hw.ibrs_active sysctl. IBRS may be enabled or disabled at runtime. Additional detail on microcode updates will follow.

The following list contains the correction revision numbers for each affected branch.

Branch/path Revision

stable/11/ r329462 releng/11.1/ r330908

To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

VII. References

The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqon0RfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKORw/+Lc5lxLhDgU1rQ0JF6sb2b80Ly5k+rJLXFWBvmEQt0uVyVkF4TMJ99M04 bcmrLbT4Pl0Csh/iEYvZQ4el12KvPDApHszsLTBgChD+KfCLvCZvBZzasgDWGD0E JhL4eIX0wjJ4oGGsT+TAqkmwXyAMJgWW/ZgZPFVXocylZTL3fV4g52VdG1Jnd2yu hnkViH2kVlVJqXX9AHlenIUfEmUiRUGrMh5oPPpFYDDmfJ+enZ8QLxfZtOKIliD7 u+2GP8V/bvaErkxqF5wwobybrBOMXpq9Y/fWw0EH/om7myevj/oORqK+ZmGZ17bl IRbdWxgjc1hN2TIMVn9q9xX6i0I0wSPwbpLYagKnSnE8WNVUTZUteaj1GKGTG1rj DFH2zOLlbRr/IXUFldM9b6VbZX6G5Ijxwy1DJzB/0KL5ZTbAReUR0pqHR7xpulbJ eDv8SKCwYiUpMuwPOXNdVlVLZSsH5/9A0cyjH3+E+eIhM8qyxw7iRFwA0DxnGVkr tkMo51Vl3Gl7JFFimGKljsE9mBh00m8B0WYJwknvfhdehO4WripcwI7/V5zL6cwj s018kaW4Xm77LOz6P1iN8nbcjZ9gN2AsPYUYYZqJxjCcZ7r489Hg9BhbDf0QtC0R gnwZWiZ/KuAy0C6vaHljsm0xPEM5nBz/yScFXDbuhEdmEgBBD6w= =fqrI -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: kernel security update Advisory ID: RHSA-2018:0018-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0018 Issue date: 2018-01-04 =====================================================================

  1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited.

Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

In this update mitigations for x86-64 architecture are provided.

Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important)

Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important)

Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important)

Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.

Red Hat would like to thank Google Project Zero for reporting these issues. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):

1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass 1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection 1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling

  1. Package List:

Red Hat Enterprise Linux Server AUS (v. 6.4):

Source: kernel-2.6.32-358.84.2.el6.src.rpm

noarch: kernel-doc-2.6.32-358.84.2.el6.noarch.rpm kernel-firmware-2.6.32-358.84.2.el6.noarch.rpm

x86_64: kernel-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm kernel-devel-2.6.32-358.84.2.el6.x86_64.rpm kernel-headers-2.6.32-358.84.2.el6.x86_64.rpm perf-2.6.32-358.84.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 6.4):

Source: kernel-2.6.32-358.84.2.el6.src.rpm

x86_64: kernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm python-perf-2.6.32-358.84.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/speculativeexecution https://access.redhat.com/security/cve/CVE-2017-5753 https://access.redhat.com/security/cve/CVE-2017-5715 https://access.redhat.com/security/cve/CVE-2017-5754

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc. The vulnerability could be exploited to Local Disclosure of Information.

References:

  • CVE-2017-5753
  • CVE-2017-5715
  • CVE-2017-5754

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  • HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01, v3.02, v3.03
  • HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03

BACKGROUND

CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

RESOLUTION

Micro Focus is actively working with its vendors to address any systems-level Spectre and Meltdown impacts.However, if you have immediate concerns or questions regarding CentOS and its approach to Spectre or Meltdown, please contact them directly. Please note that you will need to sign in using a Passport account.

3P = 3rd Party Software GN = Micro Focus General Software MU = Multi-Platform Software

System management and security procedures must be reviewed frequently to maintain system integrity. Micro Focus is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends that all users determine the applicability of this information to their individual situations and take appropriate action. Micro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, Micro Focus will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, Micro Focus disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

Copyright 2017 EntIT Software LLC

Micro Focus shall not be liable for technical or editorial errors or omissions contained herein

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "xeon e5 2650l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "720qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7235"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6585r"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3710"
      },
      {
        "_id": null,
        "model": "xeon e5 2430l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210m"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10c"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5550"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6154"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "740qm"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736g"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6510"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3235rk"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4720hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4000m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2405s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8100"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860_v2"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3850"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2435m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3380m"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1545m_v5"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360"
      },
      {
        "_id": null,
        "model": "xeon e5 2637",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2518"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3317u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700ec"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160t"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "460m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4807"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3480"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3580"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y32"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5677"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330m"
      },
      {
        "_id": null,
        "model": "xeon e3 1278l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x6550"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5750hq"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570r"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2760qm"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134m"
      },
      {
        "_id": null,
        "model": "xeon e5 2430 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "650"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3295rk"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4109t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5550u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3690"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6260u"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1281 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660"
      },
      {
        "_id": null,
        "model": "xeon e5 2450l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735d"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2340ue"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867l"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5618"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y30"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775c"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8180"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "760"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2650l_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2420",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675c"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5557u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v3"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3445"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3455"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5520"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2629m"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3700"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138f"
      },
      {
        "_id": null,
        "model": "xeon e5 2438l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5257u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5502"
      },
      {
        "_id": null,
        "model": "xeon bronze 3106",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2480"
      },
      {
        "_id": null,
        "model": "xeon e5 2470 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600t"
      },
      {
        "_id": null,
        "model": "xeon e5 2407 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2450 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2675qm"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2940"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350k"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1850"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2358"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460t"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7285"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460s"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2900"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2550"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210u"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3808"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3350"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5200u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4260u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5506"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v3"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126f"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4750hq"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1515m_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1245",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qm"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4722hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5500u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8650u"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3205rk"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v5"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2540m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5650"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5600u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210"
      },
      {
        "_id": null,
        "model": "core m7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y75"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3785"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820eq"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120t"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3827"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2102"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610me"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1800"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330e"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3010"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "470um"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2430",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v2"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4890_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5649"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "610e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370t"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2300"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "530"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3060"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660lm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5690"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2390t"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4105"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2515e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560m"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3530"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4880_v2"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176f"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1565l_v5"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4648_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600u"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2467m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850hq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5680"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8857_v2"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8837"
      },
      {
        "_id": null,
        "model": "xeon e5 2620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4800mq"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2830"
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3406"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4628l_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5120"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4603"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3480"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2665"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v2"
      },
      {
        "_id": null,
        "model": "xeon e3 1220",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500t"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2550k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3689y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700hq"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3538"
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5672"
      },
      {
        "_id": null,
        "model": "xeon e5 1650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hk"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v2"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3570"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3350p"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3440"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3560"
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3437u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7500u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300y"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3460"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3355"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6157u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5667"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160f"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v4"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4624l_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140m"
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4550u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2520"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200u"
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2803"
      },
      {
        "_id": null,
        "model": "xeon e5 2643 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5518"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980x"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2538"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3308"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y51"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4250u"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770r"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4607"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3955"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2357m"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hq"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2460"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8158"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6006u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4158u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217ue"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v2"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2750"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585l_v5"
      },
      {
        "_id": null,
        "model": "xeon e5 2408l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116t"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3758"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3360m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112e"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7530"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2348m"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j2850"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v2"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v2"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3229y"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3845"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2308"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702ec"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620ue"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5503"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6200u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4510u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5640"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200m"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y71"
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5122"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3427u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5575r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4558u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710mq"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8168"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2630qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1241 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4422e"
      },
      {
        "_id": null,
        "model": "xeon e3 1230l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1260l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2312m"
      },
      {
        "_id": null,
        "model": "xeon e3 1225",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4655_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7555"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700"
      },
      {
        "_id": null,
        "model": "xeon e3 1271 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3635qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1260l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6167u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330te"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6134"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7567u"
      },
      {
        "_id": null,
        "model": "xeon e5 1650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2760"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "965"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3115c"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1230",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5670"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2738"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940xm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3430"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660ue"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "975"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v2"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5675"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450m"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658"
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4000"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470s"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3470"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4760hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "990x"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200h"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8600k"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6146"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4960hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7600u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2630 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5950hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3590"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5549"
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3745d"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l7545"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850eq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5508"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2350"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2560"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2758"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120me"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7560u"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5509"
      },
      {
        "_id": null,
        "model": "xeon e5 2637 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y75"
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3958"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6102e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4302y"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3805"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3825"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3770d"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2558"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3337u"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3508"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4100"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2850_v2"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8153"
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5118"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2910"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3405"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2657m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5250u"
      },
      {
        "_id": null,
        "model": "xeon e3 1286l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5115"
      },
      {
        "_id": null,
        "model": "xeon e3 12201 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1280",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590t"
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2643",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "880"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3820qm"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2520m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4830_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650u"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5640"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4005"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3826"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2367m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3740qm"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2808"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5647"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4980hq"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j3710"
      },
      {
        "_id": null,
        "model": "xeon e3 1240l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2715qe"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4020y"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3460"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2130"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3670"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 2430l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2718"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2610ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "390m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2667_v3"
      },
      {
        "_id": null,
        "model": "xeon e5 2448l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4025u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6360u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7920hq"
      },
      {
        "_id": null,
        "model": "xeon e5 2407",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870hq"
      },
      {
        "_id": null,
        "model": "xeon e3 1275",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v2"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v3"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "930"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2655le"
      },
      {
        "_id": null,
        "model": "xeon e3 1268l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2807"
      },
      {
        "_id": null,
        "model": "xeon e3 1501m v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y31"
      },
      {
        "_id": null,
        "model": "xeon e5 2618l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8550u"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2603 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150t"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5506"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920xm"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3630qm"
      },
      {
        "_id": null,
        "model": "xeon e5 2450l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670k"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2840"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7542"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620m"
      },
      {
        "_id": null,
        "model": "xeon e3 1225 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8160t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2410m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400t"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3130"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3339y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2620m"
      },
      {
        "_id": null,
        "model": "xeon e3 1276 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1558l_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1505m v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4108"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2516"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "950"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2960xm"
      },
      {
        "_id": null,
        "model": "xeon e5 2650l",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "840qm"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699r_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4500u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4400e"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6152"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300t"
      },
      {
        "_id": null,
        "model": "atom e",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e3815"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2698_v4"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2920"
      },
      {
        "_id": null,
        "model": "xeon e5 1620",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6685r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770s"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2815"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230f"
      },
      {
        "_id": null,
        "model": "xeon e3 1220l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "970"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3225"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v3"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "875k"
      },
      {
        "_id": null,
        "model": "xeon e3 1235l v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350h"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1578l_v5"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3840qm"
      },
      {
        "_id": null,
        "model": "xeon e3 1226 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1535m_v6"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4308u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2920xm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3338"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712mq"
      },
      {
        "_id": null,
        "model": "xeon e5 1428l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3230m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2720qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3227u"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740d"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2687w"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v4"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2930"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "ec5539"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5157u"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8164"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658a_v3"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2603",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2380p"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5528"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700mq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5606"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640lm"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138t"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4116"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y57"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "820qm"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x3450"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600k"
      },
      {
        "_id": null,
        "model": "xeon e3 1285 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2730"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5300u"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l3426"
      },
      {
        "_id": null,
        "model": "xeon e3 12201",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2660_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2418l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3475s"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340te"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2637m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3750"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120m"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1750"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "580m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5540"
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6136"
      },
      {
        "_id": null,
        "model": "xeon e5 2450",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699a_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2403",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4785t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2375m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860hq"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3200rk"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770te"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1585_v5"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735g"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "670"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "960"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6128"
      },
      {
        "_id": null,
        "model": "xeon e5 2403 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440eq"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2700k"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3230rk"
      },
      {
        "_id": null,
        "model": "xeon e3 1501l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2440",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7540"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v2"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2649m"
      },
      {
        "_id": null,
        "model": "pentium j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j4205"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2580"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6402p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8830"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7295"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5660"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4950hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660um"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3558"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520m"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e7520"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402e"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3950"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2617m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697a_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870_v2"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870"
      },
      {
        "_id": null,
        "model": "xeon e3 1245 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3667u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v3"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2806"
      },
      {
        "_id": null,
        "model": "xeon e5 1630 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775r"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3736f"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2557m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4667_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4578u"
      },
      {
        "_id": null,
        "model": "xeon e5 2470",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v3"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6144"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3050"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2316"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "350m"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4640_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030u"
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5645"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6148"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5590"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4910mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6287u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100u"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e-1105c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8893_v3"
      },
      {
        "_id": null,
        "model": "cortex-a",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "arm",
        "version": "75"
      },
      {
        "_id": null,
        "model": "xeon e3 1258l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6130t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4202y"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4620_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100h"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4669_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2320"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3740"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100e"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3858"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610m"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2508"
      },
      {
        "_id": null,
        "model": "xeon e3 1235",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1125c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650l"
      },
      {
        "_id": null,
        "model": "xeon e3 1270 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3520m"
      },
      {
        "_id": null,
        "model": "xeon e5 2640 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7660u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4410e"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5638"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1575m_v5"
      },
      {
        "_id": null,
        "model": "xeon e3 1220 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8890_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750"
      },
      {
        "_id": null,
        "model": "xeon e5 2609 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3060"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670qm"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8860"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "370m"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2810"
      },
      {
        "_id": null,
        "model": "celeron j",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "j1900"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2430m"
      },
      {
        "_id": null,
        "model": "xeon e5 1620 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2630l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210f"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6132"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5630"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6126t"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2890_v2"
      },
      {
        "_id": null,
        "model": "xeon e5 1660 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n4200"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2699_v4"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5607"
      },
      {
        "_id": null,
        "model": "xeon e3 1240 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4012y"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y70"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8891_v3"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4771"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520e"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3520"
      },
      {
        "_id": null,
        "model": "xeon e5 2420 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e6540"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "lc5518"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850_v2"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5650u"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620um"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5620"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "480m"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3775d"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620lm"
      },
      {
        "_id": null,
        "model": "xeon e3 1246 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1265l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4278u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3130m"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7230"
      },
      {
        "_id": null,
        "model": "xeon e3 1275l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5119t"
      },
      {
        "_id": null,
        "model": "xeon e5 2623 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4809_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2125"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2805"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4657l_v2"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y30"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517ue"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5570"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5520"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2690_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3320m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3245"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z2420"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2510e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3632qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710hq"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6150"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880l_v3"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8850"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3687u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5015u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6267u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300u"
      },
      {
        "_id": null,
        "model": "xeon e3 1275 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1285l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8867_v4"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4765t"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3830"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670t"
      },
      {
        "_id": null,
        "model": "xeon e5 1660",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2428l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340s"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w3680"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5287u"
      },
      {
        "_id": null,
        "model": "xeon e5 2630",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8880_v3"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7290f"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2635qm"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670r"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v4"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2695_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2440 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5603"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "655k"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850_v2"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450p"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4102e"
      },
      {
        "_id": null,
        "model": "xeon e3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "1505m_v6"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4810mq"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7250f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8400"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5609"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210h"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3708"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6442eq"
      },
      {
        "_id": null,
        "model": "xeon e3 1290 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2648l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 1680 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1125c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8170m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4820_v4"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3439y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2365m"
      },
      {
        "_id": null,
        "model": "xeon e3 1231 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8156"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6098p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790k"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5504"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6138"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3110m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4288u"
      },
      {
        "_id": null,
        "model": "xeon platinum",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8176"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4900mq"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "l5630"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2537m"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2830"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3555le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350u"
      },
      {
        "_id": null,
        "model": "xeon e3 1505l v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5020u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "661"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2677m"
      },
      {
        "_id": null,
        "model": "xeon e5 2628l v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700hq"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8870"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3510"
      },
      {
        "_id": null,
        "model": "atom c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c2338"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8894_v4"
      },
      {
        "_id": null,
        "model": "xeon e3 1230 v5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4258u"
      },
      {
        "_id": null,
        "model": "xeon e5 2609",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5 2650 v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2870"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "e5507"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n2820"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100t"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2680"
      },
      {
        "_id": null,
        "model": "xeon e5 2640",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5010u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010u"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4617"
      },
      {
        "_id": null,
        "model": "xeon e3 1280 v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1270",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2377m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2115c"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2710qe"
      },
      {
        "_id": null,
        "model": "pentium n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3540"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700hq"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610_v3"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "w5580"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4120u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2350m"
      },
      {
        "_id": null,
        "model": "xeon e3 1105c v2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6140"
      },
      {
        "_id": null,
        "model": "xeon phi",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7210"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4220y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500te"
      },
      {
        "_id": null,
        "model": "xeon silver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4114t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770k"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x7560"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6350hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430s"
      },
      {
        "_id": null,
        "model": "xeon e3 1286 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3450"
      },
      {
        "_id": null,
        "model": "xeon bronze 3104",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e3 1290",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2658_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4660_v4"
      },
      {
        "_id": null,
        "model": "xeon e7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2880_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2697_v2"
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4627_v3"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6320"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5005u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680um"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3795"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "450m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702hq"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10a"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "x5687"
      },
      {
        "_id": null,
        "model": "xeon e3 1240",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xeon e5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2683_v4"
      },
      {
        "_id": null,
        "model": "xeon e5 2620 v3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330e"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y54"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2328m"
      },
      {
        "_id": null,
        "model": "xeon gold",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6142m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2105"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3150"
      },
      {
        "_id": null,
        "model": "celeron n",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "n3000"
      },
      {
        "_id": null,
        "model": "xeon e5 2608l v4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770"
      },
      {
        "_id": null,
        "model": "atom z",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "z3735f"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440hq"
      },
      {
        "_id": null,
        "model": "atom x3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "c3265rk"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3537u"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "amd",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "arm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dell emc",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fortinet",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "qualcomm incorporated",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "red hat",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "suse linux",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ubuntu",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "hat enterprise linux desktop",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6"
      },
      {
        "_id": null,
        "model": "windows server r2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "2008"
      },
      {
        "_id": null,
        "model": "windows for 32-bit systems sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "hat enterprise linux",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6"
      },
      {
        "_id": null,
        "model": "hat enterprise linux workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6"
      },
      {
        "_id": null,
        "model": "windows windows server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "2012"
      },
      {
        "_id": null,
        "model": "windows",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "v8"
      },
      {
        "_id": null,
        "model": "windows server r2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "2012"
      },
      {
        "_id": null,
        "model": "edge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "0"
      },
      {
        "_id": null,
        "model": "internet explorer",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "11"
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "2016"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "8.10"
      },
      {
        "_id": null,
        "model": "windows for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "8.10"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "1015110"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "1015110"
      },
      {
        "_id": null,
        "model": "windows for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "10"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "10"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101511"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101511"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101607"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101607"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101703"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "101703"
      },
      {
        "_id": null,
        "model": "hat enterprise linux workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7"
      },
      {
        "_id": null,
        "model": "hat enterprise linux desktop",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "5.5"
      },
      {
        "_id": null,
        "model": "tvos",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "apple",
        "version": "11.2"
      },
      {
        "_id": null,
        "model": "ios",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "apple",
        "version": "11.2"
      },
      {
        "_id": null,
        "model": "xeon cpu e5-1650",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "v3"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.5.7"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.5.5"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.5.3"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.0"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5.8"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5.6"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5.4"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5.2"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.1.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.0.2"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.0.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5.5"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.5"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.0"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "6.5"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server tus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7.4"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server tus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server tus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6.6"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server aus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7.4"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server aus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server aus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "7.3"
      },
      {
        "_id": null,
        "model": "hat enterprise linux server aus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "red",
        "version": "6.6"
      },
      {
        "_id": null,
        "model": "macos",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.13.2"
      },
      {
        "_id": null,
        "model": "cloud services platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "vbond orchestrator",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": "vedge cloud",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": "vedge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5000"
      },
      {
        "_id": null,
        "model": "vedge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2000"
      },
      {
        "_id": null,
        "model": "vedge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "100"
      },
      {
        "_id": null,
        "model": "vedge",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1000"
      },
      {
        "_id": null,
        "model": "pixel xl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "_id": null,
        "model": "pixel c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "_id": null,
        "model": "pixel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "_id": null,
        "model": "nexus player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      },
      {
        "_id": null,
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "9"
      },
      {
        "_id": null,
        "model": "nexus 6p",
        "scope": null,
        "trust": 0.3,
        "vendor": "google",
        "version": null
      },
      {
        "_id": null,
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "6"
      },
      {
        "_id": null,
        "model": "nexus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "5x"
      },
      {
        "_id": null,
        "model": "android",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "BID",
        "id": "106128"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "The vendor reported these issues.",
    "sources": [
      {
        "db": "BID",
        "id": "106128"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-5754",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2017-5754",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CNVD-2018-00303",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-113957",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "id": "CVE-2017-5754",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5754",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-00303",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-113957",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Two vulnerabilities are identified, known as \"Variant 3a\" and \"Variant 4\". CPUhardware is a set of firmware that runs in the CPU (Central Processing Unit) for managing and controlling the CPU. The Spectre vulnerability exists in the CPU processor core. Because Intel does not separate low-privileged applications from accessing kernel memory, an attacker can use a malicious application to obtain private data that should be quarantined. Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. \nAn attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. \nThese issues are being tracked by Android Bug IDs A-78135902, A-66913713, A-67712316, A-79419833, A-109678200, A-78283451, A-78285196, A-78284194, A-78284753, A-78284517, A-78240177, A-78239686, A-78284545, A-109660689, A-78240324, A-68141338, A-78286046, A-73539037, A-73539235, A-71501115, A-33757308, A-74236942, A-77485184, A-77484529, A-33385206, A-79419639, A-79420511, A-109678338, and A-112279564. Intel and ARM CPU chips have an information disclosure vulnerability, which originates from a flaw in the processor data boundary mechanism. The following products and versions are affected: ARM Cortex-A75; Intel Xeon E5-1650 v3, v2, v4; Xeon E3-1265l v2, v3, v4; Xeon E3-1245 v2, v3, v5, v6; Xeon X7542 wait. Relevant releases/architectures:\n\nImage Updates for RHV-H - noarch\n\n3. These\npackages include redhat-release-virtualization-host, ovirt-node, and\nrhev-hypervisor. RHVH features a Cockpit user interface for\nmonitoring the host\u0027s resources and performing administrative tasks. ==========================================================================\nUbuntu Security Notice USN-3522-4\nJanuary 10, 2018\n\nlinux-lts-xenial regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n\nSummary:\n\nUSN-3522-2 introduced a regression in the Linux Hardware Enablement kernel. \nUnfortunately, that update introduced a regression where a few systems\nfailed to boot successfully. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n  linux-image-4.4.0-109-generic   4.4.0-109.132~14.04.1\n  linux-image-4.4.0-109-lowlatency  4.4.0-109.132~14.04.1\n  linux-image-generic-lts-xenial  4.4.0.109.92\n  linux-image-lowlatency-lts-xenial  4.4.0.109.92\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nThis specific attack has been named Meltdown and is addressed in the Linux\nkernel for the Intel x86-64 architecture by a patch set named Kernel Page Table\nIsolation, enforcing a near complete separation of the kernel and userspace\naddress maps and preventing the attack. This solution might have a performance\nimpact, and can be disabled at boot time by passing `pti=off\u0027 to the kernel\ncommand line. \n\nWe also identified a regression for ancient userspaces using the vsyscall\ninterface, for example chroot and containers using (e)glibc 2.13 and older,\nincluding those based on Debian 7 or RHEL/CentOS 6. \n\nThe other vulnerabilities (named Spectre) published at the same time are not\naddressed in this update and will be fixed in a later update. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 4.9.65-3+deb9u2. \n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlpOqZMACgkQ3rYcyPpX\nRFuTTQf/btBqg9/I3XlnJFyGAmd4eQolTcU5cfDJqNhD4TZoyMocghvw1kYtu7z9\nbYVhwCRukJym8O8AXJOxvlcsP7g0ANXqVDHpzCN8byKYgzigVP9brfOu/zDa4uYY\nEYf8V3pc2QzNo5OV4G+sK5ZklkDnNIde+OxUfU0Otl9fUG2rS5JTFvaRgvGazlbb\ncN5wltoHD6DBeSRnfadwYPHQR5U+KAJNImh34Y6T73i7n5dGTnNhs6E7n0wlJL9O\nSQLwoqQeiDpcE7C4TZ1pb4AbFCZXaic+1ONbWy8D7erKNA7kV1U2LQDmPDw9kmua\nLc5heEX026Xfdy83v6NAPwR+NU8stg==\n=GGyG\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: hpesbhf03805en_us\nVersion: 4\n\nHPESBHF03805 rev.4 - Certain HPE products using Microprocessors from Intel,\nAMD, and ARM, with Speculative Execution, Elevation of Privilege and\nInformation Disclosure. \n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2018-01-10\nLast Updated: 2018-01-09\n\nPotential Security Impact: Local: Disclosure of Information, Elevation of\nPrivilege\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nOn January 3 2018, side-channel security vulnerabilities involving\nspeculative execution were publicly disclosed. These vulnerabilities may\nimpact the listed HPE products, potentially leading to information disclosure\nand elevation of privilege. Mitigation and resolution of these\nvulnerabilities may call for both an operating system update, provided by the\nOS vendor, and a system ROM update from HPE. \n\n\n**Note:**\n\n  * This issue takes advantage of techniques commonly used in many modern\nprocessor architectures.  \n  * For further information, microprocessor vendors have provided security\nadvisories:\n  \n    - Intel:\n\u003chttps://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu\ngeid=en-fr\u003e\n    - AMD: \u003chttp://www.amd.com/en/corporate/speculative-execution\u003e\n    - ARM: \u003chttps://developer.arm.com/support/security-update\u003e\n\nReferences:\n\n  - PSRT110634\n  - PSRT110633\n  - PSRT110632\n  - CVE-2017-5715 - aka Spectre, branch target injection\n  - CVE-2017-5753 - aka Spectre,  bounds check bypass\n  - CVE-2017-5754 - aka  Meltdown,  rogue data cache load, memory access\npermission check performed after kernel memory read\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HPE ProLiant DL380 Gen10 Server prior to v1.28\n  - HPE ProLiant DL180 Gen10 Server prior to v1.28\n  - HPE ProLiant DL160 Gen10 Server prior to v1.28\n  - HPE ProLiant DL360 Gen10 Server prior to v1.28\n  - HPE ProLiant ML110 Gen10 Server prior to v1.28\n  - HPE ProLiant DL580 Gen10 Server prior to v1.28\n  - HPE ProLiant DL560 Gen10 Server prior to v1.28\n  - HPE ProLiant DL120 Gen10 Server prior to v1.28\n  - HPE ProLiant ML350 Gen10 Server prior to v1.28\n  - HPE ProLiant XL450 Gen10 Server prior to v1.28\n  - HPE ProLiant XL170r Gen10 Server prior to v1.28\n  - HPE ProLiant BL460c Gen10 Server Blade prior to v1.28\n  - HPE ProLiant XL230a Gen9 Server prior to v2.54\n  - HPE ProLiant XL230k Gen10 Server prior to v1.28\n  - HPE ProLiant XL730f Gen9 Server prior to v2.54\n  - HPE ProLiant XL740f Gen9 Server prior to v2.54\n  - HPE ProLiant XL750f Gen9 Server prior to v2.54\n  - HPE ProLiant XL170r Gen9 Server prior to v2.54\n  - HP ProLiant DL60 Gen9 Server prior to v2.54\n  - HPE ProLiant XL450 Gen9 Server prior to v2.54\n  - HP ProLiant DL160 Gen9 Server prior to v2.54\n  - HPE Apollo 4200 Gen9 Server prior to v2.54\n  - HP ProLiant BL460c Gen9 Server Blade prior to v2.54\n  - HP ProLiant ML110 Gen9 Server prior to v2.54\n  - HP ProLiant ML150 Gen9 Server prior to v2.54 \n  - HPE ProLiant ML350 Gen9 Server prior to v2.54\n  - HP ProLiant DL380 Gen9 Server prior to v2.54\n  - HP ProLiant DL120 Gen9 Server prior to v2.54\n  - HPE ProLiant DL560 Gen9 Server prior to v2.54\n  - HPE ProLiant XL270d Gen9 Special Server prior to v2.54\n  - HP ProLiant BL660c Gen9 Server prior to v2.54\n  - HPE ProLiant m710x Server Cartridge prior to v1.60\n  - HPE ProLiant DL20 Gen9 Server prior to v2.52\n  - HPE ProLiant DL385 Gen10 Server prior to v1.04\n  - HPE Synergy 660 Gen9 Compute Module prior to v2.54\n  - HPE Synergy 480 Gen10 Compute Module prior to v1.28\n  - HPE Synergy 480 Gen9 Compute Module prior to v2.54\n  - HPE ProLiant ML30 Gen9 Server prior to v2.52\n  - HPE ProLiant XL190r Gen10 Server prior to v1.28\n  - HPE ProLiant XL250a Gen9 Server prior to v2.54\n  - HPE ProLiant XL190r Gen9 Server prior to v2.54\n  - HP ProLiant DL80 Gen9 Server prior to v2.54\n  - HPE ProLiant DL180 Gen9 Server prior to v2.54\n  - HPE ProLiant XL270d Gen9 Accelerator Tray 2U Configure-to-order Server\nprior to v2.54\n  - HPE ProLiant WS460c Gen9 Workstation prior to v2.54\n  - HPE ProLiant DL580 Gen9 Special Server prior to v2.54\n  - HPE Synergy 680 Gen9 Compute Modules prior to v2.54\n  - HPE ProLiant XL260a Gen9 Server prior to 1/22/2018\n  - HPE ProLiant m510 Server Cartridge prior to 1/22/2018\n  - HPE ProLiant m710p Server Cartridge prior to 12/12/2017\n  - HP ProLiant m350 Server Cartridge prior to 12/12/2017\n  - HP ProLiant m300 Server Cartridge prior to 12/12/2017\n  - HP ProLiant ML350e Gen8 Server prior to 12/12/2017\n  - HPE ProLiant ML350e Gen8 v2 Server prior to 12/12/2017\n  - HP ProLiant BL460c Gen8 Server prior to 12/12/2017\n  - HP ProLiant BL660c Gen8 Server prior to 12/12/2017\n  - HPE ProLiant SL4540 Gen8 1 Node Server prior to 12/12/2017\n  - HP ProLiant DL380e Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL360e Gen8 Server prior to 12/12/2017\n  - HP ProLiant ML350p Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL360p Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL380p Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL320e Gen8 Server prior to 12/12/2017\n  - HPE ProLiant DL320e Gen8 v2 Server prior to 12/12/2017\n  - HP ProLiant ML310e Gen8 Server prior to 12/12/2017\n  - HPE ProLiant ML310e Gen8 v2 Server prior to 12/12/2017\n  - HP ProLiant DL160 Gen8 Server prior to 12/12/2017\n  - HP ProLiant SL270s Gen8 Server prior to 12/12/2017\n  - HP ProLiant SL250s Gen8 Server prior to 12/12/2017\n  - HP ProLiant SL230s Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL560 Gen8 Server prior to 12/12/2017\n  - HPE ProLiant SL210t Gen8 Server prior to 12/12/2017\n  - HP ProLiant DL580 Gen8 Server prior to 12/12/2017 (v1.98)\n  - HP ProLiant ML10 Server prior to 12/12/2017\n  - HP ProLiant m710 Server Cartridge prior to 12/12/2017 (v1.60)\n  - HPE Synergy Composer prior to 12/12/2017\n  - HPE Integrity Superdome X with BL920s Blades prior to 8.8.6\n  - HPE Superdome Flex Server prior to 2.3.110\n  - HP ProLiant DL360 Gen9 Server prior to v2.54\n  - HPE Synergy 620 Gen9 Compute Module prior to v2.54\n  - HPE ProLiant Thin Micro TM200 Server prior to 1/16/2017\n  - HPE ProLiant ML350 Gen10 Server prior to v1.28\n  - HP ProLiant BL420c Gen8 Server prior to 12/12/2017\n  - HPE ProLiant ML10 v2 Server prior to 12/12/2017\n  - HPE ProLiant MicroServer Gen8 prior to 12/12/2017\n  - HPE Synergy 660 Gen10 Compute Module prior to v1.28\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2017-5715\n      8.2 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N\n      6.8 (AV:A/AC:L/Au:N/C:C/I:P/A:N)\n\n    CVE-2017-5753\n      5.0 CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\n      5.4 (AV:A/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2017-5754\n      7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\n      7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has made the following system ROM updates which include an updated\nmicrocode to resolve the vulnerability:\n\n  * HPE has provided a customer bulletin\n\u003chttps://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us\u003e\nwith specific instructions to obtain the udpated sytem ROM\n  \n  - Note:\n   \n    + CVE-2017-5715 requires that the System ROM be updated and a vendor\nsupplied operating system update be applied as well. \n    + For CVE-2017-5753, CVE-2017-5754 require only updates of a vendor\nsupplied operating system. \n    + HPE will continue to add additional products to the list. Not all\nlisted products have updated system ROMs yet. Impacted products awaiting\nsystem ROM updates are marked TBS (to be supplied). \n\nHISTORY\n\nVersion:1 (rev.1) - 4 January 2018 Initial release\n\nVersion:2 (rev.2) - 5 January 2018 Added additional impacted products\n\nVersion:3 (rev.3) - 10 January 2018 Added  more impacted products\n\nVersion:4 (rev.4) - 9 January 2018 Fixed product ID\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n=============================================================================\nFreeBSD-SA-18:03.speculative_execution                      Security Advisory\n                                                          The FreeBSD Project\n\nTopic:          Speculative Execution Vulnerabilities\n\nCategory:       core\nModule:         kernel\nAnnounced:      2018-03-14\nCredits:        Jann Horn (Google Project Zero); Werner Haas, Thomas\n                Prescher (Cyberus Technology); Daniel Gruss, Moritz Lipp,\n                Stefan Mangard, Michael Schwarz (Graz University of\n                Technology); Paul Kocher; Daniel Genkin (University of\n                Pennsylvania and University of Maryland), Mike Hamburg\n                (Rambus); Yuval Yarom (University of Adelaide and Data6)\nAffects:        All supported versions of FreeBSD. \nCorrected:      2018-02-17 18:00:01 UTC (stable/11, 11.1-STABLE)\n                2018-03-14 04:00:00 UTC (releng/11.1, 11.1-RELEASE-p8)\nCVE Name:       CVE-2017-5715, CVE-2017-5754\n\nSpecial Note:\tSpeculative execution vulnerability mitigation is a work\n                in progress.  This advisory addresses the most significant\n                issues for FreeBSD 11.1 on amd64 CPUs.  We expect to update\n                this advisory to include 10.x for amd64 CPUs.  Future FreeBSD\n                releases will address this issue on i386 and other CPUs. \n                freebsd-update will include changes on i386 as part of this\n                update due to common code changes shared between amd64 and\n                i386, however it contains no functional changes for i386 (in\n                particular, it does not mitigate the issue on i386). \n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e. \n\nI. \n\nII.  Problem Description\n\nA number of issues relating to speculative execution were found last year\nand publicly announced January 3rd.  Two of these, known as Meltdown and\nSpectre V2, are addressed here. \n\nCVE-2017-5754 (Meltdown)\n- ------------------------\n\nThis issue relies on an affected CPU speculatively executing instructions\nbeyond a faulting instruction.  When this happens, changes to architectural\nstate are not committed, but observable changes may be left in micro-\narchitectural state (for example, cache).  This may be used to infer\nprivileged data. \n\nCVE-2017-5715 (Spectre V2)\n- --------------------------\n\nSpectre V2 uses branch target injection to speculatively execute kernel code\nat an address under the control of an attacker. \n\nIII.  Impact\n\nAn attacker may be able to read secret data from the kernel or from a\nprocess when executing untrusted code (for example, in a web browser). \n\nIV.  Workaround\n\nNo workaround is available. \n\nV.   Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date,\nand reboot. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility, followed\nby a reboot into the new kernel:\n\n# freebsd-update fetch\n# freebsd-update install\n# shutdown -r now\n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.1]\n# fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch\n# fetch https://security.FreeBSD.org/patches/SA-18:03/speculative_execution-amd64-11.patch.asc\n# gpg --verify speculative_execution-amd64-11.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:https://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI.  Correction details\n\nCVE-2017-5754 (Meltdown)\n- ------------------------\n\nThe mitigation is known as Page Table Isolation (PTI).  PTI largely separates\nkernel and user mode page tables, so that even during speculative execution\nmost of the kernel\u0027s data is unmapped and not accessible. \n\nA demonstration of the Meltdown vulnerability is available at\nhttps://github.com/dag-erling/meltdown.  A positive result is definitive\n(that is, the vulnerability exists with certainty).  A negative result\nindicates either that the CPU is not affected, or that the test is not\ncapable of demonstrating the issue on the CPU (and may need to be modified). \n\nA patched kernel will automatically enable PTI on Intel CPUs.  The status can\nbe checked via the vm.pmap.pti sysctl:\n\n# sysctl vm.pmap.pti\nvm.pmap.pti: 1\n\nThe default setting can be overridden by setting the loader tunable\nvm.pmap.pti to 1 or 0 in /boot/loader.conf.  This setting takes effect only\nat boot. \n\nPTI introduces a performance regression.  The observed performance loss is\nsignificant in microbenchmarks of system call overhead, but is much smaller\nfor many real workloads. \n\nCVE-2017-5715 (Spectre V2)\n- --------------------------\n\nThere are two common mitigations for Spectre V2.  This patch includes a\nmitigation using Indirect Branch Restricted Speculation, a feature available\nvia a microcode update from processor manufacturers.  The alternate\nmitigation, Retpoline, is a feature available in newer compilers.  The\nfeasibility of applying Retpoline to stable branches and/or releases is under\ninvestigation. \n\nThe patch includes the IBRS mitigation for Spectre V2.  To use the mitigation\nthe system must have an updated microcode; with older microcode a patched\nkernel will function without the mitigation. \n\nIBRS can be disabled via the hw.ibrs_disable sysctl (and tunable), and the\nstatus can be checked via the hw.ibrs_active sysctl.  IBRS may be enabled or\ndisabled at runtime.  Additional detail on microcode updates will follow. \n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r329462\nreleng/11.1/                                                      r330908\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII.  References\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715\u003e\n\n\u003cURL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754\u003e\n\nThe latest revision of this advisory is available at\n\u003cURL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc\u003e\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqon0RfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD\nMEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n\n5cKORw/+Lc5lxLhDgU1rQ0JF6sb2b80Ly5k+rJLXFWBvmEQt0uVyVkF4TMJ99M04\nbcmrLbT4Pl0Csh/iEYvZQ4el12KvPDApHszsLTBgChD+KfCLvCZvBZzasgDWGD0E\nJhL4eIX0wjJ4oGGsT+TAqkmwXyAMJgWW/ZgZPFVXocylZTL3fV4g52VdG1Jnd2yu\nhnkViH2kVlVJqXX9AHlenIUfEmUiRUGrMh5oPPpFYDDmfJ+enZ8QLxfZtOKIliD7\nu+2GP8V/bvaErkxqF5wwobybrBOMXpq9Y/fWw0EH/om7myevj/oORqK+ZmGZ17bl\nIRbdWxgjc1hN2TIMVn9q9xX6i0I0wSPwbpLYagKnSnE8WNVUTZUteaj1GKGTG1rj\nDFH2zOLlbRr/IXUFldM9b6VbZX6G5Ijxwy1DJzB/0KL5ZTbAReUR0pqHR7xpulbJ\neDv8SKCwYiUpMuwPOXNdVlVLZSsH5/9A0cyjH3+E+eIhM8qyxw7iRFwA0DxnGVkr\ntkMo51Vl3Gl7JFFimGKljsE9mBh00m8B0WYJwknvfhdehO4WripcwI7/V5zL6cwj\ns018kaW4Xm77LOz6P1iN8nbcjZ9gN2AsPYUYYZqJxjCcZ7r489Hg9BhbDf0QtC0R\ngnwZWiZ/KuAy0C6vaHljsm0xPEM5nBz/yScFXDbuhEdmEgBBD6w=\n=fqrI\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security update\nAdvisory ID:       RHSA-2018:0018-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2018:0018\nIssue date:        2018-01-04\n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.4\nAdvanced Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a commonly\nused performance optimization). There are three primary variants of the\nissue which differ in the way the speculative execution can be exploited. \n\nNote: This issue is present in hardware and cannot be fully fixed via\nsoftware update. The updated kernel packages provide software mitigation\nfor this hardware issue at a cost of potential performance penalty. Please\nrefer to References section for further information about this issue and\nthe performance impact. \n\nIn this update mitigations for x86-64 architecture are provided. \n\nVariant CVE-2017-5753 triggers the speculative execution by performing a\nbounds-check bypass. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nboundary and read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2017-5753, Important)\n\nVariant CVE-2017-5715 triggers the speculative execution by utilizing\nbranch target injection. It relies on the presence of a precisely-defined\ninstruction sequence in the privileged code as well as the fact that memory\naccesses may cause allocation into the microprocessor\u0027s data cache even for\nspeculatively executed instructions that never actually commit (retire). As\na result, an unprivileged attacker could use this flaw to cross the syscall\nand guest/host boundaries and read privileged memory by conducting targeted\ncache side-channel attacks. (CVE-2017-5715, Important)\n\nVariant CVE-2017-5754 relies on the fact that, on impacted microprocessors,\nduring speculative execution of instruction permission faults, exception\ngeneration triggered by a faulting access is suppressed until the\nretirement of the whole instruction block. In a combination with the fact\nthat memory accesses may populate the cache even when the block is being\ndropped and never committed (executed), an unprivileged local attacker\ncould use this flaw to read privileged (kernel space) memory by conducting\ntargeted cache side-channel attacks. (CVE-2017-5754, Important)\n\nNote: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64\nmicroprocessors are not affected by this issue. \n\nRed Hat would like to thank Google Project Zero for reporting these issues. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. Bugs fixed (https://bugzilla.redhat.com/):\n\n1519778 - CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass\n1519780 - CVE-2017-5715 hw: cpu: speculative execution branch target injection\n1519781 - CVE-2017-5754 hw: cpu: speculative execution permission faults handling\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 6.4):\n\nSource:\nkernel-2.6.32-358.84.2.el6.src.rpm\n\nnoarch:\nkernel-doc-2.6.32-358.84.2.el6.noarch.rpm\nkernel-firmware-2.6.32-358.84.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-devel-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-headers-2.6.32-358.84.2.el6.x86_64.rpm\nperf-2.6.32-358.84.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 6.4):\n\nSource:\nkernel-2.6.32-358.84.2.el6.src.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-358.84.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-2.6.32-358.84.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-358.84.2.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://access.redhat.com/security/cve/CVE-2017-5753\nhttps://access.redhat.com/security/cve/CVE-2017-5715\nhttps://access.redhat.com/security/cve/CVE-2017-5754\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. The vulnerability could be exploited to Local Disclosure of\nInformation. \n\nReferences:\n\n  - CVE-2017-5753\n  - CVE-2017-5715\n  - CVE-2017-5754\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HP Virtualization Performance Viewer Software - v2.20, v3.0, v3.01,\nv3.02, v3.03\n  - HPE Cloud Optimizer - v2.20, v3.0, v3.01, v3.02, v3.03\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n\nRESOLUTION\n\nMicro Focus is actively working with its vendors to address any systems-level\nSpectre and Meltdown impacts.However, if you have immediate concerns or\nquestions regarding CentOS and its approach to Spectre or Meltdown, please\ncontact them directly. \n Please note that you will need to sign in using a Passport account. \n\n3P = 3rd Party Software\nGN = Micro Focus General Software\nMU = Multi-Platform Software\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. \nMicro Focus is continually reviewing and enhancing the security features of software products to provide \ncustomers with current secure solutions. \n\n\"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the \naffected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends \nthat all users determine the applicability of this information to their individual situations and take appropriate action. \nMicro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, \nMicro Focus will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in \nthis Security Bulletin. To the extent permitted by law, Micro Focus  disclaims  all warranties, either express or \nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\" \n\n\nCopyright 2017 EntIT Software LLC\n\nMicro Focus shall not be liable for technical or editorial errors or omissions contained herein",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "BID",
        "id": "106128"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      },
      {
        "db": "PACKETSTORM",
        "id": "145796"
      },
      {
        "db": "PACKETSTORM",
        "id": "145718"
      },
      {
        "db": "PACKETSTORM",
        "id": "145964"
      },
      {
        "db": "PACKETSTORM",
        "id": "145836"
      },
      {
        "db": "PACKETSTORM",
        "id": "145695"
      },
      {
        "db": "PACKETSTORM",
        "id": "145809"
      },
      {
        "db": "PACKETSTORM",
        "id": "146762"
      },
      {
        "db": "PACKETSTORM",
        "id": "145651"
      },
      {
        "db": "PACKETSTORM",
        "id": "145654"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      }
    ],
    "trust": 3.42
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-113957",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5754",
        "trust": 3.0
      },
      {
        "db": "CERT/CC",
        "id": "VU#584653",
        "trust": 1.9
      },
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "trust": 1.9
      },
      {
        "db": "BID",
        "id": "102378",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "106128",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1040071",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-608355",
        "trust": 1.1
      },
      {
        "db": "LENOVO",
        "id": "LEN-18282",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-003",
        "trust": 1.1
      },
      {
        "db": "CERT@VDE",
        "id": "VDE-2018-002",
        "trust": 1.1
      },
      {
        "db": "USCERT",
        "id": "TA18-141A",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "145836",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145796",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145695",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "145824",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145794",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145804",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146067",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145795",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145811",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145810",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201801-151",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145718",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145964",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145809",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "146762",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145651",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145654",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "147582",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      },
      {
        "db": "BID",
        "id": "106128"
      },
      {
        "db": "PACKETSTORM",
        "id": "145796"
      },
      {
        "db": "PACKETSTORM",
        "id": "145718"
      },
      {
        "db": "PACKETSTORM",
        "id": "145964"
      },
      {
        "db": "PACKETSTORM",
        "id": "145836"
      },
      {
        "db": "PACKETSTORM",
        "id": "145695"
      },
      {
        "db": "PACKETSTORM",
        "id": "145809"
      },
      {
        "db": "PACKETSTORM",
        "id": "146762"
      },
      {
        "db": "PACKETSTORM",
        "id": "145651"
      },
      {
        "db": "PACKETSTORM",
        "id": "145654"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      }
    ]
  },
  "id": "VAR-201801-1711",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      }
    ],
    "trust": 1.2838988233333333
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      }
    ]
  },
  "last_update_date": "2026-03-09T21:41:51.114000Z",
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 1.9,
        "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
      },
      {
        "trust": 1.9,
        "url": "http://www.kb.cert.org/vuls/id/584653"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/102378"
      },
      {
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html"
      },
      {
        "trust": 1.6,
        "url": "https://support.apple.com//ht208394"
      },
      {
        "trust": 1.6,
        "url": "http://www.dell.com/support/speculative-store-bypass"
      },
      {
        "trust": 1.4,
        "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/106128"
      },
      {
        "trust": 1.1,
        "url": "https://www.kb.cert.org/vuls/id/180049"
      },
      {
        "trust": 1.1,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180104-cpusidechannel"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
      },
      {
        "trust": 1.1,
        "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-001.txt"
      },
      {
        "trust": 1.1,
        "url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2019-003.txt"
      },
      {
        "trust": 1.1,
        "url": "http://xenbits.xen.org/xsa/advisory-254.html"
      },
      {
        "trust": 1.1,
        "url": "https://aws.amazon.com/de/security/security-bulletins/aws-2018-013/"
      },
      {
        "trust": 1.1,
        "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
      },
      {
        "trust": 1.1,
        "url": "https://cdrdv2.intel.com/v1/dl/getcontent/685358"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
      },
      {
        "trust": 1.1,
        "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
      },
      {
        "trust": 1.1,
        "url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
      },
      {
        "trust": 1.1,
        "url": "https://help.ecostruxureit.com/display/public/uadco8x/struxureware+data+center+operation+software+vulnerability+fixes"
      },
      {
        "trust": 1.1,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180002"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
      },
      {
        "trust": 1.1,
        "url": "https://source.android.com/security/bulletin/2018-04-01"
      },
      {
        "trust": 1.1,
        "url": "https://support.citrix.com/article/ctx231399"
      },
      {
        "trust": 1.1,
        "url": "https://support.citrix.com/article/ctx234679"
      },
      {
        "trust": 1.1,
        "url": "https://support.f5.com/csp/article/k91229003"
      },
      {
        "trust": 1.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
      },
      {
        "trust": 1.1,
        "url": "https://support.lenovo.com/us/en/solutions/len-18282"
      },
      {
        "trust": 1.1,
        "url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
      },
      {
        "trust": 1.1,
        "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
      },
      {
        "trust": 1.1,
        "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
      },
      {
        "trust": 1.1,
        "url": "https://www.synology.com/support/security/synology_sa_18_01"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4078"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4082"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4120"
      },
      {
        "trust": 1.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc"
      },
      {
        "trust": 1.1,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.1,
        "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
      },
      {
        "trust": 1.1,
        "url": "https://meltdownattack.com/"
      },
      {
        "trust": 1.1,
        "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0292"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1040071"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3522-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3522-3/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3522-4/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3523-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3523-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3524-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/usn/usn-3525-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3540-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3541-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3583-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3597-2/"
      },
      {
        "trust": 1.0,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 0.8,
        "url": "https://vuls.cert.org/confluence/display/wiki/vulnerabilities+associated+with+cpu+speculative+execution"
      },
      {
        "trust": 0.8,
        "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1528"
      },
      {
        "trust": 0.8,
        "url": "https://developer.amd.com/wp-content/resources/124441_amd64_speculativestorebypassdisable_whitepaper_final.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ncas/alerts/ta18-141a"
      },
      {
        "trust": 0.8,
        "url": "http://cwe.mitre.org/data/definitions/208.html"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/c5/63/336996-speculative-execution-side-channel-mitigations.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://software.intel.com/sites/default/files/managed/b9/f9/336983-intel-analysis-of-speculative-execution-side-channels-white-paper.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180521-cpusidechannel"
      },
      {
        "trust": 0.8,
        "url": "https://fortiguard.com/psirt/fg-ir-18-002"
      },
      {
        "trust": 0.8,
        "url": "https://support.hp.com/us-en/document/c06001626"
      },
      {
        "trust": 0.8,
        "url": "http://www.hitachi.com/hirt/publications/hirt-pub18001/"
      },
      {
        "trust": 0.8,
        "url": "https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/"
      },
      {
        "trust": 0.8,
        "url": "https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/vulnerabilities/ssbd"
      },
      {
        "trust": 0.8,
        "url": "https://www.suse.com/support/kb/doc/?id=7022937"
      },
      {
        "trust": 0.8,
        "url": "https://www.synology.com/en-global/support/security/synology_sa_18_23"
      },
      {
        "trust": 0.8,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/variant4"
      },
      {
        "trust": 0.8,
        "url": "https://kb.vmware.com/s/article/54951"
      },
      {
        "trust": 0.8,
        "url": "https://aws.amazon.com/security/security-bulletins/aws-2018-015/"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
      },
      {
        "trust": 0.6,
        "url": "https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
      },
      {
        "trust": 0.3,
        "url": "http://code.google.com/android/"
      },
      {
        "trust": 0.3,
        "url": "http://www.qualcomm.com/"
      },
      {
        "trust": 0.3,
        "url": "https://source.android.com/security/bulletin/2018-12-01.html"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2017-5753"
      },
      {
        "trust": 0.3,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2017-5754"
      },
      {
        "trust": 0.3,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2017-5715"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
      },
      {
        "trust": 0.2,
        "url": "https://support.hpe.com/hpsc/doc/public/display?docid=emr_na-a00039267en_us\u003e"
      },
      {
        "trust": 0.2,
        "url": "https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00088\u0026langu"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-hpesbhf03805en_us"
      },
      {
        "trust": 0.2,
        "url": "http://www.hpe.com/support/security_bulletin_archive"
      },
      {
        "trust": 0.2,
        "url": "https://www.hpe.com/info/report-security-vulnerability"
      },
      {
        "trust": 0.2,
        "url": "http://www.hpe.com/support/subscriber_choice"
      },
      {
        "trust": 0.2,
        "url": "https://developer.arm.com/support/security-update\u003e"
      },
      {
        "trust": 0.2,
        "url": "http://www.amd.com/en/corporate/speculative-execution\u003e"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03871en_us"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-139.188"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3524-1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0047"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/solutions/3307851"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1741934,"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-109.132~14.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3522-2"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3522-1"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3522-4"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/linux"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:03/speculative_execution-amd64-11.patch"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/\u003e."
      },
      {
        "trust": 0.1,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5715\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:03.speculative_execution.asc\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://www.freebsd.org/handbook/kernelconfig.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5754\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/dag-erling/meltdown."
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:03/speculative_execution-amd64-11.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0018"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:0020"
      },
      {
        "trust": 0.1,
        "url": "https://www.microfocus.com/support-and-services/report-security"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification"
      },
      {
        "trust": 0.1,
        "url": "https://cf.passport.softwaregrp.com/hppcf/createuser.do"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/security-vulnerability"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.hpe.com/document/-/facetsearch/document/km03158629"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303"
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957"
      },
      {
        "db": "BID",
        "id": "106128"
      },
      {
        "db": "PACKETSTORM",
        "id": "145796"
      },
      {
        "db": "PACKETSTORM",
        "id": "145718"
      },
      {
        "db": "PACKETSTORM",
        "id": "145964"
      },
      {
        "db": "PACKETSTORM",
        "id": "145836"
      },
      {
        "db": "PACKETSTORM",
        "id": "145695"
      },
      {
        "db": "PACKETSTORM",
        "id": "145809"
      },
      {
        "db": "PACKETSTORM",
        "id": "146762"
      },
      {
        "db": "PACKETSTORM",
        "id": "145651"
      },
      {
        "db": "PACKETSTORM",
        "id": "145654"
      },
      {
        "db": "PACKETSTORM",
        "id": "147582"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-00303",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-113957",
        "ident": null
      },
      {
        "db": "BID",
        "id": "106128",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145796",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145718",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145964",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145836",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145695",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145809",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "146762",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145651",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "145654",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "147582",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5754",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-05-21T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00303",
        "ident": null
      },
      {
        "date": "2018-01-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113957",
        "ident": null
      },
      {
        "date": "2018-12-03T00:00:00",
        "db": "BID",
        "id": "106128",
        "ident": null
      },
      {
        "date": "2018-01-10T00:58:28",
        "db": "PACKETSTORM",
        "id": "145796",
        "ident": null
      },
      {
        "date": "2018-01-06T18:01:06",
        "db": "PACKETSTORM",
        "id": "145718",
        "ident": null
      },
      {
        "date": "2018-01-18T20:41:22",
        "db": "PACKETSTORM",
        "id": "145964",
        "ident": null
      },
      {
        "date": "2018-01-11T03:36:00",
        "db": "PACKETSTORM",
        "id": "145836",
        "ident": null
      },
      {
        "date": "2018-01-05T15:21:55",
        "db": "PACKETSTORM",
        "id": "145695",
        "ident": null
      },
      {
        "date": "2018-01-11T02:31:24",
        "db": "PACKETSTORM",
        "id": "145809",
        "ident": null
      },
      {
        "date": "2018-03-14T14:01:12",
        "db": "PACKETSTORM",
        "id": "146762",
        "ident": null
      },
      {
        "date": "2018-01-04T17:50:36",
        "db": "PACKETSTORM",
        "id": "145651",
        "ident": null
      },
      {
        "date": "2018-01-04T17:51:10",
        "db": "PACKETSTORM",
        "id": "145654",
        "ident": null
      },
      {
        "date": "2018-05-10T23:27:00",
        "db": "PACKETSTORM",
        "id": "147582",
        "ident": null
      },
      {
        "date": "2018-01-04T13:29:00.303000",
        "db": "NVD",
        "id": "CVE-2017-5754",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-06-19T00:00:00",
        "db": "CERT/CC",
        "id": "VU#180049",
        "ident": null
      },
      {
        "date": "2018-01-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-00303",
        "ident": null
      },
      {
        "date": "2021-11-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-113957",
        "ident": null
      },
      {
        "date": "2018-12-03T00:00:00",
        "db": "BID",
        "id": "106128",
        "ident": null
      },
      {
        "date": "2024-11-21T03:28:19.677000",
        "db": "NVD",
        "id": "CVE-2017-5754",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "106128"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "_id": null,
    "data": "CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#180049"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "106128"
      }
    ],
    "trust": 0.3
  }
}

VAR-200009-0023

Vulnerability from variot - Updated: 2026-03-09 21:39

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs. As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. " Opera Software "and" Adobe Vulnerability information on " : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. An attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems Successful exploits will allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects the following products: Workstation Player ACE Server Fusion ESX ESXi NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141

Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.

Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.

Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.

End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.

End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.

Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.

  1. Problem Description

a. This file could be in any file format. 

VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.

Steps needed to remediate this vulnerability:

Guest systems on VMware Workstation, Player, ACE, Server, Fusion
 - Install the remediated version of Workstation, Player, ACE,
   Server and Fusion. 
 - Upgrade tools in the virtual machine (virtual machine users
   will be prompted to upgrade).

Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
 - Install the relevant patches (see below for patch identifiers)
 - Manually upgrade tools in the virtual machine (virtual machine
   users will not be prompted to upgrade).  Note the VI Client will
   not show the VMware tools is out of date in the summary tab. 
   Please see http://tinyurl.com/27mpjo page 80 for details.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.  On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.

Steps needed to remediate this vulnerability: See section 3.a.

VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.

Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.

c. Windows-based VMware Workstation and Player host privilege escalation

A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine.  On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.

VMware would like to thank Thierry Zoller for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.0       Windows  7.0.1 build 227600 or later
Workstation    7.0       Linux    not affected
Workstation    6.5.x     any      not affected

Player         3.0       Windows  3.0.1 build 227600 or later
Player         3.0       Linux    not affected
Player         2.5.x     any      not affected

Ace            any       any      not affected

Server         2.x       any      not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

d. Third party library update for libpng to version 1.2.37

The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications. 
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities

The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.

For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.

VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.

To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Movie Decoder  any       Windows  6.5.4 Build 246459 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  6.5.4 build 246459 or later
Workstation    6.5.x     Linux    not affected

Player         3.x       any      not affected
Player         2.5.x     Windows  2.5.4 build 246459 or later
Player         2.5.x     Linux    not affected

ACE            any       any      not affected

Server         2.x       Window   not being addressed at this time
Server         2.x       Linux    not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

f. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. Code execution would be at the privilege level of the user. 

VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.

Under the following two conditions your version of VMrc is likely
to be affected:

- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
  without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system

The following steps allow you to determine if you have an affected
version of VMrc installed:

- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
  system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
  VMrc is affected

Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):

- Uninstall affected versions of VMrc from the systems where the
  VMrc plug-in has been installed (use the Windows Add/Remove
  Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
  ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
  ESX400-200911223-UG using WebAccess on the system where the VMrc
  needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess.  The
  Console tab is selectable after selecting a virtual machine.

Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps. 
Users are advised to use the Internet Explorer VMrc plug-in.

VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.

g. Windows-based VMware authd remote denial of service

A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts.  The denial of service is limited
to a crash of authd.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Potential information leak via hosted networking stack

A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.

A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.

VMware would like to thank Johann MacDonagh for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability

A format string vulnerability in vmrun could allow arbitrary code
execution.

If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.

VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

VIX API        any       Windows  not affected
VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later
VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  not affected
Workstation    6.5.x     Linux    6.5.4 build 246459 or later

Player         3.x       any      not affected
Player         2.5.x     Windows  not affected
Player         2.5.x     Linux    2.5.4 build 246459 or later

Ace            any       Windows  not affected

Server         2.x       Windows  not affected
Server         2.x       Linux    not being fixed at this time

Fusion         3.x       Mac OS/X not affected
Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later

ESXi           any       any      not affected

ESX            any       any      not affected
  1. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Workstation Movie Decoder stand alone 6.5.4

http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29

VMware Workstation 7.0.1

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697

Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f

Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac

Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a

VMware Workstation 6.5.4

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b

Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a

Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5

Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8

VMware Player 3.0.1

http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html

Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf

Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a

Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df

VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9

VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6

VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d

VMware Player 2.5.4

http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html

Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5

Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d

Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7

Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72

Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22

VMware ACE 2.6.1

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html

VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5

ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798

ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f

ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d

VMware ACE 2.5.4

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html

VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3

ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110

ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134

ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe

VMware Server 2.0.2

http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html

VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b

VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22

For Linux

VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747

VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece

The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474

VMware Fusion 3.0.2

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html

VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3

VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01

VMware Fusion 2.0.7

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html

VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370

VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77

VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713

VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9

VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1

VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b

VIX API Version: 1.8.1 | 2009-10-11 | 207905

VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12

VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907

VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8

VIX API Version: 1.10 Beta | 01/28/10 | 222403

VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73

VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c

VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b

ESXi

ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404

ESXi 3.5

ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.

The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.

In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.

ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip

md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83

http://kb.vmware.com/kb/1015047 (Vi Client)

http://kb.vmware.com/kb/1016665 (VM Tools)

http://kb.vmware.com/kb/1017685 (Firmware)

The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.

ESX

ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403

Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG

ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842

Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG

ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657

ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030

ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html

  1. References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141

  2. Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

                National Cyber Alert System

          Technical Cyber Security Alert TA10-238A

Microsoft Windows Insecurely Loads Dynamic Libraries

Original release date: August 26, 2010 Last revised: -- Source: US-CERT

Systems Affected

 Any application running on the Microsoft Windows platform that
 uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information
 section of Vulnerability Note VU#707943 for information about
 specific vendors. DLLs are typically loaded

when the application is first started; however DLLs may be loaded and unloaded while the application is running. An application can request a DLL file in a variety of ways, and Windows uses several different search algorithms to find DLL files. The interaction between the application and Windows can result in a DLL file being loaded from the current working directory of the application, instead of the Windows system directory or the directory where the application is installed.

The current working directory could be the desktop, a removable storage device such as a USB key, a Windows file share, or a WebDAV location. When a file associated with an application is opened, a DLL in the same directory as the file may be loaded. Although an attacker may not have permission to write to the Windows system or application directories, the attacker may be able to write a DLL to a directory used to store files, or the attacker could provide their own directory.

Attacks against this type of vulnerability have been referred to as "binary planting." Please see Vulnerability Note VU#707943 and Microsoft Security Advisory 2269637 for more information.

II. Impact

By placing a DLL with the correct name (and possibly the relative directory path) in the current working directory, an attacker could execute arbitrary code with the privileges of the application that loads the DLL.

III. Solution

Individual applications that run on the Windows platform may require patches or updates. Microsoft Knowledge Base article KB2264107 describes an update that provides a registry key that can prevent Windows from searching the current working directory for DLL files.

Information about specific solutions for different vendors, general mitigation techniques, and secure ways for applications to load DLLs can be found in the Vendor Information and Solution sections of Vulnerability Note VU#707943.

IV. References

The most recent version of this document can be found at:

 <http://www.us-cert.gov/cas/techalerts/TA10-238A.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA10-238A Feedback VU#707943" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2010 by US-CERT, a government organization.

Background

VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.

Impact

Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information.

A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.

Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).

Workaround

There is no known workaround at this time.

Gentoo discontinued support for VMware Workstation. We recommend that users unmerge VMware Server:

# emerge --unmerge "app-emulation/vmware-server"

References

[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-25.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "2.5.5"
      },
      {
        "_id": null,
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.0.3"
      },
      {
        "_id": null,
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "server",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.3"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.2"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.1"
      },
      {
        "_id": null,
        "model": "server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "_id": null,
        "model": "server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "3.0"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.0"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.5.0"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "_id": null,
        "model": "server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.0"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "abvent",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "adobe",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "atomix productions",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "autodesk",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "avast antivirus",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "bentley",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "bittorrent",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "bitmanagement",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "conceiva",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "corel",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cyberlink",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "daemon tools",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "dassault systemes",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "divx",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ezb",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ecava",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fengtao",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "gfi",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "graphisoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "gilles vollant",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "guidance",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "httrack",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ibm",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "izarc",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "inkscape",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "maxthon",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microchip",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "microsoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "mozilla",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "netstumbler",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nokia",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "norman",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nullsoft",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "opera",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "pgp",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "pkware",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "pixia",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "realnetworks",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sisoftware",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "smart projects",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sonic",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sony",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sweetscape",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "teamviewer",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "techsmith",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tortoisesvn",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tracker",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "videolan",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "winmerge",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "wireshark",
        "version": null
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "wolters kluwer",
        "version": null
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "6.5.x"
      },
      {
        "_id": null,
        "model": "lhaforge",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "claybird",
        "version": "1.5.1 and earlier"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.3"
      },
      {
        "_id": null,
        "model": "enterprisedirectoryserver",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.4"
      },
      {
        "_id": null,
        "model": "securebranch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "soho xp dedicated application  securebranch accessmanager ver2.2.18 before"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6.4"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6.2"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v8.2"
      },
      {
        "_id": null,
        "model": "explzh",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "pon",
        "version": "v.5.65 and earlier"
      },
      {
        "_id": null,
        "model": "itunes",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "9"
      },
      {
        "_id": null,
        "model": "securebranch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "soho vista dedicated application  securebranch accessmanager ver3.0.13 before"
      },
      {
        "_id": null,
        "model": "lunascape",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "lunascape",
        "version": "6.3.0 and earlier"
      },
      {
        "_id": null,
        "model": "securefinger",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "fingerprint authentication runtime ( c / s edition) all versions"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "client v7.1"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6.5"
      },
      {
        "_id": null,
        "model": "esmpro/serveragentservice",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "_id": null,
        "model": "lhmelt",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "micco",
        "version": "1.65.1.2 and earlier"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "download server v7.1"
      },
      {
        "_id": null,
        "model": "esmpro/serveragent",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "client  v5.3"
      },
      {
        "_id": null,
        "model": "terapad",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "terao progress",
        "version": "ver.1.00\\u3000 and earlier"
      },
      {
        "_id": null,
        "model": "sleipnir",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "fenrir",
        "version": "2.9.5 and earlier"
      },
      {
        "_id": null,
        "model": "securefinger",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "fingerprint authentication utility ad all versions"
      },
      {
        "_id": null,
        "model": "lhaplus",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "schezo",
        "version": "1.57 and earlier"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6.3"
      },
      {
        "_id": null,
        "model": "infoframe documentskipper",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "downloader  v5.3"
      },
      {
        "_id": null,
        "model": "webotx",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "download contents v8.2"
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "5.5.x"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.1"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.2"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.4"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "3.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esxi",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esxi",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "2.5.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "3.0.3"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5118166"
      },
      {
        "_id": null,
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2203138"
      },
      {
        "_id": null,
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1156745"
      },
      {
        "_id": null,
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4"
      },
      {
        "_id": null,
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "_id": null,
        "model": "movie decoder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.4"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6"
      },
      {
        "_id": null,
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "_id": null,
        "model": "esxi server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "esxi server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.0.3"
      },
      {
        "_id": null,
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.5"
      },
      {
        "_id": null,
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "_id": null,
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      },
      {
        "db": "BID",
        "id": "39392"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:ace",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esx",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esxi",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:player",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Alin Rad Pop",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-1141",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2010-1141",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "46c824c0-2356-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-1141",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#707943",
            "trust": 0.8,
            "value": "64.13"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-1141",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201004-160",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "46c824c0-2356-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-1141",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. Some applications for Microsoft Windows may use unsafe methods for determining how to load DLLs.  As a result, these applications can be forced to load a DLL from an attacker-controlled source rather than a trusted location. Windows Program DLL There is an attackable vulnerability in reading. Dynamic link Library (DLL) Is a software component that is loaded at run time, not at program compile time. The program is LoadLibrary() And LoadLibraryEx() Using DLL Is read. Read DLL If no path is specified, specific directories are searched in order and found first. DLL Is loaded. Since this directory group includes the current directory of the process, the directory that can be operated by the attacker is set as the current directory. LoadLibrary() If is called, attack code may be executed. This issue can occur when browsing files located in directories that an attacker can manipulate. Read DLL The name depends on the program. DLL Read Windows The entire program may be affected. \" Opera Software \"and\" Adobe Vulnerability information on \" : Mitsui Bussan Secure Direction Co., Ltd. Takashi Yoshikawa MrA remote attacker could execute arbitrary code with the authority to execute the program. Attacker crafted DLL The USB Placing it on a drive or network drive may cause an attack. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. The VMWare Tools package used in VMWare products does not properly access the function library. \nAn attacker can exploit this issue by enticing a user to open a malicious file from a network share. The issue can be exploited on Windows guest operating systems\nSuccessful exploits will allow attackers to execute arbitrary code within the context of  the affected application. Failed exploit attempts will result in a denial-of-service condition. \nThis issue affects the following products:\nWorkstation\nPlayer\nACE\nServer\nFusion\nESX\nESXi\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0007\nSynopsis:          VMware hosted products, vCenter Server and ESX\n                   patches resolve multiple security issues\nIssue date:        2010-04-09\nUpdated on:        2010-04-09 (initial release of advisory)\nCVE numbers:       CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n                   CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n                   CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n                   CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n   Notes:\n   Effective May 2010, VMware\u0027s patch and update release program during\n   Extended Support will be continued with the condition that all\n   subsequent patch and update releases will be based on the latest\n   baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n   ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n   \"End of Product Availability FAQs\" at\n   http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n   details. \n\n   Extended support for ESX 2.5.5 ends on 2010-06-15.  Users should plan\n   to upgrade to at least ESX 3.0.3 and preferably to the newest\n   release available. \n\n   Extended support for ESX 3.0.3 ends on 2011-12-10.  Users should plan\n   to upgrade to at least ESX 3.5 and preferably to the newest release\n   available. \n\n   End of General Support for VMware Workstation 6.x is 2011-04-27,\n   users should plan to upgrade to the newest release available. \n\n   End of General Support for VMware Server 2.0 is 2011-06-30, users\n   should plan to upgrade to the newest release of either ESXi or\n   VMware Player. \n\n   Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n   should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. This file could be in any file format. \n\n    VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n    Security (http://www.acrossecurity.com) for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1141 to this issue. \n\n    Steps needed to remediate this vulnerability:\n\n    Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n     - Install the remediated version of Workstation, Player, ACE,\n       Server and Fusion. \n     - Upgrade tools in the virtual machine (virtual machine users\n       will be prompted to upgrade). \n\n    Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n     - Install the relevant patches (see below for patch identifiers)\n     - Manually upgrade tools in the virtual machine (virtual machine\n       users will not be prompted to upgrade).  Note the VI Client will\n       not show the VMware tools is out of date in the summary tab. \n       Please see http://tinyurl.com/27mpjo page 80 for details. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. See above for remediation\n    details.  On most\n    recent versions of Windows (XP, Vista) the attacker would need to\n    have administrator privileges to plant the malicious executable in\n    the right location. \n\n    Steps needed to remediate this vulnerability: See section 3.a. \n\n    VMware would like to thank Mitja Kolsek of ACROS Security\n    (http://www.acrossecurity.com) for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1142 to this issue. \n\n    Refer to the previous table in section 3.a for what action\n    remediates the vulnerability (column 4) if a solution is\n    available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n    escalation\n\n    A vulnerability in the USB service allows for a privilege\n    escalation. A local attacker on the host of a Windows-based\n    Operating System where VMware Workstation or VMware Player\n    is installed could plant a malicious executable on the host and\n    elevate their privileges. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the host machine.  On most recent versions of\n    Windows (XP, Vista) the attacker would need to have administrator\n    privileges to plant the malicious executable in the right location. \n\n    VMware would like to thank Thierry Zoller for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1140 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.0       Windows  7.0.1 build 227600 or later\n    Workstation    7.0       Linux    not affected\n    Workstation    6.5.x     any      not affected\n\n    Player         3.0       Windows  3.0.1 build 227600 or later\n    Player         3.0       Linux    not affected\n    Player         2.5.x     any      not affected\n\n    Ace            any       any      not affected\n\n    Server         2.x       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n    The libpng libraries through 1.2.35 contain an uninitialized-\n    memory-read bug that may have security implications. \n    Specifically, 1-bit (2-color) interlaced images whose widths are\n    not divisible by 8 may result in several uninitialized bits at the\n    end of certain rows in certain interlace passes being returned to\n    the user. An application that failed to mask these out-of-bounds\n    pixels might display or process them, albeit presumably with benign\n    results in most cases. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2042 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n    The VMware movie decoder contains the VMnc media codec that is\n    required to play back movies recorded with VMware Workstation,\n    VMware Player and VMware ACE, in any compatible media player. The\n    movie decoder is installed as part of VMware Workstation, VMware\n    Player and VMware ACE, or can be downloaded as a stand alone\n    package. \n\n    For an attack to be successful the user must be tricked into\n    visiting a malicious web page or opening a malicious video file on\n    a system that has the vulnerable version of the VMnc codec installed. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n    issues. \n\n    VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n    Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n    of Secunia Research for reporting these issues to us. \n\n    To remediate the above issues either install the stand alone movie\n    decoder or update your product using the table below. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Movie Decoder  any       Windows  6.5.4 Build 246459 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  6.5.4 build 246459 or later\n    Workstation    6.5.x     Linux    not affected\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  2.5.4 build 246459 or later\n    Player         2.5.x     Linux    not affected\n\n    ACE            any       any      not affected\n\n    Server         2.x       Window   not being addressed at this time\n    Server         2.x       Linux    not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\nf. \n    Exploitation of this issue may lead to arbitrary code execution on\n    the system where VMrc is installed. Code execution would be at the privilege level of the user. \n\n    VMrc is present on a system if the VMrc browser plug-in has been\n    installed. This plug-in is required when using the console feature in\n    WebAccess. Installation of the plug-in follows after visiting the\n    console tab in WebAccess and choosing \"Install plug-in\". The plug-\n    in can only be installed on Internet Explorer and Firefox. \n\n    Under the following two conditions your version of VMrc is likely\n    to be affected:\n\n    - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n      without patch ESX400-200911223-UG and\n    - VMrc is installed on a Windows-based system\n\n    The following steps allow you to determine if you have an affected\n    version of VMrc installed:\n\n    - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n      system\n    - Right click and go to Properties\n    - Go to the tab \"Versions\"\n    - Click \"File Version\" in the \"Item Name\" window\n    - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n      VMrc is affected\n\n    Remediation of this issue on Windows-based systems requires the\n    following steps (Linux-based systems are not affected):\n\n    - Uninstall affected versions of VMrc from the systems where the\n      VMrc plug-in has been installed (use the Windows Add/Remove\n      Programs interface)\n    - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n      ESX400-200911223-UG\n    - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n      ESX400-200911223-UG using WebAccess on the system where the VMrc\n      needs to be re-installed\n    - Re-install VMrc by going to the console tab in WebAccess.  The\n      Console tab is selectable after selecting a virtual machine. \n\n    Note: the VMrc plug-in for Firefox on Windows-based operating\n    systems is no longer compatible after the above remediation steps. \n    Users are advised to use the Internet Explorer VMrc plug-in. \n\n    VMware would like to thank Alexey Sintsov from Digital Security\n    Research Group for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n    A vulnerability in vmware-authd could cause a denial of service\n    condition on Windows-based hosts.  The denial of service is limited\n    to a crash of authd. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-3707 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Potential information leak via hosted networking stack\n\n    A vulnerability in the virtual networking stack of VMware hosted\n    products could allow host information disclosure. \n\n    A guest operating system could send memory from the host vmware-vmx\n    process to the virtual network adapter and potentially to the\n    host\u0027s physical Ethernet wire. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1138 to this issue. \n\n    VMware would like to thank Johann MacDonagh for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n    A format string vulnerability in vmrun could allow arbitrary code\n    execution. \n\n    If a vmrun command is issued and processes are listed, code could\n    be executed in the context of the user listing the processes. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1139 to this issue. \n\n    VMware would like to thank Thomas Toth-Steiner for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    VIX API        any       Windows  not affected\n    VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later\n    VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  not affected\n    Workstation    6.5.x     Linux    6.5.4 build 246459 or later\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  not affected\n    Player         2.5.x     Linux    2.5.4 build 246459 or later\n\n    Ace            any       Windows  not affected\n\n    Server         2.x       Windows  not affected\n    Server         2.x       Linux    not being fixed at this time\n\n    Fusion         3.x       Mac OS/X not affected\n    Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later\n\n    ESXi           any       any      not affected\n\n    ESX            any       any      not affected\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation Movie Decoder stand alone 6.5.4\n   --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n   md5sum: ea2ac5907ae4c5c323147fe155443ab8\n   sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n   VMware Workstation 7.0.1\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Linux 32-bit with VMware Tools\n   md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n   sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n   Workstation for Linux 32-bit without VMware Tools\n   md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n   sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n   Workstation for Linux 64-bit with VMware Tools\n   md5sum: 808682eaa6b202fa29172821f7378768\n   sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n   Workstation for Linux 64-bit without VMware Tools\n   md5sum: 5116e27e7b13a76693402577bd9fda58\n   sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n   VMware Workstation 6.5.4\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .rpm\n   md5sum: 9efb43a604d50e541eb3be7081b8b198\n   sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .bundle\n   md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n   sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .rpm\n   md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n   sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .bundle\n   md5sum: ed24296705ad48442549d9cb2b3c0d8d\n   sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n   VMware Player 3.0.1\n   -------------------\n   http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n   Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n   Player for Windows 32-bit and 64-bit\n   md5sum: 78c92c0242c9540f68a629d4ac49c516\n   sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n   Player for Linux 32-bit (.bundle)\n   md5sum: e7cd19d39c7bbd1aee582743d76a7863\n   sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n   Player for Linux 64-bit (.bundle)\n   md5sum: 88b08537c6eea705883dc1755b97738c\n   sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n   VMware VIX API for Windows 32-bit and 64-bit\n   md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n   sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n   VMware VIX API for 32-bit Linux\n   md5sum: 8b0994a26363246b5e954f97bd5a088d\n   sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n   VMware VIX API for 64-bit Linux\n   md5sum: ef7b9890c52b1e333f2357760a7fff85\n   sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n   VMware Player 2.5.4\n   -------------------\n   http://downloads.vmware.com/download/player/player_reg.html\n   Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n   Player for Windows 32-bit and 64-bit (.exe)\n   md5sum: 531140a1eeed7d8b71f726b3d32a9174\n   sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n   Player for Linux (.rpm)\n   md5sum: 1905f61af490f9760bef54450747e708\n   sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n   Player for Linux (.bundle)\n   md5sum: 74f539005687a4efce7971f7ef019af5\n   sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n   Player for Linux - 64-bit (.rpm)\n   md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n   sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n   Player for Linux - 64-bit (.bundle)\n   md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n   sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n   VMware ACE 2.6.1\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n   VMware Workstation for 32-bit and 64-bit Windows with tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   VMware Workstation for Windows 32-bit and 64-bit without tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   ACE Management Server Virtual Appliance\n   md5sum: e26d258c511572064e99774fbac9184c\n   sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n   ACE Management Server for Windows\n   md5sum: e970828f2a5a62ac108879033a70f4b6\n   sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   md5sum: 59b3ad5964daef2844e72fd1765590fc\n   sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   md5sum: 6623f6a8a645402a1c8c351ec99a1889\n   sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n   VMware ACE 2.5.4\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n   VMware ACE for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   ACE Management Server Virtual Appliance\n   AMS Virtual Appliance .zip\n   md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n   sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n   ACE Management Server for Windows\n   Windows .exe\n   md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n   sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   SLES 9 .rpm\n   md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n   sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   RHEL 4 .rpm\n   md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n   sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n   VMware Server 2.0.2\n   -------------------\n   http://www.vmware.com/download/server/\n   Release notes:\n  http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n   VMware Server 2\n   Version 2.0.2 | 203138   - 10/26/09\n   507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n   master installer file containing all Windows components of VMware\n   Server. \n   md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n   sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n   VIX API 1.6 for Windows\n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB image\n   md5sum: 827e65e70803ec65ade62dd27a74407a\n   sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n   For Linux\n\n   VMware Server 2 for Linux Operating Systems. \n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB TAR image\n   md5sum: 95ddea5a0579a35887bd15b083ffea20\n   sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n   VMware Server 2 for Linux Operating Systems 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   452 MB RPM image\n   md5sum: 35c8b176601133749e4055e0034f8be6\n   sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n   The core application needed to run VMware Server 2, 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   451 MB TAR image\n   md5sum: cc7aef813008eeb7150c21547d431b39\n   sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n   VMware Fusion 3.0.2\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n   Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n   VMware Fusion 3.0.2 (for Intel-based Macs)\n   md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n   sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n   VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n   md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n   sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n   VMware Fusion 2.0.7\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n   Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n   VMware Fusion 2.0.7 (for Intel-based Macs)\n   md5sum: a293f5ce6ccc227760640753386e9da6\n   sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n   VMware Fusion 2.0.7 Light (for Intel-based Macs)\n   md5sum: d4772d118fb90323f598849e70c21189\n   sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n   VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n   ----------------------------------------------\n   VIX API for Window 32-bit and 64-bit\n   Main installation file for Windows 32-bit and 64-bit host\n   md5sum:b494fc3092f07d0f29cc06a19fe61306\n   sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n   VIX API for Linux 32-bit\n   md5sum:6b0ed8872d8b714363cddc68b6a77008\n   sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n   VIX API for Linux 64-bit\n   md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n   sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n   VIX API Version: 1.8.1 | 2009-10-11 |  207905\n   ---------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:4f21e4cb518767bc08045f5a39f5d41f\n   sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n   VIX API for Linux 32-bit\n   md5sum:f347e94d907c26754540d59956ee5d53\n   sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n   VIX API for Linux 64-bit\n   md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n   sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n   VIX API Version: 1.10 Beta | 01/28/10 | 222403\n   ----------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n   sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n   VIX API for Linux 32-bit\n   md5sum:07d1989d042e317eb9d2b3daf269dda7\n   sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n   VIX API for Linux 64-bit\n   md5sum:9b345008e0adec3c044988307294944b\n   sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n   ESXi\n   ----\n   ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n   md5sum: e5aa2968d389594abdc59cbac7b0183d\n   sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n   http://kb.vmware.com/kb/1018404\n\n   ESXi 3.5\n   --------\n   ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n   ESXe350-200912401-O-BG from December 2009. \n\n   The same patch, ESXe350-200912402-T-BG, is also contained in\n   ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n   In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n   included in ESXe350-201003401-O-BG from March 2010. \n\n\n   ESXe350-201002401-O-SG (latest security update)\n   http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n   md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n   http://kb.vmware.com/kb/1015047 (Vi Client)\n\n   http://kb.vmware.com/kb/1016665 (VM Tools)\n\n   http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n   The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n   VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n   ESX\n   ---\n   ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n   md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n   sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n   http://kb.vmware.com/kb/1018403\n\n   Note: ESX400-201002001 contains the bundle with the security fix,\n         ESX400-201002401-BG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n   ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n   md5sum: 99c1fcafbf0ca105ce73840d686e9914\n   sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n   http://kb.vmware.com/kb/1014842\n\n   Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n         ESX400-200911223-UG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n   ESX 3.5 patch ESX350-200912401-BG\n   http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n   md5sum: f1d3589745b4ae933554785aef22bacc\n   sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n   http://kb.vmware.com/kb/1016657\n\n   ESX 3.0.3 patch ESX303-201002203-UG\n   http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n   md5sum: 49ee56b687707cbe6999836c315f081a\n   http://kb.vmware.com/kb/1018030\n\n   ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n   md5sum: c346fe510b6e51145570e03083f77357\n   sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n   http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n   http://www.acrossecurity.com/advisories.htm\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09  VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n                    National Cyber Alert System\n\n              Technical Cyber Security Alert TA10-238A\n\n\nMicrosoft Windows Insecurely Loads Dynamic Libraries\n\n   Original release date: August 26, 2010\n   Last revised: --\n   Source: US-CERT\n\n\nSystems Affected\n\n     Any application running on the Microsoft Windows platform that\n     uses dynamically linked libraries (DLLs) may be affected. Please see the Vendor Information\n     section of Vulnerability Note VU#707943 for information about\n     specific vendors. DLLs are typically loaded\n   when the application is first started; however DLLs may be loaded\n   and unloaded while the application is running. An application can\n   request a DLL file in a variety of ways, and Windows uses several\n   different search algorithms to find DLL files. The interaction\n   between the application and Windows can result in a DLL file being\n   loaded from the current working directory of the application,\n   instead of the Windows system directory or the directory where the\n   application is installed. \n\n   The current working directory could be the desktop, a removable\n   storage device such as a USB key, a Windows file share, or a WebDAV\n   location. When a file associated with an application is opened, a\n   DLL in the same directory as the file may be loaded. Although an\n   attacker may not have permission to write to the Windows system or\n   application directories, the attacker may be able to write a DLL to\n   a directory used to store files, or the attacker could provide\n   their own directory. \n\n   Attacks against this type of vulnerability have been referred to as\n   \"binary planting.\" Please see Vulnerability Note VU#707943 and\n   Microsoft Security Advisory 2269637 for more information. \n\n\nII. Impact\n\n   By placing a DLL with the correct name (and possibly the relative\n   directory path) in the current working directory, an attacker could\n   execute arbitrary code with the privileges of the application that\n   loads the DLL. \n\n\nIII. Solution\n\n   Individual applications that run on the Windows platform may\n   require patches or updates. Microsoft Knowledge Base article\n   KB2264107 describes an update that provides a registry key that can\n   prevent Windows from searching the current working directory for\n   DLL files. \n\n   Information about specific solutions for different vendors, general\n   mitigation techniques, and secure ways for applications to load\n   DLLs can be found in the Vendor Information and Solution sections\n   of Vulnerability Note VU#707943. \n\n\nIV. References\n\n * Vulnerability Note VU#707943 -\n   \u003chttp://www.kb.cert.org/vuls/id/707943\u003e\n\n * Microsoft Security Advisory (2269637) -\n   \u003chttp://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e\n\n * A new CWDIllegalInDllSearch registry entry is available to control\n   the DLL search path algorithm -\n   \u003chttp://support.microsoft.com/kb/2264107\u003e\n\n ____________________________________________________________________\n\n   The most recent version of this document can be found at:\n\n     \u003chttp://www.us-cert.gov/cas/techalerts/TA10-238A.html\u003e\n ____________________________________________________________________\n\n   Feedback can be directed to US-CERT Technical Staff. Please send\n   email to \u003ccert@cert.org\u003e with \"TA10-238A Feedback VU#707943\" in\n   the subject. \n ____________________________________________________________________\n\n   For instructions on subscribing to or unsubscribing from this\n   mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n   Produced 2010 by US-CERT, a government organization. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/vmware-player\n                              \u003c= 2.5.5.328052              Vulnerable!\n  2  app-emulation/vmware-workstation\n                              \u003c= 6.5.5.328052              Vulnerable!\n  3  app-emulation/vmware-server\n                              \u003c= 1.0.9.156507              Vulnerable!\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nLocal users may be able to gain escalated privileges, cause a Denial of\nService, or gain sensitive information. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nGentoo discontinued support for VMware Workstation. We recommend that users\nunmerge VMware Server:\n\n  # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[  1 ] CVE-2007-5269\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[  2 ] CVE-2007-5503\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[  3 ] CVE-2007-5671\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[  4 ] CVE-2008-0967\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[  5 ] CVE-2008-1340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[  6 ] CVE-2008-1361\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[  7 ] CVE-2008-1362\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[  8 ] CVE-2008-1363\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[  9 ] CVE-2008-1364\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      },
      {
        "db": "BID",
        "id": "39392"
      },
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "93209"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      }
    ],
    "trust": 4.59
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-1141",
        "trust": 4.0
      },
      {
        "db": "SECUNIA",
        "id": "39198",
        "trust": 3.1
      },
      {
        "db": "SECUNIA",
        "id": "39206",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1023832",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1023833",
        "trust": 1.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943",
        "trust": 1.7
      },
      {
        "db": "USCERT",
        "id": "TA10-238A",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "39392",
        "trust": 1.2
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160",
        "trust": 1.0
      },
      {
        "db": "BID",
        "id": "1699",
        "trust": 0.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0852",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788\u203b14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D7C8FB0-463F-11E9-A735-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "46C824C0-2356-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88215",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "93209",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "117012",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141"
      },
      {
        "db": "BID",
        "id": "39392"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "93209"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      }
    ]
  },
  "id": "VAR-200009-0023",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      }
    ],
    "trust": 0.1
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      }
    ]
  },
  "last_update_date": "2026-03-09T21:39:16.624000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "VMSA-2010-0007",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
      },
      {
        "title": "HT4105",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4105"
      },
      {
        "title": "HT4105",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4105?viewlocale=ja_JP"
      },
      {
        "title": "Opera Software\u304b\u3089\u306e\u60c5\u5831",
        "trust": 0.8,
        "url": "http://jvn.jp/vu/JVNVU707943/844993/index.html"
      },
      {
        "title": "Adobe\u304b\u3089\u306e\u60c5\u5831",
        "trust": 0.8,
        "url": "http://jvn.jp/vu/JVNVU707943/244523/index.html"
      },
      {
        "title": "LhaForge",
        "trust": 0.8,
        "url": "http://claybird.sakura.ne.jp/garage/lhaforge/index.html"
      },
      {
        "title": "2010.2F9.2F7_ver_6.3.1",
        "trust": 0.8,
        "url": "http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2010.2F9.2F7_ver_6.3.1"
      },
      {
        "title": "Another technique for Fixing DLL Preloading attacks",
        "trust": 0.8,
        "url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
      },
      {
        "title": "More information about the DLL Preloading remote attack vector",
        "trust": 0.8,
        "url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
      },
      {
        "title": "Secure loading of libraries to prevent DLL preloading attacks - Guidance for Software Developers\u3000(Word \u6587\u66f8)",
        "trust": 0.8,
        "url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-21/Secure-loading-of-libraries-to-prevent-DLL-Preloading.docx"
      },
      {
        "title": "Dynamic-Link Library Security",
        "trust": 0.8,
        "url": "http://msdn.microsoft.com/ja-jp/library/ff919712%28v=VS.85%29.aspx"
      },
      {
        "title": "2269637",
        "trust": 0.8,
        "url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx"
      },
      {
        "title": "Load Library Safely",
        "trust": 0.8,
        "url": "https://blogs.technet.microsoft.com/srd/2014/05/13/load-library-safely/"
      },
      {
        "title": "DLL \u691c\u7d22\u30d1\u30b9\u30a2\u30eb\u30b4\u30ea\u30ba\u30e0\u3092\u5236\u5fa1\u3059\u308b\u65b0\u3057\u3044 CWDIllegalInDllSearch \u30ec\u30b8\u30b9\u30c8\u30ea\u30a8\u30f3\u30c8\u30ea\u306b\u3064\u3044\u3066",
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/2264107"
      },
      {
        "title": "NV11-003",
        "trust": 0.8,
        "url": "http://www.nec.co.jp/security-info/secinfo/nv11-003.html"
      },
      {
        "title": "Microsoft Windows \u306b\u304a\u3051\u308b DLL \u8aad\u307f\u8fbc\u307f\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "http://www.ponsoftware.com/archiver/bug.htm#load_lib"
      },
      {
        "title": "\u691c\u7d22\u30d1\u30b9\u306e\u554f\u984c\u306b\u8d77\u56e0\u3059\u308b\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www5f.biglobe.ne.jp/~t-susumu"
      },
      {
        "title": "MHSVI#20100824",
        "trust": 0.8,
        "url": "http://homepage3.nifty.com/micco/vul/2010/mhsvi20100824.htm"
      },
      {
        "title": "sleipnirsleipnir_295",
        "trust": 0.8,
        "url": "http://www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html"
      },
      {
        "title": "2269637",
        "trust": 0.8,
        "url": "https://www.microsoft.com/japan/technet/security/advisory/2269637.mspx"
      },
      {
        "title": "\u65b0\u305f\u306a\u30ea\u30e2\u30fc\u30c8\u306e\u653b\u6483\u624b\u6cd5\u306b\u95a2\u3059\u308b\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea 2269637 \u3092\u516c\u958b",
        "trust": 0.8,
        "url": "http://blogs.technet.com/b/jpsecurity/archive/2010/08/24/3351474.aspx"
      },
      {
        "title": "\u30e9\u30a4\u30d6\u30e9\u30ea\u3092\u5b89\u5168\u306b\u30ed\u30fc\u30c9\u3057\u3066 DLL \u306e\u30d7\u30ea\u30ed\u30fc\u30c9\u653b\u6483\u3092\u9632\u3050 - \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u958b\u767a\u8005\u5411\u3051\u30ac\u30a4\u30c0\u30f3\u30b9 (Word \u6587\u66f8)",
        "trust": 0.8,
        "url": "http://blogs.technet.com/cfs-file.ashx/__key/CommunityServer-Components-PostAttachments/00-03-35-14-74/Secure-loading-of-libraries-to-prevent-DLL-Preloading_5F00_J.docx"
      },
      {
        "title": "TA10-238A",
        "trust": 0.8,
        "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-238a.html"
      },
      {
        "title": "VMSA - 2010 - 0007: VMware Managed Products, vCenter Server and ESX Multiple Security Patches",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/155"
      },
      {
        "title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.1,
        "url": "http://secunia.com/advisories/39198"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39206"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023832"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023833"
      },
      {
        "trust": 1.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
      },
      {
        "trust": 1.6,
        "url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
      },
      {
        "trust": 1.1,
        "url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-1-pub.txt"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7020"
      },
      {
        "trust": 0.9,
        "url": "http://www.securityfocus.com/bid/39392"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
      },
      {
        "trust": 0.8,
        "url": "http://www.cert.org/blogs/vuls/2008/09/carpet_bombing_and_directory_p.html"
      },
      {
        "trust": 0.8,
        "url": "http://blog.mandiant.com/archives/1207"
      },
      {
        "trust": 0.8,
        "url": "http://msdn.microsoft.com/en-us/library/aa297182"
      },
      {
        "trust": 0.8,
        "url": "http://blog.zoller.lu/2010/08/cve-2010-xn-loadlibrarygetprocaddress.html"
      },
      {
        "trust": 0.8,
        "url": "http://msdn.microsoft.com/en-us/library/ms684175%28vs.85%29.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-2-pub.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.acrossecurity.com/aspr/aspr-2010-08-18-1-pub.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/1699/discuss"
      },
      {
        "trust": 0.8,
        "url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
      },
      {
        "trust": 0.8,
        "url": "http://blog.rapid7.com/?p=5325"
      },
      {
        "trust": 0.8,
        "url": "http://www.cs.ucdavis.edu/research/tech-reports/2010/cse-2010-2.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://www.microsoft.com/technet/security/advisory/2269637.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://blogs.msdn.com/b/david_leblanc/archive/2010/08/23/another-technique-for-fixing-dll-preloading-attacks.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://support.microsoft.com/kb/2264107"
      },
      {
        "trust": 0.8,
        "url": "http://www.guninski.com/officedll.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta10-238a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/jvntr-2010-23"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1141"
      },
      {
        "trust": 0.8,
        "url": "http://www.vupen.com/english/advisories/2010/0852"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/about/press/20101111.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta10-238a"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu707943"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/jvntr-2010-23/"
      },
      {
        "trust": 0.8,
        "url": "http://www.kb.cert.org/vuls/id/707943"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/264.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1015047"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016665"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018404"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016657"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1017685"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/player/player_reg.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018030"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/server/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com)"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://tinyurl.com/27mpjo"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com)"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1014842"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com/advisories.htm"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018403"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/707943\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta10-238a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://support.microsoft.com/kb/2264107\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#707943"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141"
      },
      {
        "db": "BID",
        "id": "39392"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "93209"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
        "ident": null
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "db": "CERT/CC",
        "id": "VU#707943",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574",
        "ident": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1141",
        "ident": null
      },
      {
        "db": "BID",
        "id": "39392",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "88215",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "93209",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "117012",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001364",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001999",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1141",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1",
        "ident": null
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d",
        "ident": null
      },
      {
        "date": "2010-08-25T00:00:00",
        "db": "CERT/CC",
        "id": "VU#707943",
        "ident": null
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0574",
        "ident": null
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1141",
        "ident": null
      },
      {
        "date": "2010-04-09T00:00:00",
        "db": "BID",
        "id": "39392",
        "ident": null
      },
      {
        "date": "2010-04-10T03:16:16",
        "db": "PACKETSTORM",
        "id": "88215",
        "ident": null
      },
      {
        "date": "2010-08-27T02:58:57",
        "db": "PACKETSTORM",
        "id": "93209",
        "ident": null
      },
      {
        "date": "2012-09-30T16:40:15",
        "db": "PACKETSTORM",
        "id": "117012",
        "ident": null
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-160",
        "ident": null
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001364",
        "ident": null
      },
      {
        "date": "2010-09-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001999",
        "ident": null
      },
      {
        "date": "2010-04-12T18:30:00.663000",
        "db": "NVD",
        "id": "CVE-2010-1141",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2016-10-13T00:00:00",
        "db": "CERT/CC",
        "id": "VU#707943",
        "ident": null
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0574",
        "ident": null
      },
      {
        "date": "2017-09-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1141",
        "ident": null
      },
      {
        "date": "2012-10-01T19:10:00",
        "db": "BID",
        "id": "39392",
        "ident": null
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-160",
        "ident": null
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001364",
        "ident": null
      },
      {
        "date": "2016-11-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001999",
        "ident": null
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-1141",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "VMWare Tools Package Library Reference Code Execution Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7c8fb0-463f-11e9-a735-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46c824c0-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0574"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "_id": null,
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-160"
      }
    ],
    "trust": 0.6
  }
}

VAR-201003-0281

Vulnerability from variot - Updated: 2026-03-09 21:35

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. OpenSSL versions 0.9.8f through 0.9.8m are vulnerable.

Affected versions depend on the C compiler used with OpenSSL:

  • If 'short' is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m.
  • Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m.

Users of OpenSSL should update to the OpenSSL 0.9.8n release, which contains a patch to correct this issue. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied.

Bodo Moeller and Adam Langley (Google) have identified the vulnerability and prepared the fix.

Patch

--- ssl/s3_pkt.c 24 Jan 2010 13:52:38 -0000 1.57.2.9 +++ ssl/s3_pkt.c 24 Mar 2010 00:00:00 -0000 @@ -291,9 +291,9 @@ if (version != s->version) { SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - / Send back error using their - * version number :-) / - s->version=version; + if ((s->version & 0xFF00) == (version & 0xFF00)) + / Send back error using their minor version number :-) / + s->version = (unsigned short)version; al=SSL_AD_PROTOCOL_VERSION; goto f_err; }

References

This vulnerability is tracked as CVE-2010-0740.

URL for this Security Advisory: https://www.openssl.org/news/secadv_20100324.txt . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-01

                                        http://security.gentoo.org/

Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 09, 2011 Bugs: #303739, #308011, #322575, #332027, #345767, #347623, #354139, #382069 ID: 201110-01

Synopsis

Multiple vulnerabilities were found in OpenSSL, allowing for the execution of arbitrary code and other attacks.

Background

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-libs/openssl < 1.0.0e >= 1.0.0e

Description

Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.

Impact

A context-dependent attacker could cause a Denial of Service, possibly execute arbitrary code, bypass intended key requirements, force the downgrade to unintended ciphers, bypass the need for knowledge of shared secrets and successfully authenticate, bypass CRL validation, or obtain sensitive information in applications that use OpenSSL.

Workaround

There is no known workaround at this time.

Resolution

All OpenSSL users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0e"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 17, 2011. It is likely that your system is already no longer affected by most of these issues.

References

[ 1 ] CVE-2009-3245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245 [ 2 ] CVE-2009-4355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355 [ 3 ] CVE-2010-0433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433 [ 4 ] CVE-2010-0740 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740 [ 5 ] CVE-2010-0742 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742 [ 6 ] CVE-2010-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633 [ 7 ] CVE-2010-2939 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939 [ 8 ] CVE-2010-3864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864 [ 9 ] CVE-2010-4180 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180 [ 10 ] CVE-2010-4252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252 [ 11 ] CVE-2011-0014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014 [ 12 ] CVE-2011-3207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207 [ 13 ] CVE-2011-3210 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201110-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c02079216 Version: 1

HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2010-04-13 Last Updated: 2010-04-13

Potential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY Potential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS).

References: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. HP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n.

BACKGROUND

CVSS 2.0 Base Metrics

Reference Base Vector Base Score CVE-2009-3245 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2009-3555 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2009-4355 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

RESOLUTION

HP has provided upgrades to resolve these vulnerabilities. The upgrades are available from the following location.

Host / Account / Password

ftp.usa.hp.com / sb02517 / Secure12

HP-UX Release / Depot Name / SHA-1 digest

B.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot / 2FE85DEE859C93F9D02A69666A455E9A7442DC5D

B.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot / 69F9AEE88F89C53FFE6794822F6A843F312384CD

B.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot / 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5

MANUAL ACTIONS: Yes - Update

Install OpenSSL A.00.09.08n or subsequent

PRODUCT SPECIFIC INFORMATION

HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

The following text is for use by the HP-UX Software Assistant.

AFFECTED VERSIONS

HP-UX B.11.11

openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.001 or subsequent

HP-UX B.11.23

openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.002 or subsequent

HP-UX B.11.31

openssl.OPENSSL-CER openssl.OPENSSL-CONF openssl.OPENSSL-DOC openssl.OPENSSL-INC openssl.OPENSSL-LIB openssl.OPENSSL-MAN openssl.OPENSSL-MIS openssl.OPENSSL-PRNG openssl.OPENSSL-PVT openssl.OPENSSL-RUN openssl.OPENSSL-SRC action: install revision A.00.09.08n.003 or subsequent

END AFFECTED VERSIONS

HISTORY Version:1 (rev.1) 13 April 2010 Initial release

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

  • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkvE61EACgkQ4B86/C0qfVkXUQCg5DunZ1ZsghQGw/5ot7rFpqk1 U+IAnjlb/EweXqml7TOdX8En10UGC1Km =XScD -----END PGP SIGNATURE----- . Apache-based Web Server is contained in the Apache Web Server Suite. The upgrades are available from the following location:

URL http://software.hp.com

Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15

Web Server Suite Version / HP-UX Release / Depot name

Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot

Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot

Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot

Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot

Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot

Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot

Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot

MANUAL ACTIONS: Yes - Update

Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent

PRODUCT SPECIFIC INFORMATION

HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check.

Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.

Update:

Packages for 2009.0 are provided due to the Extended Maintenance Program.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433

Updated Packages:

Mandriva Linux 2009.0: 1f42cf30ee84314be4125a070709d239 2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm 372bffd962ced1965c33b752def70b8b 2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm ace965066796e71bf4ecf4af6bc831c5 2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm a6e08ca29b012c695e0763f6fd15fac1 2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64: f6748700d01abc7e33053e339575cede 2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm b53a75b4c732a3371a3bcd0e8ed47481 2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 187bff89c19e2d65ccc5c640a32d0cc7 2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm 1d6f6fca3b51e498359cbbbde07a4a0e 2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm 1e1164ec8615415e325166d13c4248cc 2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty X3hfPZSWARaTxUmX7P/4FDM= =FrW5 -----END PGP SIGNATURE-----

Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8j"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8m"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8g"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8h"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8k"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8l"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8f"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "openssl",
        "version": "0.9.8i"
      },
      {
        "_id": null,
        "model": "vcenter",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "4.1"
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "_id": null,
        "model": "virtualcenter",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "_id": null,
        "model": "vcenter",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "ibm",
        "version": "6.1"
      },
      {
        "_id": null,
        "model": "openssl",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "openssl",
        "version": "0.9.8f to  0.9.8m"
      },
      {
        "_id": null,
        "model": "ace",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "esx",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "player",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "workstation",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.7"
      },
      {
        "_id": null,
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.7"
      },
      {
        "_id": null,
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.11"
      },
      {
        "_id": null,
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.23"
      },
      {
        "_id": null,
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.31"
      },
      {
        "_id": null,
        "model": "big-ip link controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 134",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "active management technology sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "2.6"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 41",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 104",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 83",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "coat systems blue coat reporter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "blue",
        "version": "9.2.3.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 106",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "_id": null,
        "model": "virtualcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.52"
      },
      {
        "_id": null,
        "model": "project openssl 0.9.8n",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 131",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 56",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 95",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 38",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "multi network firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "hp-ux b.11.23",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 126",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 125",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "_id": null,
        "model": "vcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.01"
      },
      {
        "_id": null,
        "model": "circle",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "voodoo",
        "version": "1.1.40"
      },
      {
        "_id": null,
        "model": "project openssl 0.9.8f",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 133",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 54",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 129",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 93",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "arx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "5.1"
      },
      {
        "_id": null,
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 35",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "openbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openbsd",
        "version": "4.7"
      },
      {
        "_id": null,
        "model": "coat systems blue coat reporter",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "blue",
        "version": "9.2.4.1"
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2.2"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 92",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "_id": null,
        "model": "virtualcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.55"
      },
      {
        "_id": null,
        "model": "big-ip protocol security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 76",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 130",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8"
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 121",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "enterprise manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 84",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 101a",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 105",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 99",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 111a",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "active management technology sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "_id": null,
        "model": "bigip global traffic manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 87",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "_id": null,
        "model": "aix l",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 88",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.7"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 98",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "openbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openbsd",
        "version": "4.6"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 117",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 58",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 111",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "virtualcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.51"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 113",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 100",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 124",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 118",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "bigip edge",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 123",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 59",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 49",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "big-ip application security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 57",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "setup and configuration service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "coat systems blue coat reporter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "blue",
        "version": "9.1.5.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 22",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 114",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 112",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 81",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 119",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 128",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 103",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "arx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "5.1.5"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 85",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 19",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 107",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "_id": null,
        "model": "setup and configuration service",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "circle xtelnet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "voodoo",
        "version": "0.4.5"
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.6"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 45",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl 0.9.8m",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl 0.9.8g",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "_id": null,
        "model": "big-ip psm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.7"
      },
      {
        "_id": null,
        "model": "project openssl j",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8"
      },
      {
        "_id": null,
        "model": "virtualcenter 2.5.update build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "31"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 96",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 110",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 71",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 78",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "bigip application security manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 108",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 28",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 13",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "_id": null,
        "model": "active management technology sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "3.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 132",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "active management technology sdk",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "intel",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 91",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "vcenter update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.11"
      },
      {
        "_id": null,
        "model": "coat systems blue coat reporter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "blue",
        "version": "8.3.3.1"
      },
      {
        "_id": null,
        "model": "circle",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "voodoo",
        "version": "1.1.39"
      },
      {
        "_id": null,
        "model": "openbsd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openbsd",
        "version": "4.5"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 36",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 89",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.8"
      },
      {
        "_id": null,
        "model": "virtualcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.56"
      },
      {
        "_id": null,
        "model": "opensolaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 47",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 39",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 48",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 64",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "big-ip local traffic manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "_id": null,
        "model": "circle xtelnet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "voodoo",
        "version": "0.4.6"
      },
      {
        "_id": null,
        "model": "aix l",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.2"
      },
      {
        "_id": null,
        "model": "hp-ux b.11.11",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.10"
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "_id": null,
        "model": "big-ip apm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 94",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 37",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "active management technology sdk",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "5.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 101",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "_id": null,
        "model": "coat systems blue coat reporter",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "blue",
        "version": "8.3.7.1"
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 122",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 115",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 90",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 68",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "big-ip webaccelerator",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "hp-ux b.11.31",
        "scope": null,
        "trust": 0.3,
        "vendor": "hp",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 109",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 74",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 67",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 120",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 51",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 50",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 136",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "big-ip wan optimization module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f5",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "_id": null,
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pardus",
        "version": "20090"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 102",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "virtualcenter update",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.54"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 02",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl 0.9.8l",
        "scope": null,
        "trust": 0.3,
        "vendor": "openssl",
        "version": null
      },
      {
        "_id": null,
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "_id": null,
        "model": "enterprise server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 77",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "aix l",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 61",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 137",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl h",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8"
      },
      {
        "_id": null,
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.1"
      },
      {
        "_id": null,
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 116",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 127",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "aix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "5.3.9"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 80",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "project openssl i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "openssl",
        "version": "0.9.8"
      },
      {
        "_id": null,
        "model": "opensolaris build snv 82",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 135",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 01",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "opensolaris build snv 29",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "_id": null,
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "39013"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:ibm:aix",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:openssl:openssl",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:ace",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esx",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esxi",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:player",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:vcenter",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:virtualcenter",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:hp:hp-ux",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Bodo Moeller and Adam Langley",
    "sources": [
      {
        "db": "BID",
        "id": "39013"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-0740",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2010-0740",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-0740",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-0740",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201003-393",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-0740",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number.  NOTE: some of these details are obtained from third party information. OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nOpenSSL versions 0.9.8f through 0.9.8m are vulnerable. \n\nAffected versions depend on the C compiler used with OpenSSL:\n\n- If \u0027short\u0027 is a 16-bit integer, this issue applies only to OpenSSL 0.9.8m. \n- Otherwise, this issue applies to OpenSSL 0.9.8f through 0.9.8m. \n\nUsers of OpenSSL should update to the OpenSSL 0.9.8n release, which contains a\npatch to correct this issue.  If upgrading is not immediately possible, the\nsource code patch provided in this advisory should be applied. \n\nBodo Moeller and Adam Langley (Google) have identified the vulnerability\nand prepared the fix. \n\n\nPatch\n-----\n\n--- ssl/s3_pkt.c\t24 Jan 2010 13:52:38 -0000\t1.57.2.9\n+++ ssl/s3_pkt.c\t24 Mar 2010 00:00:00 -0000\n@@ -291,9 +291,9 @@\n \t\t\tif (version != s-\u003eversion)\n \t\t\t\t{\n \t\t\t\tSSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);\n-\t\t\t\t/* Send back error using their\n-\t\t\t\t * version number :-) */\n-\t\t\t\ts-\u003eversion=version;\n+                                if ((s-\u003eversion \u0026 0xFF00) == (version \u0026 0xFF00))\n+                                \t/* Send back error using their minor version number :-) */\n+\t\t\t\t\ts-\u003eversion = (unsigned short)version;\n \t\t\t\tal=SSL_AD_PROTOCOL_VERSION;\n \t\t\t\tgoto f_err;\n \t\t\t\t}\n\n\nReferences\n----------\n\nThis vulnerability is tracked as CVE-2010-0740. \n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20100324.txt\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: OpenSSL: Multiple vulnerabilities\n     Date: October 09, 2011\n     Bugs: #303739, #308011, #322575, #332027, #345767, #347623,\n           #354139, #382069\n       ID: 201110-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities were found in OpenSSL, allowing for the\nexecution of arbitrary code and other attacks. \n\nBackground\n==========\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer\n(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general\npurpose cryptography library. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-libs/openssl             \u003c 1.0.0e                  \u003e= 1.0.0e\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA context-dependent attacker could cause a Denial of Service, possibly\nexecute arbitrary code, bypass intended key requirements, force the\ndowngrade to unintended ciphers, bypass the need for knowledge of\nshared secrets and successfully authenticate, bypass CRL validation, or\nobtain sensitive information in applications that use OpenSSL. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-1.0.0e\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 17, 2011. It is likely that your system is\nalready no longer affected by most of these issues. \n\nReferences\n==========\n\n[  1 ] CVE-2009-3245\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3245\n[  2 ] CVE-2009-4355\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4355\n[  3 ] CVE-2010-0433\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0433\n[  4 ] CVE-2010-0740\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0740\n[  5 ] CVE-2010-0742\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0742\n[  6 ] CVE-2010-1633\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1633\n[  7 ] CVE-2010-2939\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2939\n[  8 ] CVE-2010-3864\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3864\n[  9 ] CVE-2010-4180\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4180\n[ 10 ] CVE-2010-4252\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4252\n[ 11 ] CVE-2011-0014\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0014\n[ 12 ] CVE-2011-3207\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3207\n[ 13 ] CVE-2011-3210\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3210\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02079216\nVersion: 1\n\nHPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-04-13\nLast Updated: 2010-04-13\n\nPotential Security Impact: Remote unauthorized information disclosure, unauthorized data modification, Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities has been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely for unauthorized information disclosure, unauthorized data modification, and to create a Denial of Service (DoS). \n\nReferences: CVE-2009-3245, CVE-2009-3555, CVE-2009-4355, CVE-2010-0433, CVE-2010-0740. \nHP-UX B.11.11, B.11.23, B.11.31 running OpenSSL before vA.00.09.08n. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2009-3245    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2009-3555    (AV:N/AC:L/Au:N/C:N/I:P/A:P)        6.4\nCVE-2009-4355    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2010-0433    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2010-0740    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location. \n\nHost / Account / Password\n\nftp.usa.hp.com / sb02517 / Secure12\n\nHP-UX Release / Depot Name / SHA-1 digest\n\nB.11.11 PA (32 and 64) / OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot /\n 2FE85DEE859C93F9D02A69666A455E9A7442DC5D\n\nB.11.23 (PA and IA) / OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot /\n 69F9AEE88F89C53FFE6794822F6A843F312384CD\n\nB.11.31 (PA and IA) / OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot /\n 07A205AA57B4BDF98B65D31287CDCBE3B9F011D5\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08n or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.001 or subsequent\n\nHP-UX B.11.23\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.002 or subsequent\n\nHP-UX B.11.31\n==================\nopenssl.OPENSSL-CER\nopenssl.OPENSSL-CONF\nopenssl.OPENSSL-DOC\nopenssl.OPENSSL-INC\nopenssl.OPENSSL-LIB\nopenssl.OPENSSL-MAN\nopenssl.OPENSSL-MIS\nopenssl.OPENSSL-PRNG\nopenssl.OPENSSL-PVT\nopenssl.OPENSSL-RUN\nopenssl.OPENSSL-SRC\naction: install revision A.00.09.08n.003 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 13 April 2010 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n    -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n    -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkvE61EACgkQ4B86/C0qfVkXUQCg5DunZ1ZsghQGw/5ot7rFpqk1\nU+IAnjlb/EweXqml7TOdX8En10UGC1Km\n=XScD\n-----END PGP SIGNATURE-----\n. Apache-based Web Server is contained in the Apache Web Server Suite. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. \n \n Packages for 2008.0 and 2009.0 are provided due to the Extended\n Maintenance Program for those products. \n\n Update:\n\n Packages for 2009.0 are provided due to the Extended Maintenance\n Program. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.0:\n 1f42cf30ee84314be4125a070709d239  2009.0/i586/libopenssl0.9.8-0.9.8h-3.7mdv2009.0.i586.rpm\n 372bffd962ced1965c33b752def70b8b  2009.0/i586/libopenssl0.9.8-devel-0.9.8h-3.7mdv2009.0.i586.rpm\n ace965066796e71bf4ecf4af6bc831c5  2009.0/i586/libopenssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.i586.rpm\n a6e08ca29b012c695e0763f6fd15fac1  2009.0/i586/openssl-0.9.8h-3.7mdv2009.0.i586.rpm \n 1e1164ec8615415e325166d13c4248cc  2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n f6748700d01abc7e33053e339575cede  2009.0/x86_64/lib64openssl0.9.8-0.9.8h-3.7mdv2009.0.x86_64.rpm\n b53a75b4c732a3371a3bcd0e8ed47481  2009.0/x86_64/lib64openssl0.9.8-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\n 187bff89c19e2d65ccc5c640a32d0cc7  2009.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8h-3.7mdv2009.0.x86_64.rpm\n 1d6f6fca3b51e498359cbbbde07a4a0e  2009.0/x86_64/openssl-0.9.8h-3.7mdv2009.0.x86_64.rpm \n 1e1164ec8615415e325166d13c4248cc  2009.0/SRPMS/openssl-0.9.8h-3.7mdv2009.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLzKP9mqjQ0CJFipgRAsUVAJkBjISC/NXul8GxUaeiBPsnb6gRNQCgt+ty\nX3hfPZSWARaTxUmX7P/4FDM=\n=FrW5\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "BID",
        "id": "39013"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      },
      {
        "db": "PACKETSTORM",
        "id": "169649"
      },
      {
        "db": "PACKETSTORM",
        "id": "105638"
      },
      {
        "db": "PACKETSTORM",
        "id": "88621"
      },
      {
        "db": "PACKETSTORM",
        "id": "88387"
      },
      {
        "db": "PACKETSTORM",
        "id": "90263"
      },
      {
        "db": "PACKETSTORM",
        "id": "88698"
      }
    ],
    "trust": 2.52
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=12334",
        "trust": 0.1,
        "type": "exploit"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-0740",
        "trust": 3.4
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0710",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1023748",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-1216",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0933",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0839",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "42733",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "39932",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "42724",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "43311",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.0696",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "39013",
        "trust": 0.3
      },
      {
        "db": "EXPLOIT-DB",
        "id": "12334",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0740",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169649",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "105638",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88621",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88387",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "90263",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88698",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      },
      {
        "db": "BID",
        "id": "39013"
      },
      {
        "db": "PACKETSTORM",
        "id": "169649"
      },
      {
        "db": "PACKETSTORM",
        "id": "105638"
      },
      {
        "db": "PACKETSTORM",
        "id": "88621"
      },
      {
        "db": "PACKETSTORM",
        "id": "88387"
      },
      {
        "db": "PACKETSTORM",
        "id": "90263"
      },
      {
        "db": "PACKETSTORM",
        "id": "88698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "id": "VAR-201003-0281",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.44448256
  },
  "last_update_date": "2026-03-09T21:35:57.491000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "HT4723",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT4723"
      },
      {
        "title": "HPSBUX02517",
        "trust": 0.8,
        "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02079216"
      },
      {
        "title": "HPSBUX02531",
        "trust": 0.8,
        "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02160663"
      },
      {
        "title": "5092",
        "trust": 0.8,
        "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5092"
      },
      {
        "title": "5101",
        "trust": 0.8,
        "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=5101"
      },
      {
        "title": "secadv_20100324",
        "trust": 0.8,
        "url": "http://www.openssl.org/news/secadv_20100324.txt"
      },
      {
        "title": "VMSA-2011-0003",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
      },
      {
        "title": "openssl-0.9.8n",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=155"
      },
      {
        "title": "Debian CVElist Bug Report Logs: CVE-2010-0740: openssl denial-of-service",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=f6760a316bfc017e8e4b03c469542809"
      },
      {
        "title": "Symantec Security Advisories: SA50 : Multiple SSL/TLS vulnerabilities in Reporter",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=1e934b8269c86666c1ebc108ca0e3d35"
      },
      {
        "title": "VMware Security Advisories: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=ea953b0a91a1816979ec1d304d5e3d93"
      },
      {
        "title": "deepdig",
        "trust": 0.1,
        "url": "https://github.com/cyberdeception/deepdig "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2010/0710"
      },
      {
        "trust": 2.5,
        "url": "http://www.securitytracker.com/id?1023748"
      },
      {
        "trust": 2.0,
        "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
      },
      {
        "trust": 2.0,
        "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa50"
      },
      {
        "trust": 1.8,
        "url": "http://www.openssl.org/news/secadv_20100324.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2010/0839"
      },
      {
        "trust": 1.7,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-april/038587.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2010/0933"
      },
      {
        "trust": 1.7,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:076"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2010/1216"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/39932"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/42733"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/42724"
      },
      {
        "trust": 1.7,
        "url": "http://www.vmware.com/security/advisories/vmsa-2011-0003.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
      },
      {
        "trust": 1.7,
        "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000101.html"
      },
      {
        "trust": 1.7,
        "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-january/000102.html"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/43311"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2011//jun/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht4723"
      },
      {
        "trust": 1.7,
        "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
      },
      {
        "trust": 1.7,
        "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
      },
      {
        "trust": 1.7,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11731"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
      },
      {
        "trust": 1.0,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0740"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu976710"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0740"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3245"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.sun.com/security/entry/cve_2010_0433_openssl_with"
      },
      {
        "trust": 0.3,
        "url": "http://www.openbsd.org/errata45.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.openbsd.org/errata46.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.openbsd.org/errata47.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.openssl.org"
      },
      {
        "trust": 0.3,
        "url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00024\u0026languageid=en-fr"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/510726"
      },
      {
        "trust": 0.3,
        "url": "http://voodoo-circle.sourceforge.net/sa/sa-20100624-02.html"
      },
      {
        "trust": 0.3,
        "url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11504.html"
      },
      {
        "trust": 0.3,
        "url": "https://support.f5.com/kb/en-us/solutions/public/11000/500/sol11533.html"
      },
      {
        "trust": 0.3,
        "url": "http://openssl.org/news/secadv_20100324.txt"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4355"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3245"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0433"
      },
      {
        "trust": 0.2,
        "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
      },
      {
        "trust": 0.2,
        "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
      },
      {
        "trust": 0.2,
        "url": "https://www.hp.com/go/swa"
      },
      {
        "trust": 0.2,
        "url": "http://h30046.www3.hp.com/subsignin.php"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20139"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.exploit-db.com/exploits/12334/"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/cyberdeception/deepdig"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0742"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4355"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4180"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3207"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3864"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2939"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1633"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3210"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0740"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201110-01.xml"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3245"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-0433"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0014"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4252"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
      },
      {
        "trust": 0.1,
        "url": "http://software.hp.com"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740"
      },
      {
        "db": "BID",
        "id": "39013"
      },
      {
        "db": "PACKETSTORM",
        "id": "169649"
      },
      {
        "db": "PACKETSTORM",
        "id": "105638"
      },
      {
        "db": "PACKETSTORM",
        "id": "88621"
      },
      {
        "db": "PACKETSTORM",
        "id": "88387"
      },
      {
        "db": "PACKETSTORM",
        "id": "90263"
      },
      {
        "db": "PACKETSTORM",
        "id": "88698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0740",
        "ident": null
      },
      {
        "db": "BID",
        "id": "39013",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "169649",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "105638",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "88621",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "88387",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "90263",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "88698",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0740",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2010-03-26T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-0740",
        "ident": null
      },
      {
        "date": "2010-03-24T00:00:00",
        "db": "BID",
        "id": "39013",
        "ident": null
      },
      {
        "date": "2010-03-24T12:12:12",
        "db": "PACKETSTORM",
        "id": "169649",
        "ident": null
      },
      {
        "date": "2011-10-09T16:42:00",
        "db": "PACKETSTORM",
        "id": "105638",
        "ident": null
      },
      {
        "date": "2010-04-19T20:27:54",
        "db": "PACKETSTORM",
        "id": "88621",
        "ident": null
      },
      {
        "date": "2010-04-15T22:26:05",
        "db": "PACKETSTORM",
        "id": "88387",
        "ident": null
      },
      {
        "date": "2010-06-04T04:25:14",
        "db": "PACKETSTORM",
        "id": "90263",
        "ident": null
      },
      {
        "date": "2010-04-20T15:07:58",
        "db": "PACKETSTORM",
        "id": "88698",
        "ident": null
      },
      {
        "date": "2010-03-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-393",
        "ident": null
      },
      {
        "date": "2010-04-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001227",
        "ident": null
      },
      {
        "date": "2010-03-26T18:30:00.467000",
        "db": "NVD",
        "id": "CVE-2010-0740",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-10-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-0740",
        "ident": null
      },
      {
        "date": "2015-04-13T22:05:00",
        "db": "BID",
        "id": "39013",
        "ident": null
      },
      {
        "date": "2023-04-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-393",
        "ident": null
      },
      {
        "date": "2011-06-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001227",
        "ident": null
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-0740",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "88621"
      },
      {
        "db": "PACKETSTORM",
        "id": "88698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      }
    ],
    "trust": 0.8
  },
  "title": {
    "_id": null,
    "data": "OpenSSL of  ssl3_get_record Service disruption in functions  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001227"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-393"
      }
    ],
    "trust": 0.6
  }
}

VAR-201808-0958

Vulnerability from variot - Updated: 2026-03-09 20:38

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Multiple Intel Processors are prone to a multiple information-disclosure vulnerabilities. Local attackers can exploit these issues to obtain sensitive information. This may aid in further attacks. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2390-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2390 Issue date: 2018-08-14 CVE Names: CVE-2017-0861 CVE-2017-15265 CVE-2018-3620 CVE-2018-3646 CVE-2018-3693 CVE-2018-7566 CVE-2018-10901 CVE-2018-1000004 ==================================================================== 1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3693)

  • kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)

  • kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861)

  • kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)

  • kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)

  • kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Intel OSSIRT (Intel.com) for reporting CVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl Waldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693; and Vegard Nossum (Oracle Corporation) for reporting CVE-2018-10901.

Bug Fix(es):

  • The Least recently used (LRU) operations are batched by caching pages in per-cpu page vectors to prevent contention of the heavily used lru_lock spinlock. The page vectors can hold even the compound pages. Previously, the page vectors were cleared only if they were full. Subsequently, the amount of memory held in page vectors, which is not reclaimable, was sometimes too high. Consequently the page reclamation started the Out of Memory (OOM) killing processes. With this update, the underlying source code has been fixed to clear LRU page vectors each time when a compound page is added to them. As a result, OOM killing processes due to high amounts of memory held in page vectors no longer occur. (BZ#1575819)

  • Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port() 1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service 1550142 - CVE-2018-7566 kernel: race condition in snd_seq_write() may lead to UAF or OOB-access 1563994 - CVE-2017-0861 kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation 1581650 - CVE-2018-3693 Kernel: speculative bounds check bypass store 1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF) 1601849 - CVE-2018-10901 kernel: kvm: vmx: host GDT limit corruption

  1. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source: kernel-2.6.32-754.3.5.el6.src.rpm

i386: kernel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-devel-2.6.32-754.3.5.el6.i686.rpm kernel-headers-2.6.32-754.3.5.el6.i686.rpm perf-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

noarch: kernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm kernel-doc-2.6.32-754.3.5.el6.noarch.rpm kernel-firmware-2.6.32-754.3.5.el6.noarch.rpm

x86_64: kernel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm kernel-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-headers-2.6.32-754.3.5.el6.x86_64.rpm perf-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386: kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

x86_64: kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source: kernel-2.6.32-754.3.5.el6.src.rpm

noarch: kernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm kernel-doc-2.6.32-754.3.5.el6.noarch.rpm kernel-firmware-2.6.32-754.3.5.el6.noarch.rpm

x86_64: kernel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm kernel-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-headers-2.6.32-754.3.5.el6.x86_64.rpm perf-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64: kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source: kernel-2.6.32-754.3.5.el6.src.rpm

i386: kernel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-devel-2.6.32-754.3.5.el6.i686.rpm kernel-headers-2.6.32-754.3.5.el6.i686.rpm perf-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

noarch: kernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm kernel-doc-2.6.32-754.3.5.el6.noarch.rpm kernel-firmware-2.6.32-754.3.5.el6.noarch.rpm

ppc64: kernel-2.6.32-754.3.5.el6.ppc64.rpm kernel-bootwrapper-2.6.32-754.3.5.el6.ppc64.rpm kernel-debug-2.6.32-754.3.5.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm kernel-debug-devel-2.6.32-754.3.5.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.3.5.el6.ppc64.rpm kernel-devel-2.6.32-754.3.5.el6.ppc64.rpm kernel-headers-2.6.32-754.3.5.el6.ppc64.rpm perf-2.6.32-754.3.5.el6.ppc64.rpm perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm

s390x: kernel-2.6.32-754.3.5.el6.s390x.rpm kernel-debug-2.6.32-754.3.5.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.s390x.rpm kernel-debug-devel-2.6.32-754.3.5.el6.s390x.rpm kernel-debuginfo-2.6.32-754.3.5.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.3.5.el6.s390x.rpm kernel-devel-2.6.32-754.3.5.el6.s390x.rpm kernel-headers-2.6.32-754.3.5.el6.s390x.rpm kernel-kdump-2.6.32-754.3.5.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.3.5.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.3.5.el6.s390x.rpm perf-2.6.32-754.3.5.el6.s390x.rpm perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm

x86_64: kernel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm kernel-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-headers-2.6.32-754.3.5.el6.x86_64.rpm perf-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386: kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

ppc64: kernel-debug-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.3.5.el6.ppc64.rpm perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm python-perf-2.6.32-754.3.5.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm

s390x: kernel-debug-debuginfo-2.6.32-754.3.5.el6.s390x.rpm kernel-debuginfo-2.6.32-754.3.5.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.3.5.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.3.5.el6.s390x.rpm perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm python-perf-2.6.32-754.3.5.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm

x86_64: kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source: kernel-2.6.32-754.3.5.el6.src.rpm

i386: kernel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-devel-2.6.32-754.3.5.el6.i686.rpm kernel-headers-2.6.32-754.3.5.el6.i686.rpm perf-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

noarch: kernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm kernel-doc-2.6.32-754.3.5.el6.noarch.rpm kernel-firmware-2.6.32-754.3.5.el6.noarch.rpm

x86_64: kernel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm kernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm kernel-devel-2.6.32-754.3.5.el6.x86_64.rpm kernel-headers-2.6.32-754.3.5.el6.x86_64.rpm perf-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386: kernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm python-perf-2.6.32-754.3.5.el6.i686.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm

x86_64: kernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm python-perf-2.6.32-754.3.5.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2017-0861 https://access.redhat.com/security/cve/CVE-2017-15265 https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/cve/CVE-2018-3693 https://access.redhat.com/security/cve/CVE-2018-7566 https://access.redhat.com/security/cve/CVE-2018-10901 https://access.redhat.com/security/cve/CVE-2018-1000004 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/L1TF

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBW3Me0NzjgjWX9erEAQhkDBAAjGcoEad9NOtCUJqgDcVHLArXg9OKAloW +BaoAYrYtzH3h9teocV6U3mYaxhwu2Cd13JlbKJsc8BLRzHUSZpwxjcsewCzjx2u dotwAksPej7L3U/U5YPSJ37r/OP+ni7trT1dtEmCI578QHFZB6+4/qK/1aYM+biQ EI0BoaSMV6RDo9u+U6zPgk8L7ugMhWs2PCXbtV7koyg563tasvo5jWlfVYNVD1fz cKTzsTwVQwirynWa2mvtaI+vaslYX3x9Zn6dJ2VEzpD4w6tU54/sViaetmLnSOir ZVdtkeO0pdEBO2YUr+Igc+ZOtLdGpzOjkQVQMBG+YE6bDdynYYFrxkPcNPeB1f1K 2bTNHA/FnirFDOII3JuYEqg8TXdh8NYRZ4a8rqchGo2JCeh5Q5LnhJDYWJv2HbTW TZUQY/nStRfWVpygQJV72GJENICnRVjjQ5D569KFBopnK0iXWLpxlf3dmp5Lvdg2 0rBVnnclfQCQVxZvOiZ3s0wkA9d0o7v4pDN2YgTRDlU4nzI3xE4jh0Sevsn4tVco ePUubCuxhjQfxJswBPoZA8Al3GGlSxOMKFHO6HscnnAh6YL5LVusx4PpJt4Y3tjW Vf8Rk4bFbn+M0RtVM+vnFGjWAr7w6iKvRya8y0LzElfAtpeedcnuxfJGtecT73IZ /6fv2MlabwY=kAUc -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Corrected: 2018-08-14 17:51:12 UTC (stable/11, 11.1-STABLE) 2018-08-15 02:30:11 UTC (releng/11.2, 11.2-RELEASE-p2) 2018-08-15 02:30:11 UTC (releng/11.1, 11.1-RELEASE-p13) CVE Name: CVE-2018-3620, CVE-2018-3646

Special Note: Speculative execution vulnerability mitigation remains a work in progress. This advisory addresses the issue in FreeBSD 11.1 and later.

For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . Background

When a program accesses data in memory via a logical address it is translated to a physical address in RAM by the CPU. Accessing an unmapped logical address results in what is known as a terminal fault.

II. The CPU may speculatively access the level 1 data cache (L1D). Data which would otherwise be protected may then be determined by using side channel methods.

This issue affects bhyve on FreeBSD/amd64 systems.

III. Impact

An attacker executing user code, or kernel code inside of a virtual machine, may be able to read secret data from the kernel or from another virtual machine.

IV. Workaround

No workaround is available.

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

freebsd-update fetch

freebsd-update install

shutdown -r +30 "Rebooting for security update"

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

[FreeBSD 11.2]

fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch

fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch.asc

gpg --verify l1tf-11.2.patch.asc

[FreeBSD 11.1]

fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.1.patch

fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.1.patch.asc

gpg --verify l1tf-11.1.patch.asc

b) Apply the patch. Execute the following commands as root:

cd /usr/src

patch < /path/to/patch

c) Recompile your kernel as described in and reboot the system.

VI. Correction details

CVE-2018-3620 (L1 Terminal Fault-OS)

FreeBSD reserves the the memory page at physical address 0, so it will not contain secret data. FreeBSD zeros the paging data structures for unmapped addresses, so that speculatively executed L1 Terminal Faults will access only the reserved, unused page.

The following list contains the correction revision numbers for each affected branch.

Branch/path Revision

stable/11/ r337794 releng/11.1/ r337828 releng/11.2/ r337828

To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:

svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

VII. ========================================================================== Ubuntu Security Notice USN-3742-3 August 21, 2018

linux-lts-trusty regressions

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 ESM

Summary:

USN-3742-2 introduced regressions in the Linux Hardware Enablement (HWE) kernel for Ubuntu 12.04 ESM.

Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM

Details:

USN-3742-2 introduced mitigations in the Linux Hardware Enablement (HWE) kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault (L1TF) vulnerabilities (CVE-2018-3620, CVE-2018-3646). Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems.

We apologize for the inconvenience.

Original advisory details:

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646)

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. (CVE-2018-3620)

Andrey Konovalov discovered an out-of-bounds read in the POSIX timers subsystem in the Linux kernel. (CVE-2017-18344)

Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. (CVE-2018-5390)

Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service. (CVE-2018-5391)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM: linux-image-3.13.0-156-generic 3.13.0-156.206~precise1 linux-image-3.13.0-156-generic-lpae 3.13.0-156.206~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.156.146 linux-image-generic-lts-trusty 3.13.0.156.146

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. 6.5) - x86_64

  1. Gentoo Linux Security Advisory GLSA 201810-06
                                       https://security.gentoo.org/

Severity: Normal Title: Xen: Multiple vulnerabilities Date: October 30, 2018 Bugs: #643350, #655188, #655544, #659442 ID: 201810-06

Synopsis

Multiple vulnerabilities have been found in Xen, the worst of which could cause a Denial of Service condition.

Background

Xen is a bare-metal hypervisor.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/xen < 4.10.1-r2 >= 4.10.1-r2 2 app-emulation/xen-tools < 4.10.1-r2 >= 4.10.1-r2 ------------------------------------------------------------------- 2 affected packages

Description

Multiple vulnerabilities have been discovered in Xen. Please review the referenced CVE identifiers for details.

Resolution

All Xen users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.10.1-r2"

All Xen tools users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.10.1-r2"

References

[ 1 ] CVE-2017-5715 https://nvd.nist.gov/vuln/detail/CVE-2017-5715 [ 2 ] CVE-2017-5753 https://nvd.nist.gov/vuln/detail/CVE-2017-5753 [ 3 ] CVE-2017-5754 https://nvd.nist.gov/vuln/detail/CVE-2017-5754 [ 4 ] CVE-2018-10471 https://nvd.nist.gov/vuln/detail/CVE-2018-10471 [ 5 ] CVE-2018-10472 https://nvd.nist.gov/vuln/detail/CVE-2018-10472 [ 6 ] CVE-2018-10981 https://nvd.nist.gov/vuln/detail/CVE-2018-10981 [ 7 ] CVE-2018-10982 https://nvd.nist.gov/vuln/detail/CVE-2018-10982 [ 8 ] CVE-2018-12891 https://nvd.nist.gov/vuln/detail/CVE-2018-12891 [ 9 ] CVE-2018-12892 https://nvd.nist.gov/vuln/detail/CVE-2018-12892 [ 10 ] CVE-2018-12893 https://nvd.nist.gov/vuln/detail/CVE-2018-12893 [ 11 ] CVE-2018-15468 https://nvd.nist.gov/vuln/detail/CVE-2018-15468 [ 12 ] CVE-2018-15469 https://nvd.nist.gov/vuln/detail/CVE-2018-15469 [ 13 ] CVE-2018-15470 https://nvd.nist.gov/vuln/detail/CVE-2018-15470 [ 14 ] CVE-2018-3620 https://nvd.nist.gov/vuln/detail/CVE-2018-3620 [ 15 ] CVE-2018-3646 https://nvd.nist.gov/vuln/detail/CVE-2018-3646 [ 16 ] CVE-2018-5244 https://nvd.nist.gov/vuln/detail/CVE-2018-5244 [ 17 ] CVE-2018-7540 https://nvd.nist.gov/vuln/detail/CVE-2018-7540 [ 18 ] CVE-2018-7541 https://nvd.nist.gov/vuln/detail/CVE-2018-7541 [ 19 ] CVE-2018-7542 https://nvd.nist.gov/vuln/detail/CVE-2018-7542

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201810-06

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "930"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2655le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y31"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6585r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8550u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150t"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10c"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "740qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920xm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3630qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4720hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4000m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2405s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8100"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2435m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3380m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2410m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3317u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700ec"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3339y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "460m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2620m"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y32"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "950"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2960xm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "840qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4500u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4400e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5750hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2760qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "650"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6685r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "970"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5550u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3225"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6260u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "875k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350h"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3840qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4308u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2920xm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2340ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712mq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y30"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3230m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2720qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775c"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3227u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "760"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "*"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5557u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5157u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2629m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2380p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5257u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700mq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640lm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600t"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y57"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "820qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2675qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5300u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3475s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310u"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2637m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5200u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "580m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4260u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4750hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4785t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4722hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5500u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8650u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2375m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770te"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "670"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "960"
      },
      {
        "_id": null,
        "model": "core m7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y75"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2102"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610me"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2700k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "470um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2649m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6402p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "610e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4950hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2300"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660lm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2390t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2617m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2515e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3667u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2467m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2557m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4578u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4800mq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "350m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2550k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3689y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4910mq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6287u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3350p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4202y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3437u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700eq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7500u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8250u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2320"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6157u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4550u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3520m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7660u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4410e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980x"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y51"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2430m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2357m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6006u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4158u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3360m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2348m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4012y"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y70"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4771"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3229y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5650u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "480m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620lm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4278u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3130m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6200u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4510u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200m"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y71"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2125"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3427u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5575r"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4558u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710mq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y30"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2630qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4422e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3320m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3245"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2510e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2312m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3632qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5015u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6267u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3687u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3635qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6167u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7567u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4765t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "965"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3115c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5287u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940xm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660ue"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "975"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2635qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4760hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "655k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200h"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "990x"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450p"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4102e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4960hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4810mq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5950hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6442eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3439y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2365m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6098p"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120me"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7560u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3110m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4288u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y75"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4900mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2537m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6102e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3555le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5020u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "661"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2677m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4302y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4258u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3337u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2657m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5010u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2377m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2115c"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2710qe"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "880"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3820qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2520m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4120u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2350m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4220y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2367m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3740qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6350hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4980hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6320"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2715qe"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4020y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2130"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "450m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850hq"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10a"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2610ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "390m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2328m"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y54"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2105"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4025u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6360u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7920hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3537u"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "2.0"
      },
      {
        "_id": null,
        "model": "proliant dl560 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "5.2"
      },
      {
        "_id": null,
        "model": "vcenter server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.7"
      },
      {
        "_id": null,
        "model": "proliant ml350e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant m710p server cartridge",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl170h g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl260a gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant ml330 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "core x-series processor family for intel platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "x990"
      },
      {
        "_id": null,
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "cloudline cl5800 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e7 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v40"
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "18030"
      },
      {
        "_id": null,
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.6"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.1.6"
      },
      {
        "_id": null,
        "model": "proliant ml150 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.5"
      },
      {
        "_id": null,
        "model": "proliant xl170r gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant sl160z g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl560 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.5"
      },
      {
        "_id": null,
        "model": "proliant xl190r gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.2.3"
      },
      {
        "_id": null,
        "model": "proliant xl750f gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.4"
      },
      {
        "_id": null,
        "model": "sgi uv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "20000"
      },
      {
        "_id": null,
        "model": "xeon processor scalable family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 g3 807s 12g 8sff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor d-2100",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl180 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e5 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v20"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.0"
      },
      {
        "_id": null,
        "model": "virtualization host",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "_id": null,
        "model": "proliant sl170z g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant m710 server cartridge",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl370 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "proliant dl180 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.2.2"
      },
      {
        "_id": null,
        "model": "proliant dl360p gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant ml310e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "v20"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.0.3"
      },
      {
        "_id": null,
        "model": "proliant bl280c g6 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.4.3"
      },
      {
        "_id": null,
        "model": "proliant ml370 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.3.1"
      },
      {
        "_id": null,
        "model": "proliant bl460c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0.6"
      },
      {
        "_id": null,
        "model": "proliant bl460c g6 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant thin micro tm200 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl380e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl620c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl4100 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.0.1"
      },
      {
        "_id": null,
        "model": "xenserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.5"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.2"
      },
      {
        "_id": null,
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.7"
      },
      {
        "_id": null,
        "model": "enterprise linux server update services for sap solutions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "proliant ml350 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.6"
      },
      {
        "_id": null,
        "model": "proliant dl120 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5"
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20120"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.5.3"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.2.3"
      },
      {
        "_id": null,
        "model": "skynas",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl160 gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1017030"
      },
      {
        "_id": null,
        "model": "core x-series processor family for intel platforms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "x2990"
      },
      {
        "_id": null,
        "model": "proliant xl250a gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.2.0"
      },
      {
        "_id": null,
        "model": "enterprise linux for arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "647"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.1.4"
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "17090"
      },
      {
        "_id": null,
        "model": "c880 m5 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "proliant ws460c gen9 workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0.5"
      },
      {
        "_id": null,
        "model": "proliant dl120 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl380 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl685c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.4.0"
      },
      {
        "_id": null,
        "model": "enterprise linux server update services for sap solutions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7."
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1018030"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.0.4"
      },
      {
        "_id": null,
        "model": "2nd generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.1"
      },
      {
        "_id": null,
        "model": "enterprise linux for real time",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.5"
      },
      {
        "_id": null,
        "model": "cloudline cl5200 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "56000"
      },
      {
        "_id": null,
        "model": "proliant ml110 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "proliant bl490c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.1.1"
      },
      {
        "_id": null,
        "model": "proliant dl385 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "36000"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.0"
      },
      {
        "_id": null,
        "model": "windows server r2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20120"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm z systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.11"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v20"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "55000"
      },
      {
        "_id": null,
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.7"
      },
      {
        "_id": null,
        "model": "xeon processor e5 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v40"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.3.2"
      },
      {
        "_id": null,
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.1.2"
      },
      {
        "_id": null,
        "model": "synergy gen9 compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4800"
      },
      {
        "_id": null,
        "model": "proliant dl580 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.5"
      },
      {
        "_id": null,
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "6.1"
      },
      {
        "_id": null,
        "model": "synergy gen9 compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6200"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.1"
      },
      {
        "_id": null,
        "model": "synergy gen10 compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "4800"
      },
      {
        "_id": null,
        "model": "proliant dl160 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl3100 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant ml150 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "5th generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "c880 m4 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "_id": null,
        "model": "apollo gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "42000"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.4.2"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.3"
      },
      {
        "_id": null,
        "model": "proliant dl580 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "7th generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "3rd generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.0.3"
      },
      {
        "_id": null,
        "model": "vsphere integrated containers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.2"
      },
      {
        "_id": null,
        "model": "windows server r2 for x64-based systems sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2008"
      },
      {
        "_id": null,
        "model": "cloudline cl2200 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vsphere integrated containers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.3.1"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.8"
      },
      {
        "_id": null,
        "model": "windows server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2016"
      },
      {
        "_id": null,
        "model": "sgi uv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "3000"
      },
      {
        "_id": null,
        "model": "esxi",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.7"
      },
      {
        "_id": null,
        "model": "enterprise linux for power little endian extended update supp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.5"
      },
      {
        "_id": null,
        "model": "enterprise linux for power little endian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "integrity superdome with bl920s gen9 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "x0"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.7"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 g3 806r 8sff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.6"
      },
      {
        "_id": null,
        "model": "windows server for x64-based systems sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2008"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.3.0"
      },
      {
        "_id": null,
        "model": "operating system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux for power little endian extended update supp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "proliant dl980 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "xeon processor e5 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v30"
      },
      {
        "_id": null,
        "model": "proliant sl210t gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "sgi uv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "10000"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 g3 407s 12g 4lff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e7 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.0.2"
      },
      {
        "_id": null,
        "model": "core i3 processor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "6th generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.2.5"
      },
      {
        "_id": null,
        "model": "superdome flex server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vsphere integrated containers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.3"
      },
      {
        "_id": null,
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "_id": null,
        "model": "virtual machine manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v40"
      },
      {
        "_id": null,
        "model": "proliant ml110 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.2.2"
      },
      {
        "_id": null,
        "model": "proliant dl580 gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "identity manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.1"
      },
      {
        "_id": null,
        "model": "proliant ml30 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm system z",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "integrity mc990 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "x0"
      },
      {
        "_id": null,
        "model": "proliant ml110 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.10"
      },
      {
        "_id": null,
        "model": "proliant bl490c g6 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl360 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant m710x server cartridge",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "virtualization els",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1017090"
      },
      {
        "_id": null,
        "model": "proliant ml350 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl320 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "integrity superdome with bl920s gen8 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "x0"
      },
      {
        "_id": null,
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.0"
      },
      {
        "_id": null,
        "model": "proliant xl270d gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl660c gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "8th generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl190r gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl450 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.5"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.1.4"
      },
      {
        "_id": null,
        "model": "proliant bl680c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.6.1"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1018030"
      },
      {
        "_id": null,
        "model": "4th generation core processors",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl180 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl450 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux for power little endian extended update supp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "8.10"
      },
      {
        "_id": null,
        "model": "proliant sl160s g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl380 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl170e g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl460c gen8 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.4"
      },
      {
        "_id": null,
        "model": "enterprise linux server tus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "proliant dl380 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows for 32-bit systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "8.10"
      },
      {
        "_id": null,
        "model": "system management mode",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xenserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "75000"
      },
      {
        "_id": null,
        "model": "xenserver ltsr cu1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "cloudline cl5200 g3 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.4.1"
      },
      {
        "_id": null,
        "model": "proliant dl360 g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v30"
      },
      {
        "_id": null,
        "model": "rhev hypervisor for rhel-6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl360 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.4.4"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.5"
      },
      {
        "_id": null,
        "model": "vsphere integrated containers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.3.1"
      },
      {
        "_id": null,
        "model": "proliant dl360 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v50"
      },
      {
        "_id": null,
        "model": "virtualization els",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6"
      },
      {
        "_id": null,
        "model": "proliant sl2x170z g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows for 32-bit systems sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "7"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "management agent for rhel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "70"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1016070"
      },
      {
        "_id": null,
        "model": "proliant dl360e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "core i7 processor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.3.1"
      },
      {
        "_id": null,
        "model": "windows server for 32-bit systems sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2008"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.7"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.0.0"
      },
      {
        "_id": null,
        "model": "proliant bl2x220c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "dsm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "synology",
        "version": "6.2"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.5"
      },
      {
        "_id": null,
        "model": "vcenter server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0"
      },
      {
        "_id": null,
        "model": "virtualization",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.2.4"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.2.4.1"
      },
      {
        "_id": null,
        "model": "synergy gen9 compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "cloudline cl2200 g3 1211r lff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "120"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.9"
      },
      {
        "_id": null,
        "model": "windows version for 32-bit systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1017090"
      },
      {
        "_id": null,
        "model": "enterprise linux server extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.0.2"
      },
      {
        "_id": null,
        "model": "proliant ml350p gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "synergy gen10 compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.0.4"
      },
      {
        "_id": null,
        "model": "enterprise linux for power big endian",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.2.0"
      },
      {
        "_id": null,
        "model": "proliant bl460c gen10 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl320e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant ml110 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl420c gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.4.0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.4"
      },
      {
        "_id": null,
        "model": "xenserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.4"
      },
      {
        "_id": null,
        "model": "proliant ml350 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant microserver gen8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl580 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.1"
      },
      {
        "_id": null,
        "model": "xeon processor d-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "sgi uv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "30000"
      },
      {
        "_id": null,
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.4"
      },
      {
        "_id": null,
        "model": "vsphere integrated containers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.1"
      },
      {
        "_id": null,
        "model": "proliant sl170s g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "ucs e-series servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux server update services for sap solutions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.2"
      },
      {
        "_id": null,
        "model": "enterprise linux for scientific computing",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v60"
      },
      {
        "_id": null,
        "model": "proliant bl660c gen8 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-6.7"
      },
      {
        "_id": null,
        "model": "300h",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "core i5 processor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl560 gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl380p gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.1.3"
      },
      {
        "_id": null,
        "model": "enterprise linux for ibm z systems extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "windows rt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.3.0"
      },
      {
        "_id": null,
        "model": "proliant xl270d gen9 accelerator tray 2u configure-to-order serv",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux eus compute node",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.4"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.3.0"
      },
      {
        "_id": null,
        "model": "vcenter server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.1.1"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.4.1"
      },
      {
        "_id": null,
        "model": "proliant sl390s g7 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl230a gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xeon processor e3 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl730f gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "_id": null,
        "model": "virtual machine manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl460c gen9 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl60 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.1.5"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.6.3"
      },
      {
        "_id": null,
        "model": "xeon processor e7 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v20"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "34000"
      },
      {
        "_id": null,
        "model": "proliant dl120 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.2.1"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.1.2"
      },
      {
        "_id": null,
        "model": "xeon processor e7 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "v30"
      },
      {
        "_id": null,
        "model": "software guard extensions",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "synergy gen9 special compute module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6200"
      },
      {
        "_id": null,
        "model": "proliant bl2x220c g6 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant xl740f gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl3100 g3 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 g3 807s sff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "80"
      },
      {
        "_id": null,
        "model": "proliant xl230k gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "100"
      },
      {
        "_id": null,
        "model": "cloudline cl2200 g3 12g 1211r 12lff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.1"
      },
      {
        "_id": null,
        "model": "xenserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.0"
      },
      {
        "_id": null,
        "model": "vsphere data protection",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.0.7"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "3.2.1"
      },
      {
        "_id": null,
        "model": "enterprise linux for power",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "97"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "enterprise linux for power big endian extended update support",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "-7.3"
      },
      {
        "_id": null,
        "model": "cloudline cl3150 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "vrealize automation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.2"
      },
      {
        "_id": null,
        "model": "proliant xl170r gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl380 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "core m processor family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "10.1"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.5.0"
      },
      {
        "_id": null,
        "model": "xen",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "xen",
        "version": "4.1.2"
      },
      {
        "_id": null,
        "model": "proliant dl120 gen10 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1016070"
      },
      {
        "_id": null,
        "model": "xeon processor e5 family",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "0"
      },
      {
        "_id": null,
        "model": "300rl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "cloudline cl2100 g3 407s lff",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "40"
      },
      {
        "_id": null,
        "model": "enterprise linux server aus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6.6"
      },
      {
        "_id": null,
        "model": "xeon processor series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "intel",
        "version": "65000"
      },
      {
        "_id": null,
        "model": "proliant dl80 gen9 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "windows version for x64-based systems",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1017030"
      },
      {
        "_id": null,
        "model": "proliant ml310e gen8 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant dl160 g6 server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      },
      {
        "_id": null,
        "model": "proliant bl465c g7 server blade",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "BID",
        "id": "105080"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148898"
      },
      {
        "db": "PACKETSTORM",
        "id": "149143"
      },
      {
        "db": "PACKETSTORM",
        "id": "149142"
      },
      {
        "db": "PACKETSTORM",
        "id": "148946"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      }
    ],
    "trust": 0.5
  },
  "cve": "CVE-2018-3620",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2018-3620",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-133651",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "id": "CVE-2018-3620",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-3620",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-133651",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. Multiple Intel Processors are prone to a multiple information-disclosure vulnerabilities. \nLocal attackers can exploit these issues to obtain sensitive information. This may aid in further attacks. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2018:2390-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2018:2390\nIssue date:        2018-08-14\nCVE Names:         CVE-2017-0861 CVE-2017-15265 CVE-2018-3620\n                   CVE-2018-3646 CVE-2018-3693 CVE-2018-7566\n                   CVE-2018-10901 CVE-2018-1000004\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Modern operating systems implement virtualization of physical memory to\nefficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was found\nin the way the x86 microprocessor designs have implemented speculative\nexecution of instructions (a commonly used performance optimisation) in\ncombination with handling of page-faults caused by terminated virtual to\nphysical address resolving process. As a result, an unprivileged attacker\ncould use this flaw to read privileged memory of the kernel or other\nprocesses and/or cross guest/host boundaries to read host memory by\nconducting targeted cache side-channel attacks. (CVE-2018-3620,\nCVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions past bounds\ncheck. The flaw relies on the presence of a precisely-defined instruction\nsequence in the privileged code and the fact that memory writes occur to an\naddress which depends on the untrusted value. Such writes cause an update\ninto the microprocessor\u0027s data cache even for speculatively executed\ninstructions that never actually commit (retire). As a result, an\nunprivileged attacker could use this flaw to influence speculative\nexecution and/or read privileged memory by conducting targeted cache\nside-channel attacks. (CVE-2018-3693)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\n* kernel: Use-after-free in snd_pcm_info function in ALSA subsystem\npotentially leads to privilege escalation (CVE-2017-0861)\n\n* kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or OOB-access\n(CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service\n(CVE-2018-1000004)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nRed Hat would like to thank Intel OSSIRT (Intel.com) for reporting\nCVE-2018-3620 and CVE-2018-3646; Vladimir Kiriansky (MIT) and Carl\nWaldspurger (Carl Waldspurger Consulting) for reporting CVE-2018-3693; and\nVegard Nossum (Oracle Corporation) for reporting CVE-2018-10901. \n\nBug Fix(es):\n\n* The Least recently used (LRU) operations are batched by caching pages in\nper-cpu page vectors to prevent contention of the heavily used lru_lock\nspinlock. The page vectors can hold even the compound pages. Previously,\nthe page vectors were cleared only if they were full. Subsequently, the\namount of memory held in page vectors, which is not reclaimable, was\nsometimes too high. Consequently the page reclamation started the Out of\nMemory (OOM) killing processes. With this update, the underlying source\ncode has been fixed to clear LRU page vectors each time when a compound\npage is added to them. As a result, OOM killing processes due to high\namounts of memory held in page vectors no longer occur. (BZ#1575819)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port()\n1535315 - CVE-2018-1000004 kernel: Race condition in sound system can lead to denial of service\n1550142 - CVE-2018-7566 kernel: race condition in snd_seq_write() may lead to UAF or OOB-access\n1563994 - CVE-2017-0861 kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation\n1581650 - CVE-2018-3693 Kernel: speculative bounds check bypass store\n1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)\n1601849 - CVE-2018-10901 kernel: kvm: vmx: host GDT limit corruption\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nkernel-2.6.32-754.3.5.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-headers-2.6.32-754.3.5.el6.i686.rpm\nperf-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm\nkernel-doc-2.6.32-754.3.5.el6.noarch.rpm\nkernel-firmware-2.6.32-754.3.5.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-headers-2.6.32-754.3.5.el6.x86_64.rpm\nperf-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nkernel-2.6.32-754.3.5.el6.src.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm\nkernel-doc-2.6.32-754.3.5.el6.noarch.rpm\nkernel-firmware-2.6.32-754.3.5.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-headers-2.6.32-754.3.5.el6.x86_64.rpm\nperf-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nkernel-2.6.32-754.3.5.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-headers-2.6.32-754.3.5.el6.i686.rpm\nperf-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm\nkernel-doc-2.6.32-754.3.5.el6.noarch.rpm\nkernel-firmware-2.6.32-754.3.5.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debug-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-devel-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-headers-2.6.32-754.3.5.el6.ppc64.rpm\nperf-2.6.32-754.3.5.el6.ppc64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debug-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-754.3.5.el6.s390x.rpm\nkernel-devel-2.6.32-754.3.5.el6.s390x.rpm\nkernel-headers-2.6.32-754.3.5.el6.s390x.rpm\nkernel-kdump-2.6.32-754.3.5.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-754.3.5.el6.s390x.rpm\nperf-2.6.32-754.3.5.el6.s390x.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-headers-2.6.32-754.3.5.el6.x86_64.rpm\nperf-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-754.3.5.el6.ppc64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\npython-perf-2.6.32-754.3.5.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-754.3.5.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\npython-perf-2.6.32-754.3.5.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nkernel-2.6.32-754.3.5.el6.src.rpm\n\ni386:\nkernel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-headers-2.6.32-754.3.5.el6.i686.rpm\nperf-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nnoarch:\nkernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm\nkernel-doc-2.6.32-754.3.5.el6.noarch.rpm\nkernel-firmware-2.6.32-754.3.5.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm\nkernel-debug-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-devel-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-headers-2.6.32-754.3.5.el6.x86_64.rpm\nperf-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-754.3.5.el6.i686.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\npython-perf-2.6.32-754.3.5.el6.i686.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.i686.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-754.3.5.el6.x86_64.rpm\nperf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-2.6.32-754.3.5.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-754.3.5.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-0861\nhttps://access.redhat.com/security/cve/CVE-2017-15265\nhttps://access.redhat.com/security/cve/CVE-2018-3620\nhttps://access.redhat.com/security/cve/CVE-2018-3646\nhttps://access.redhat.com/security/cve/CVE-2018-3693\nhttps://access.redhat.com/security/cve/CVE-2018-7566\nhttps://access.redhat.com/security/cve/CVE-2018-10901\nhttps://access.redhat.com/security/cve/CVE-2018-1000004\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/L1TF\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBW3Me0NzjgjWX9erEAQhkDBAAjGcoEad9NOtCUJqgDcVHLArXg9OKAloW\n+BaoAYrYtzH3h9teocV6U3mYaxhwu2Cd13JlbKJsc8BLRzHUSZpwxjcsewCzjx2u\ndotwAksPej7L3U/U5YPSJ37r/OP+ni7trT1dtEmCI578QHFZB6+4/qK/1aYM+biQ\nEI0BoaSMV6RDo9u+U6zPgk8L7ugMhWs2PCXbtV7koyg563tasvo5jWlfVYNVD1fz\ncKTzsTwVQwirynWa2mvtaI+vaslYX3x9Zn6dJ2VEzpD4w6tU54/sViaetmLnSOir\nZVdtkeO0pdEBO2YUr+Igc+ZOtLdGpzOjkQVQMBG+YE6bDdynYYFrxkPcNPeB1f1K\n2bTNHA/FnirFDOII3JuYEqg8TXdh8NYRZ4a8rqchGo2JCeh5Q5LnhJDYWJv2HbTW\nTZUQY/nStRfWVpygQJV72GJENICnRVjjQ5D569KFBopnK0iXWLpxlf3dmp5Lvdg2\n0rBVnnclfQCQVxZvOiZ3s0wkA9d0o7v4pDN2YgTRDlU4nzI3xE4jh0Sevsn4tVco\nePUubCuxhjQfxJswBPoZA8Al3GGlSxOMKFHO6HscnnAh6YL5LVusx4PpJt4Y3tjW\nVf8Rk4bFbn+M0RtVM+vnFGjWAr7w6iKvRya8y0LzElfAtpeedcnuxfJGtecT73IZ\n/6fv2MlabwY=kAUc\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \nCorrected:      2018-08-14 17:51:12 UTC (stable/11, 11.1-STABLE)\n                2018-08-15 02:30:11 UTC (releng/11.2, 11.2-RELEASE-p2)\n                2018-08-15 02:30:11 UTC (releng/11.1, 11.1-RELEASE-p13)\nCVE Name:       CVE-2018-3620, CVE-2018-3646\n\nSpecial Note:   Speculative execution vulnerability mitigation remains a work\n                in progress.  This advisory addresses the issue in FreeBSD\n                11.1 and later. \n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:https://security.FreeBSD.org/\u003e.   Background\n\nWhen a program accesses data in memory via a logical address it is translated\nto a physical address in RAM by the CPU.  Accessing an unmapped logical\naddress results in what is known as a terminal fault. \n\nII.  The CPU may speculatively access the level 1 data cache (L1D).  Data\nwhich would otherwise be protected may then be determined by using side\nchannel methods. \n\nThis issue affects bhyve on FreeBSD/amd64 systems. \n\nIII. Impact\n\nAn attacker executing user code, or kernel code inside of a virtual machine,\nmay be able to read secret data from the kernel or from another virtual\nmachine. \n\nIV.  Workaround\n\nNo workaround is available. \n\nV.   Solution\n\nUpgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date,\nand reboot. \n\nPerform one of the following:\n\n1) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n# shutdown -r +30 \"Rebooting for security update\"\n\n2) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 11.2]\n# fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch\n# fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch.asc\n# gpg --verify l1tf-11.2.patch.asc\n\n[FreeBSD 11.1]\n# fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.1.patch\n# fetch https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.1.patch.asc\n# gpg --verify l1tf-11.1.patch.asc\n\nb) Apply the patch.  Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n\nc) Recompile your kernel as described in\n\u003cURL:https://www.FreeBSD.org/handbook/kernelconfig.html\u003e and reboot the\nsystem. \n\nVI.  Correction details\n\nCVE-2018-3620 (L1 Terminal Fault-OS)\n- ------------------------------------\nFreeBSD reserves the the memory page at physical address 0, so it will not\ncontain secret data.  FreeBSD zeros the paging data structures for unmapped\naddresses, so that speculatively executed L1 Terminal Faults will access only\nthe reserved, unused page. \n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path                                                      Revision\n- -------------------------------------------------------------------------\nstable/11/                                                        r337794\nreleng/11.1/                                                      r337828\nreleng/11.2/                                                      r337828\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\n\u003cURL:https://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\u003e\n\nVII. ==========================================================================\nUbuntu Security Notice USN-3742-3\nAugust 21, 2018\n\nlinux-lts-trusty regressions\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nUSN-3742-2 introduced regressions in the Linux Hardware Enablement\n(HWE) kernel for Ubuntu 12.04 ESM. \n\nSoftware Description:\n- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM\n\nDetails:\n\nUSN-3742-2 introduced mitigations in the Linux Hardware Enablement\n(HWE) kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault (L1TF)\nvulnerabilities (CVE-2018-3620, CVE-2018-3646). Unfortunately, the\nupdate introduced regressions that caused kernel panics when booting\nin some environments as well as preventing Java applications from\nstarting. This update fixes the problems. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that memory present in the L1 data cache of an Intel CPU\n core may be exposed to a malicious process that is executing on the CPU\n core. A local\n attacker in a guest virtual machine could use this to expose sensitive\n information (memory from other guests or the host OS). (CVE-2018-3646)\n\n It was discovered that memory present in the L1 data cache of an Intel CPU\n core may be exposed to a malicious process that is executing on the CPU\n core. (CVE-2018-3620)\n\n Andrey Konovalov discovered an out-of-bounds read in the POSIX\n timers subsystem in the Linux kernel. (CVE-2017-18344)\n\n Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel\n performed algorithmically expensive operations in some situations when\n handling incoming packets. A remote attacker could use this to cause a\n denial of service. (CVE-2018-5390)\n\n Juha-Matti Tilli discovered that the IP implementation in the Linux kernel\n performed algorithmically expensive operations in some situations when\n handling incoming packet fragments. A remote attacker could use this to\n cause a denial of service. (CVE-2018-5391)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n  linux-image-3.13.0-156-generic  3.13.0-156.206~precise1\n  linux-image-3.13.0-156-generic-lpae  3.13.0-156.206~precise1\n  linux-image-generic-lpae-lts-trusty  3.13.0.156.146\n  linux-image-generic-lts-trusty  3.13.0.156.146\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. 6.5) - x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201810-06\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Xen: Multiple vulnerabilities\n     Date: October 30, 2018\n     Bugs: #643350, #655188, #655544, #659442\n       ID: 201810-06\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncould cause a Denial of Service condition. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/xen          \u003c 4.10.1-r2              \u003e= 4.10.1-r2\n  2  app-emulation/xen-tools    \u003c 4.10.1-r2              \u003e= 4.10.1-r2\n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nreferenced CVE identifiers for details. \n\nResolution\n==========\n\nAll Xen users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.10.1-r2\"\n\nAll Xen tools users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.10.1-r2\"\n\nReferences\n==========\n\n[  1 ] CVE-2017-5715\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5715\n[  2 ] CVE-2017-5753\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5753\n[  3 ] CVE-2017-5754\n       https://nvd.nist.gov/vuln/detail/CVE-2017-5754\n[  4 ] CVE-2018-10471\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10471\n[  5 ] CVE-2018-10472\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10472\n[  6 ] CVE-2018-10981\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10981\n[  7 ] CVE-2018-10982\n       https://nvd.nist.gov/vuln/detail/CVE-2018-10982\n[  8 ] CVE-2018-12891\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12891\n[  9 ] CVE-2018-12892\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12892\n[ 10 ] CVE-2018-12893\n       https://nvd.nist.gov/vuln/detail/CVE-2018-12893\n[ 11 ] CVE-2018-15468\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15468\n[ 12 ] CVE-2018-15469\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15469\n[ 13 ] CVE-2018-15470\n       https://nvd.nist.gov/vuln/detail/CVE-2018-15470\n[ 14 ] CVE-2018-3620\n       https://nvd.nist.gov/vuln/detail/CVE-2018-3620\n[ 15 ] CVE-2018-3646\n       https://nvd.nist.gov/vuln/detail/CVE-2018-3646\n[ 16 ] CVE-2018-5244\n       https://nvd.nist.gov/vuln/detail/CVE-2018-5244\n[ 17 ] CVE-2018-7540\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7540\n[ 18 ] CVE-2018-7541\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7541\n[ 19 ] CVE-2018-7542\n       https://nvd.nist.gov/vuln/detail/CVE-2018-7542\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201810-06\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2018 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      },
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "BID",
        "id": "105080"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148898"
      },
      {
        "db": "PACKETSTORM",
        "id": "148936"
      },
      {
        "db": "PACKETSTORM",
        "id": "149143"
      },
      {
        "db": "PACKETSTORM",
        "id": "149024"
      },
      {
        "db": "PACKETSTORM",
        "id": "149142"
      },
      {
        "db": "PACKETSTORM",
        "id": "148946"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      }
    ],
    "trust": 2.88
  },
  "exploit_availability": {
    "_id": null,
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-133651",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      }
    ]
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-3620",
        "trust": 2.4
      },
      {
        "db": "CERT/CC",
        "id": "VU#982149",
        "trust": 2.2
      },
      {
        "db": "BID",
        "id": "105080",
        "trust": 1.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-608355",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-254686",
        "trust": 1.1
      },
      {
        "db": "LENOVO",
        "id": "LEN-24163",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1041451",
        "trust": 1.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148946",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "149142",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "148914",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "148936",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "149143",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "148908",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148976",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148903",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148934",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148897",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148916",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150376",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148912",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148901",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148952",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148913",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "149010",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148902",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148941",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-133651",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148915",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148898",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "149024",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148906",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150083",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      },
      {
        "db": "BID",
        "id": "105080"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148898"
      },
      {
        "db": "PACKETSTORM",
        "id": "148936"
      },
      {
        "db": "PACKETSTORM",
        "id": "149143"
      },
      {
        "db": "PACKETSTORM",
        "id": "149024"
      },
      {
        "db": "PACKETSTORM",
        "id": "149142"
      },
      {
        "db": "PACKETSTORM",
        "id": "148946"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      }
    ]
  },
  "id": "VAR-201808-0958",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      }
    ],
    "trust": 0.8258663754545454
  },
  "last_update_date": "2026-03-09T20:38:45.862000Z",
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-203",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.0,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
      },
      {
        "trust": 1.9,
        "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
      },
      {
        "trust": 1.9,
        "url": "https://foreshadowattack.eu/"
      },
      {
        "trust": 1.4,
        "url": "https://www.kb.cert.org/vuls/id/982149"
      },
      {
        "trust": 1.4,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180814-cpusidechannel"
      },
      {
        "trust": 1.4,
        "url": "http://xenbits.xen.org/xsa/advisory-273.html"
      },
      {
        "trust": 1.4,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018"
      },
      {
        "trust": 1.3,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03874en_us"
      },
      {
        "trust": 1.2,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2390"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2393"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2404"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2602"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2603"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/105080"
      },
      {
        "trust": 1.1,
        "url": "http://support.lenovo.com/us/en/solutions/len-24163"
      },
      {
        "trust": 1.1,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
      },
      {
        "trust": 1.1,
        "url": "http://www.vmware.com/security/advisories/vmsa-2018-0021.html"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
      },
      {
        "trust": 1.1,
        "url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0009"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
      },
      {
        "trust": 1.1,
        "url": "https://support.f5.com/csp/article/k95275140"
      },
      {
        "trust": 1.1,
        "url": "https://www.synology.com/support/security/synology_sa_18_45"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4274"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2018/dsa-4279"
      },
      {
        "trust": 1.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:09.l1tf.asc"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2384"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2387"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2388"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2389"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2391"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2392"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2394"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2395"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2396"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2402"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2018:2403"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1041451"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3740-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3740-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3741-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3741-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3742-1/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3742-2/"
      },
      {
        "trust": 1.1,
        "url": "https://usn.ubuntu.com/3823-1/"
      },
      {
        "trust": 1.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
      },
      {
        "trust": 1.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
      },
      {
        "trust": 0.8,
        "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/bulck"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/dam/www/public/us/en/documents/sa00115-microcode-update-guidance.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2018-3620"
      },
      {
        "trust": 0.8,
        "url": "https://access.redhat.com/security/cve/cve-2018-3646"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.5,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.5,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.3,
        "url": "http://www.intel.com/content/www/us/en/homepage.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.3,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585005"
      },
      {
        "trust": 0.3,
        "url": "http://xenbits.xenproject.org/xsa/advisory-289.html"
      },
      {
        "trust": 0.3,
        "url": "https://www.synology.com/en-global/support/security/synology_sa_18_45"
      },
      {
        "trust": 0.3,
        "url": "https://www.vmware.com/in/security/advisories/vmsa-2018-0020.html"
      },
      {
        "trust": 0.3,
        "url": "https://www.vmware.com/in/security/advisories/vmsa-2018-0021.html"
      },
      {
        "trust": 0.3,
        "url": "http://xenbits.xenproject.org/xsa/advisory-289.txt"
      },
      {
        "trust": 0.3,
        "url": "https://support.citrix.com/article/ctx236548"
      },
      {
        "trust": 0.3,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5391"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5390"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/vulnerabilities/l1tf"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18344"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10901"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-10901"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03874en_us"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3742-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-155.205"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-133.159"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1094.102"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3741-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1098.103"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1065.75"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1031.37"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15265"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-15265"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-7566"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7566"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-3693"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-1000004"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-0861"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-0861"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3693"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000004"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/\u003e."
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:09/l1tf-11.1.patch"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:09/l1tf-11.2.patch"
      },
      {
        "trust": 0.1,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:09.l1tf.asc\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:09/l1tf-11.2.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "https://security.freebsd.org/patches/sa-18:09/l1tf-11.1.patch.asc"
      },
      {
        "trust": 0.1,
        "url": "https://www.freebsd.org/handbook/kernelconfig.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3620\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3646\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3742-2"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3742-3"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787258"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787127"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/2974891"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5244"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7542"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12892"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10471"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12891"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5753"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12893"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10982"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15469"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10472"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10981"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5715"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15468"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-15470"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7541"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7540"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133651"
      },
      {
        "db": "BID",
        "id": "105080"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148898"
      },
      {
        "db": "PACKETSTORM",
        "id": "148936"
      },
      {
        "db": "PACKETSTORM",
        "id": "149143"
      },
      {
        "db": "PACKETSTORM",
        "id": "149024"
      },
      {
        "db": "PACKETSTORM",
        "id": "149142"
      },
      {
        "db": "PACKETSTORM",
        "id": "148946"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "PACKETSTORM",
        "id": "150083"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-133651",
        "ident": null
      },
      {
        "db": "BID",
        "id": "105080",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148915",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148914",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148898",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148936",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "149143",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "149024",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "149142",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148946",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148906",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "150083",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3620",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-08-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133651",
        "ident": null
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "BID",
        "id": "105080",
        "ident": null
      },
      {
        "date": "2018-08-15T04:42:52",
        "db": "PACKETSTORM",
        "id": "148915",
        "ident": null
      },
      {
        "date": "2018-08-15T04:42:46",
        "db": "PACKETSTORM",
        "id": "148914",
        "ident": null
      },
      {
        "date": "2018-08-15T04:37:29",
        "db": "PACKETSTORM",
        "id": "148898",
        "ident": null
      },
      {
        "date": "2018-08-15T17:09:03",
        "db": "PACKETSTORM",
        "id": "148936",
        "ident": null
      },
      {
        "date": "2018-08-29T20:32:22",
        "db": "PACKETSTORM",
        "id": "149143",
        "ident": null
      },
      {
        "date": "2018-08-21T20:20:00",
        "db": "PACKETSTORM",
        "id": "149024",
        "ident": null
      },
      {
        "date": "2018-08-30T23:36:28",
        "db": "PACKETSTORM",
        "id": "149142",
        "ident": null
      },
      {
        "date": "2018-08-15T17:17:34",
        "db": "PACKETSTORM",
        "id": "148946",
        "ident": null
      },
      {
        "date": "2018-08-15T04:40:04",
        "db": "PACKETSTORM",
        "id": "148906",
        "ident": null
      },
      {
        "date": "2018-10-31T01:14:40",
        "db": "PACKETSTORM",
        "id": "150083",
        "ident": null
      },
      {
        "date": "2018-08-14T19:29:00.793000",
        "db": "NVD",
        "id": "CVE-2018-3620",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-09-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133651",
        "ident": null
      },
      {
        "date": "2019-01-24T11:00:00",
        "db": "BID",
        "id": "105080",
        "ident": null
      },
      {
        "date": "2024-11-21T04:05:47.007000",
        "db": "NVD",
        "id": "CVE-2018-3620",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "105080"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      }
    ],
    "trust": 0.5
  },
  "title": {
    "_id": null,
    "data": "Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "105080"
      }
    ],
    "trust": 0.3
  }
}

VAR-201808-0957

Vulnerability from variot - Updated: 2026-03-09 20:08

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. 7.2) - noarch, x86_64

  1. Description:

The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. (CVE-2018-3620, CVE-2018-3646)

  • A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra

macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following:

afpserver Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A remote attacker may be able to attack AFP servers through HTTP clients Description: An input validation issue was addressed with improved input validation. CVE-2018-4295: Jianjun Chen (@whucjj) from Tsinghua University and UC Berkeley

AppleGraphicsControl Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4410: an anonymous researcher working with Trend Micro's Zero Day Initiative

AppleGraphicsControl Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4417: Lee of the Information Security Lab Yonsei University working with Trend Micro's Zero Day Initiative

APR Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2017-12613: Craig Young of Tripwire VERT CVE-2017-12618: Craig Young of Tripwire VERT

ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend Micro's Zero Day Initiative

ATS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4308: Mohamed Ghannam (@_simo36)

CFNetwork Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative

CoreAnimation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4415: Liang Zhuo working with Beyond Security's SecuriTeam Secure Disclosure

CoreCrypto Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum

CoreFoundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC)

CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: In certain configurations, a remote attacker may be able to replace the message content from the print server with arbitrary content Description: An injection issue was addressed with improved validation. CVE-2018-4153: Michael Hanselmann of hansmi.ch

CUPS Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4406: Michael Hanselmann of hansmi.ch

Dictionary Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Parsing a maliciously crafted dictionary file may lead to disclosure of user information Description: A validation issue existed which allowed local file access. This was addressed with input sanitization. CVE-2018-4346: Wojciech ReguAa (@_r3ggi) of SecuRing

Dock Available for: macOS Mojave 10.14 Impact: A malicious application may be able to access restricted files Description: This issue was addressed by removing additional entitlements. CVE-2018-4403: Patrick Wardle of Digita Security

dyld Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. This ensures that older data read from recently-written-to addresses cannot be read via a speculative side-channel. CVE-2018-3639: Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken Johnson of the Microsoft Security Response Center (MSRC)

EFI Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: A local user may be able to modify protected parts of the file system Description: A configuration issue was addressed with additional restrictions. CVE-2018-4342: Timothy Perfitt of Twocanoes Software

Foundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck)

Grand Central Dispatch Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad

Heimdal Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. Wenisch of University of Michigan, Mark Silberstein and Marina Minkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens of KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu of Intel Corporation, Yuval Yarom of The University of Adelaide

Hypervisor Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team

ICU Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4394: an anonymous researcher

Intel Graphics Driver Available for: macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4334: Ian Beer of Google Project Zero

Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4396: Yu Wang of Didi Research America CVE-2018-4418: Yu Wang of Didi Research America

Intel Graphics Driver Available for: macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4350: Yu Wang of Didi Research America

IOGraphics Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4422: an anonymous researcher working with Trend Micro's Zero Day Initiative

IOHIDFamily Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero

IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4402: Proteas of Qihoo 360 Nirvan Team

IOKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero

IOUserEthernet Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple

IPSec Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group

Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2018-4420: Mohamed Ghannam (@_simo36)

Kernel Available for: macOS High Sierra 10.13.6 Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane)

Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4419: Mohamed Ghannam (@_simo36) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative

Kernel Available for: macOS Sierra 10.12.6 Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com CVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com

Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security Team

Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd.

Kernel Available for: macOS Mojave 10.14 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4424: Dr. Silvio Cesare of InfoSect

Login Window Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4348: Ken Gannon of MWR InfoSecurity and Christian Demko of MWR InfoSecurity

Mail Available for: macOS Mojave 10.14 Impact: Processing a maliciously crafted mail message may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4389: Dropbox Offensive Security Team, Theodor Ragnar Gislason of Syndis

mDNSOffloadUserClient Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team

MediaRemote Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel. CVE-2018-3640: Innokentiy Sennovskiy from BiZone LLC (bi.zone), Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com)

NetworkExtension Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy Description: A logic issue was addressed with improved state management. CVE-2018-4369: an anonymous researcher

Perl Available for: macOS Sierra 10.12.6 Impact: Multiple buffer overflow issues existed in Perl Description: Multiple issues in Perl were addressed with improved memory handling. CVE-2018-6797: Brian Carpenter

Ruby Available for: macOS Sierra 10.12.6 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple issues in Ruby were addressed in this update. CVE-2017-898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780

Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Processing a maliciously crafted S/MIME signed message may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.

Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security

Spotlight Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4393: Lufeng Li

Symptom Framework Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative

WiFi Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische UniversitA$?t Darmstadt

Additional recognition

Calendar We would like to acknowledge an anonymous researcher for their assistance.

iBooks We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance.

Kernel We would like to acknowledge Brandon Azad for their assistance.

LaunchServices We would like to acknowledge Alok Menghrajani of Square for their assistance.

Quick Look We would like to acknowledge lokihardt of Google Project Zero for their assistance.

Security We would like to acknowledge Marinos Bernitsas of Parachute for their assistance.

Terminal We would like to acknowledge an anonymous researcher for their assistance.

Installation note:

macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EcGQ// QbUbTOZRgxcStGZjs+qdXjeaXI6i1MKaky7o/iYCXf87crFu79PCsXyPU1jeMvoS tgDxz7ornlyaxR4wcSYzfcuIeY2ZH+dkxc7JJHQbKTW1dWYHpXUUzzNm+Ay/Gtk+ 2EIAgJ9oUf8FARR5cmcKBZfLFVdc40vpM3bBCV4m2Kr5KiDsqZKdZTujBQRccAsO HKRbhDecw0WX/CfEbLprs86uIXFMIoifhmh8LMebjzIQn2ozoFG6R31vMMHeDpir zf0xlVCJrJy/XywmkodhBWWrUWcM0hfsJ8EmyIBwFEYUxFhOV3D+x3rStd2kjyNL LG9oWclxDkjImQXdrL8IRAQfZvcVQFZK2vSGCYfRN0LY105sxjPjeIsJ0RORzcSN 2mlDR1UuTosk0GleDbmhv/ornfOc537UebwuHVWU5LpPNFkvY1Cv8zPrQAHewuod TmktkNuv2x2fgw9g7ntE88UBF9JMC+Ofs/FgJ67RkoT4R39P7VvaztHlmxmr/rIw TrSs7TDVqciz+DOMRKxyNPI1cpXM5ITCTvgbY4+RWwaFJzfgY+Gc+sldvVcb1x9I LlsI19MA0bsvi+ReOcLbWYuEHaVhVqZ7LndxR9m2gJ39L9jff+dOsSlznF4OLs+S t7Rz6i2mOpe6vXobkTUmml3m3zYIhL3XcdcYpw3U0F8= =uhgi -----END PGP SIGNATURE----- . Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc.

To fully resolve these vulnerabilities it is also necessary to install updated CPU microcode (only available in Debian non-free). Common server class CPUs are covered in the update released as DSA 4273-1.

For the stable distribution (stretch), these problems have been fixed in version 4.9.110-3+deb9u3. ========================================================================= Ubuntu Security Notice USN-3742-2 August 14, 2018

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM.

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646)

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. (CVE-2018-3620)

Andrey Konovalov discovered an out-of-bounds read in the POSIX timers subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. A remote attacker could use this to cause a denial of service. (CVE-2018-5390)

Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service. (CVE-2018-5391)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM: linux-image-3.13.0-155-generic 3.13.0-155.206~precise1 linux-image-3.13.0-155-generic-lpae 3.13.0-155.206~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.155.145 linux-image-generic-lts-trusty 3.13.0.155.145

Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:2387-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2387 Issue date: 2018-08-14 CVE Names: CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 ==================================================================== 1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64

  1. Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646)

  • An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.

Bug Fix(es):

  • Previously, configurations with the little-endian variant of IBM Power Systems CPU architectures and Hard Disk Drives (HDD) designed according to Nonvolatile Memory Express (NVMe) open standards, experienced crashes during shutdown or reboot due to race conditions of CPUs. As a consequence, the sysfs pseudo file system threw a stack trace report about an attempt to create a duplicate entry in sysfs. This update modifies the source code so that the irq_dispose_mapping() function is called first and the msi_bitmap_free_hwirqs() function is called afterwards. As a result, the race condition no longer appears in the described scenario. (BZ#1570510)

  • When switching from the indirect branch speculation (IBRS) feature to the retpolines feature, the IBRS state of some CPUs was sometimes not handled correctly. Consequently, some CPUs were left with the IBRS Model-Specific Register (MSR) bit set to 1, which could lead to performance issues. With this update, the underlying source code has been fixed to clear the IBRS MSR bits correctly, thus fixing the bug. (BZ#1586147)

  • During a balloon reset, page pointers were not correctly initialized after unmapping the memory. Consequently, on the VMware ESXi hypervisor with "Fault Tolerance" and "ballooning" enabled, the following messages repeatedly occurred in the kernel log:

[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100() [3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)

With this update, the underlying source code has been fixed to initialize page pointers properly. As a result, the mm/vmalloc.c warnings no longer occur under the described circumstances. (BZ#1595600)

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1566890 - CVE-2018-3639 hw: cpu: speculative store bypass 1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)

  1. Package List:

Red Hat Enterprise Linux ComputeNode EUS (v. 7.4):

Source: kernel-3.10.0-693.37.4.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm

x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):

x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm

Red Hat Enterprise Linux Server EUS (v. 7.4):

Source: kernel-3.10.0-693.37.4.el7.src.rpm

noarch: kernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm kernel-doc-3.10.0-693.37.4.el7.noarch.rpm

ppc64: kernel-3.10.0-693.37.4.el7.ppc64.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm perf-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm

ppc64le: kernel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm perf-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm

s390x: kernel-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm kernel-devel-3.10.0-693.37.4.el7.s390x.rpm kernel-headers-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm kernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm perf-3.10.0-693.37.4.el7.s390x.rpm perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm python-perf-3.10.0-693.37.4.el7.s390x.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm

x86_64: kernel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-devel-3.10.0-693.37.4.el7.x86_64.rpm kernel-headers-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm perf-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional EUS (v. 7.4):

ppc64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm

ppc64le: kernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm

x86_64: kernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2018-3620 https://access.redhat.com/security/cve/CVE-2018-3639 https://access.redhat.com/security/cve/CVE-2018-3646 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/L1TF

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U OOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi dr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX 96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL VNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl SpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN RiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU lIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW iWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji uwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz mMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2 dsE8Ald7hA4=scjp -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.4) - x86_64

  1. (CVE-2018-3639)

  2. kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems.

We apologize for the inconvenience. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Bug Fix(es):

  • The kernel-rt packages have been upgraded to the 3.10.0-693.37.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1599860)

4

Show details on source website
To clipboard 

{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "930"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2655le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y31"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "550"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6585r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8550u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150t"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10c"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4150"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "740qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920xm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3630qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4720hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4000m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2405s"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8100"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2435m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3380m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2410m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6400t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3317u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700ec"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3339y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "460m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2620m"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y32"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "950"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2960xm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "840qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4500u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4160"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4400e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5750hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2760qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "650"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6685r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "970"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5550u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3225"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6260u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "875k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5350h"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3840qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4308u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2920xm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2340ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712mq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y30"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3230m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2720qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4130t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775c"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3227u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "760"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600"
      },
      {
        "_id": null,
        "model": "xeon",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "*"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5557u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5157u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2629m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2380p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5257u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700mq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640lm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600t"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y57"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "820qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2675qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5300u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8350k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3475s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340te"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310u"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4460s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2860qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2637m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5200u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "580m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4260u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5675r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4750hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4785t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4722hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5500u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8650u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2375m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3720qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4860hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2820qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2310e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770te"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "670"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "960"
      },
      {
        "_id": null,
        "model": "core m7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y75"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2102"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610me"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3610qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2700k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "470um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2649m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2600"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6402p"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "610e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4950hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2300"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "530"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660lm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2390t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2617m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2515e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "560m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3667u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2467m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4850hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5775r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2557m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4578u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4800mq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "350m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "870s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2550k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3689y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5700hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4910mq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hk"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4440"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6287u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3350p"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4202y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3437u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700eq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7500u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8250u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2320"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6157u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4100e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4370"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4550u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3520m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7660u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4410e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980x"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2670qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4340"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y51"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "640um"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "540m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770r"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2430m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2357m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3550s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7820hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6006u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4158u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3217ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3360m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4112e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2348m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4012y"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y70"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4771"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "520e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2120t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3229y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5650u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "980"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "480m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "620lm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "430m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3330s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4278u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3130m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6200u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4510u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2640m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200m"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y71"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2125"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2370m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3427u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5575r"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4558u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710mq"
      },
      {
        "_id": null,
        "model": "core m3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y30"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2630qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3517ue"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4422e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3320m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3245"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2510e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2312m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4310m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3632qm"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4710hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5015u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6267u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3687u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4300u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3635qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6167u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "860s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7567u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4765t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3240t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3340s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "965"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3115c"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5287u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "940xm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "660ue"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "975"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2635qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4670r"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qm"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4770k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4712hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4760hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "655k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4200h"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "990x"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2450p"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4102e"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8700"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8600k"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3615qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4960hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4810mq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7600u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3450s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "8400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5950hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4030y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4210h"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4360u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6442eq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3210m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3439y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6300u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2365m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850eq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6098p"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3120me"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7560u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4790k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3110m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4288u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "750s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3612qe"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3540m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7y75"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4900mq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2537m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6102e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3250"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3555le"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4350u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5020u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3220t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "661"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2677m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4302y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7700hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4258u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3337u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6600k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4330"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2100t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4610y"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2657m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100e"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2330m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5010u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5250u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4010u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2377m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4590t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690t"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2115c"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500k"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3470t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2710qe"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2400"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "880"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "920"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4700hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4170"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3820qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2520m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4120u"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2350m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4220y"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500te"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4650u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770k"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2367m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4110m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3740qm"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6350hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4430s"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4980hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6320"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5005u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4402ec"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "680um"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2715qe"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4020y"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2130"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "450m"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2500t"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4702hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5850hq"
      },
      {
        "_id": null,
        "model": "core m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "5y10a"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330e"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6500"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2610ue"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "390m"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2328m"
      },
      {
        "_id": null,
        "model": "core m5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6y54"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "380um"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "2105"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4025u"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4570t"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4690s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3570s"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6360u"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "7920hq"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "330m"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3770"
      },
      {
        "_id": null,
        "model": "core i3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6100"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "4870hq"
      },
      {
        "_id": null,
        "model": "core i5",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "6440hq"
      },
      {
        "_id": null,
        "model": "core i7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "3537u"
      },
      {
        "_id": null,
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148908"
      },
      {
        "db": "PACKETSTORM",
        "id": "148952"
      },
      {
        "db": "PACKETSTORM",
        "id": "148903"
      },
      {
        "db": "PACKETSTORM",
        "id": "148902"
      },
      {
        "db": "PACKETSTORM",
        "id": "148905"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-3646",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2018-3646",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "VHN-133677",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:M/AU:N/C:C/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.1,
            "id": "CVE-2018-3646",
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-3646",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-133677",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-3646",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. These attacks are known as L1 Terminal Fault: SGX, L1 Terminal Fault: OS/SMM, and L1 Terminal Fault: VMM. 7.2) - noarch, x86_64\n\n3. Description:\n\nThe RHV-M Virtual Appliance automates the process of installing and\nconfiguring the Red Hat Virtualization Manager. The appliance is available\nto download as an OVA file from the Customer Portal. (CVE-2018-3620,\nCVE-2018-3646)\n\n* A flaw named SegmentSmack was found in the way the Linux kernel handled\nspecially crafted TCP packets. A remote attacker could use this flaw to\ntrigger time and calculation expensive calls to tcp_collapse_ofo_queue()\nand tcp_prune_ofo_queue() functions by sending specially modified packets\nwithin ongoing TCP sessions which could lead to a CPU saturation and hence\na denial of service on the system. Maintaining the denial of service\ncondition requires continuous two-way TCP sessions to a reachable open\nport, thus the attacks cannot be performed using spoofed IP addresses. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001\nHigh Sierra, Security Update 2018-005 Sierra\n\nmacOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and\nSecurity Update 2018-005 Sierra are now available and address\nthe following:\n\nafpserver\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A remote attacker may be able to attack AFP servers through\nHTTP clients\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4295: Jianjun Chen (@whucjj) from Tsinghua University and UC\nBerkeley\n\nAppleGraphicsControl\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4410: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative\n\nAppleGraphicsControl\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4417: Lee of the Information Security Lab Yonsei University\nworking with Trend Micro\u0027s Zero Day Initiative\n\nAPR\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Multiple buffer overflow issues existed in Perl\nDescription: Multiple issues in Perl were addressed with improved\nmemory handling. \nCVE-2017-12613: Craig Young of Tripwire VERT\nCVE-2017-12618: Craig Young of Tripwire VERT\n\nATS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to elevate privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4411: lilang wu moony Li of Trend Micro working with Trend\nMicro\u0027s Zero Day Initiative\n\nATS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2018-4308: Mohamed Ghannam (@_simo36)\n\nCFNetwork\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\n\nCoreAnimation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4415: Liang Zhuo working with Beyond Security\u0027s SecuriTeam\nSecure Disclosure\n\nCoreCrypto\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An attacker may be able to exploit a weakness in the\nMiller-Rabin primality test to incorrectly identify prime numbers\nDescription: An issue existed in the method for determining prime\nnumbers. This issue was addressed by using pseudorandom bases for\ntesting of primes. \nCVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of\nRoyal Holloway, University of London, and Juraj Somorovsky of Ruhr\nUniversity, Bochum\n\nCoreFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to elevate privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4412: The UK\u0027s National Cyber Security Centre (NCSC)\n\nCUPS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: In certain configurations, a remote attacker may be able to\nreplace the message content from the print server with arbitrary\ncontent\nDescription: An injection issue was addressed with improved\nvalidation. \nCVE-2018-4153: Michael Hanselmann of hansmi.ch\n\nCUPS\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4406: Michael Hanselmann of hansmi.ch\n\nDictionary\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Parsing a maliciously crafted dictionary file may lead to\ndisclosure of user information\nDescription: A validation issue existed which allowed local file\naccess. This was addressed with input sanitization. \nCVE-2018-4346: Wojciech ReguAa (@_r3ggi) of SecuRing\n\nDock\nAvailable for: macOS Mojave 10.14\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed by removing additional\nentitlements. \nCVE-2018-4403: Patrick Wardle of Digita Security\n\ndyld\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: A malicious application may be able to elevate privileges\nDescription: A logic issue was addressed with improved validation. This ensures that older data read from\nrecently-written-to addresses cannot be read via a speculative\nside-channel. \nCVE-2018-3639: Jann Horn (@tehjh) of Google Project Zero (GPZ), Ken\nJohnson of the Microsoft Security Response Center (MSRC)\n\nEFI\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14\nImpact: A local user may be able to modify protected parts of the\nfile system\nDescription: A configuration issue was addressed with additional\nrestrictions. \nCVE-2018-4342: Timothy Perfitt of Twocanoes Software\n\nFoundation\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4304: jianan.huang (@Sevck)\n\nGrand Central Dispatch\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4426: Brandon Azad\n\nHeimdal\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas\nF. Wenisch of University of Michigan, Mark Silberstein and Marina\nMinkin of Technion, Raoul Strackx, Jo Van Bulck, and Frank Piessens\nof KU Leuven, Rodrigo Branco, Henrique Kawakami, Ke Sun, and Kekai Hu\nof Intel Corporation, Yuval Yarom of The University of Adelaide\n\nHypervisor\nAvailable for: macOS Sierra 10.12.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team\n\nICU\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: Processing a maliciously crafted string may lead to heap\ncorruption\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4394: an anonymous researcher\n\nIntel Graphics Driver\nAvailable for: macOS Sierra 10.12.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4334: Ian Beer of Google Project Zero\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4396: Yu Wang of Didi Research America\nCVE-2018-4418: Yu Wang of Didi Research America\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4350: Yu Wang of Didi Research America\n\nIOGraphics\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4422: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative\n\nIOHIDFamily\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation\nCVE-2018-4408: Ian Beer of Google Project Zero\n\nIOKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4402: Proteas of Qihoo 360 Nirvan Team\n\nIOKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4341: Ian Beer of Google Project Zero\nCVE-2018-4354: Ian Beer of Google Project Zero\n\nIOUserEthernet\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4401: Apple\n\nIPSec\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed by removing the\nvulnerable code. \nCVE-2018-4420: Mohamed Ghannam (@_simo36)\n\nKernel\nAvailable for: macOS High Sierra 10.13.6\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: An access issue existed with privileged API calls. This\nissue was addressed with additional restrictions. \nCVE-2018-4399: Fabiano Anemone (@anoane)\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4340: Mohamed Ghannam (@_simo36)\nCVE-2018-4419: Mohamed Ghannam (@_simo36)\nCVE-2018-4425: cc working with Trend Micro\u0027s Zero Day Initiative,\nJuwei Lin (@panicaII) of Trend Micro working with Trend Micro\u0027s Zero\nDay Initiative\n\nKernel\nAvailable for: macOS Sierra 10.12.6\nImpact: Mounting a maliciously crafted NFS network share may lead to\narbitrary code execution with system privileges\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com\nCVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An application may be able to read restricted memory\nDescription: A memory initialization issue was addressed with\nimproved memory handling. \nCVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security\nTeam\n\nKernel\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An attacker in a privileged network position may be able to\nexecute arbitrary code\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4407: Kevin Backhouse of Semmle Ltd. \n\nKernel\nAvailable for: macOS Mojave 10.14\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved size\nvalidation. \nCVE-2018-4424: Dr. Silvio Cesare of InfoSect\n\nLogin Window\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A local user may be able to cause a denial of service\nDescription: A validation issue was addressed with improved logic. \nCVE-2018-4348: Ken Gannon of MWR InfoSecurity and Christian Demko of\nMWR InfoSecurity\n\nMail\nAvailable for: macOS Mojave 10.14\nImpact: Processing a maliciously crafted mail message may lead to UI\nspoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4389: Dropbox Offensive Security Team, Theodor Ragnar\nGislason of Syndis\n\nmDNSOffloadUserClient\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4326: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team\n\nMediaRemote\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions. This ensures that implementation specific system\nregisters cannot be leaked via a speculative execution side-channel. \nCVE-2018-3640: Innokentiy Sennovskiy from BiZone LLC (bi.zone),\nZdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (sysgo.com)\n\nNetworkExtension\nAvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14\nImpact: Connecting to a VPN server may leak DNS queries to a DNS\nproxy\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2018-4369: an anonymous researcher\n\nPerl\nAvailable for: macOS Sierra 10.12.6\nImpact: Multiple buffer overflow issues existed in Perl\nDescription: Multiple issues in Perl were addressed with improved\nmemory handling. \nCVE-2018-6797: Brian Carpenter\n\nRuby\nAvailable for: macOS Sierra 10.12.6\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple issues in Ruby were addressed in this update. \nCVE-2017-898\nCVE-2017-10784\nCVE-2017-14033\nCVE-2017-14064\nCVE-2017-17405\nCVE-2017-17742\nCVE-2018-6914\nCVE-2018-8777\nCVE-2018-8778\nCVE-2018-8779\nCVE-2018-8780\n\nSecurity\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: Processing a maliciously crafted S/MIME signed message may\nlead to a denial of service\nDescription: A validation issue was addressed with improved logic. \nCVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. \n\nSecurity\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A local user may be able to cause a denial of service\nDescription: This issue was addressed with improved checks. \nCVE-2018-4395: Patrick Wardle of Digita Security\n\nSpotlight\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4393: Lufeng Li\n\nSymptom Framework\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\n\nWiFi\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile\nNetworking Lab at Technische UniversitA$?t Darmstadt\n\nAdditional recognition\n\nCalendar\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\niBooks\nWe would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool \nICT for their assistance. \n\nKernel\nWe would like to acknowledge Brandon Azad for their assistance. \n\nLaunchServices\nWe would like to acknowledge Alok Menghrajani of Square for their\nassistance. \n\nQuick Look\nWe would like to acknowledge lokihardt of Google Project Zero for\ntheir assistance. \n\nSecurity\nWe would like to acknowledge Marinos Bernitsas of Parachute for their\nassistance. \n\nTerminal\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nInstallation note:\n\nmacOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and\nSecurity Update 2018-005 Sierra may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EcGQ//\nQbUbTOZRgxcStGZjs+qdXjeaXI6i1MKaky7o/iYCXf87crFu79PCsXyPU1jeMvoS\ntgDxz7ornlyaxR4wcSYzfcuIeY2ZH+dkxc7JJHQbKTW1dWYHpXUUzzNm+Ay/Gtk+\n2EIAgJ9oUf8FARR5cmcKBZfLFVdc40vpM3bBCV4m2Kr5KiDsqZKdZTujBQRccAsO\nHKRbhDecw0WX/CfEbLprs86uIXFMIoifhmh8LMebjzIQn2ozoFG6R31vMMHeDpir\nzf0xlVCJrJy/XywmkodhBWWrUWcM0hfsJ8EmyIBwFEYUxFhOV3D+x3rStd2kjyNL\nLG9oWclxDkjImQXdrL8IRAQfZvcVQFZK2vSGCYfRN0LY105sxjPjeIsJ0RORzcSN\n2mlDR1UuTosk0GleDbmhv/ornfOc537UebwuHVWU5LpPNFkvY1Cv8zPrQAHewuod\nTmktkNuv2x2fgw9g7ntE88UBF9JMC+Ofs/FgJ67RkoT4R39P7VvaztHlmxmr/rIw\nTrSs7TDVqciz+DOMRKxyNPI1cpXM5ITCTvgbY4+RWwaFJzfgY+Gc+sldvVcb1x9I\nLlsI19MA0bsvi+ReOcLbWYuEHaVhVqZ7LndxR9m2gJ39L9jff+dOsSlznF4OLs+S\nt7Rz6i2mOpe6vXobkTUmml3m3zYIhL3XcdcYpw3U0F8=\n=uhgi\n-----END PGP SIGNATURE-----\n. Intel Core i3 processor, etc. are all CPU (central processing unit) products of Intel Corporation of the United States. Security vulnerabilities exist in several Intel products that use speculative execution and address translation. The following products are affected: Intel Core i3 processor; Intel Core i5 processor; Intel Core i7 processor; Intel Core M processor family; 2nd generation Intel Core processors; 3rd generation Intel Core processors; 4th generation Intel Core processors; 5th generation Intel Core processors, etc. \n\nTo fully resolve these vulnerabilities it is also necessary to install\nupdated CPU microcode (only available in Debian non-free). Common server\nclass CPUs are covered in the update released as DSA 4273-1. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.110-3+deb9u3. =========================================================================\nUbuntu Security Notice USN-3742-2\nAugust 14, 2018\n\nlinux-lts-trusty vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 for Ubuntu\n12.04 ESM. \n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. A local\nattacker in a guest virtual machine could use this to expose sensitive\ninformation (memory from other guests or the host OS). (CVE-2018-3646)\n\nIt was discovered that memory present in the L1 data cache of an Intel CPU\ncore may be exposed to a malicious process that is executing on the CPU\ncore. (CVE-2018-3620)\n\nAndrey Konovalov discovered an out-of-bounds read in the POSIX timers\nsubsystem in the Linux kernel. A local attacker could use this to cause a\ndenial of service (system crash) or expose sensitive information. A remote attacker could use this to cause a\ndenial of service. (CVE-2018-5390)\n\nJuha-Matti Tilli discovered that the IP implementation in the Linux kernel\nperformed algorithmically expensive operations in some situations when\nhandling incoming packet fragments. A remote attacker could use this to\ncause a denial of service. (CVE-2018-5391)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\n  linux-image-3.13.0-155-generic  3.13.0-155.206~precise1\n  linux-image-3.13.0-155-generic-lpae  3.13.0-155.206~precise1\n  linux-image-generic-lpae-lts-trusty  3.13.0.155.145\n  linux-image-generic-lts-trusty  3.13.0.155.145\n\nPlease note that the recommended mitigation for CVE-2018-3646 involves\nupdating processor microcode in addition to updating the kernel;\nhowever, the kernel includes a fallback for processors that have not\nreceived microcode updates. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2018:2387-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2018:2387\nIssue date:        2018-08-14\nCVE Names:         CVE-2018-3620 CVE-2018-3639 CVE-2018-3646\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nExtended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4) - ppc64, ppc64le, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* Modern operating systems implement virtualization of physical memory to\nefficiently use available system resources and provide inter-domain\nprotection through access control and isolation. The L1TF issue was found\nin the way the x86 microprocessor designs have implemented speculative\nexecution of instructions (a commonly used performance optimisation) in\ncombination with handling of page-faults caused by terminated virtual to\nphysical address resolving process. As a result, an unprivileged attacker\ncould use this flaw to read privileged memory of the kernel or other\nprocesses and/or cross guest/host boundaries to read host memory by\nconducting targeted cache side-channel attacks. (CVE-2018-3620,\nCVE-2018-3646)\n\n* An industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of Load \u0026 Store instructions\n(a commonly used performance optimization). It relies on the presence of a\nprecisely-defined instruction sequence in the privileged code as well as\nthe fact that memory read from address to which a recent memory write has\noccurred may see an older value and subsequently cause an update into the\nmicroprocessor\u0027s data cache even for speculatively executed instructions\nthat never actually commit (retire). As a result, an unprivileged attacker\ncould use this flaw to read privileged memory by conducting targeted cache\nside-channel attacks. \n\nBug Fix(es):\n\n* Previously, configurations with the little-endian variant of IBM Power\nSystems CPU architectures and Hard Disk Drives (HDD) designed according to\nNonvolatile Memory Express (NVMe) open standards, experienced crashes\nduring shutdown or reboot due to race conditions of CPUs. As a consequence,\nthe sysfs pseudo file system threw a stack trace report about an attempt to\ncreate a duplicate entry in sysfs. This update modifies the source code so\nthat the irq_dispose_mapping() function is called first and the\nmsi_bitmap_free_hwirqs() function is called afterwards. As a result, the\nrace condition no longer appears in the described scenario. (BZ#1570510)\n\n* When switching from the indirect branch speculation (IBRS) feature to the\nretpolines feature, the IBRS state of some CPUs was sometimes not handled\ncorrectly. Consequently, some CPUs were left with the IBRS Model-Specific\nRegister (MSR) bit set to 1, which could lead to performance issues. With\nthis update, the underlying source code has been fixed to clear the IBRS\nMSR bits correctly, thus fixing the bug. (BZ#1586147)\n\n* During a balloon reset, page pointers were not correctly initialized\nafter unmapping the memory. Consequently, on the VMware ESXi hypervisor\nwith \"Fault Tolerance\" and \"ballooning\" enabled, the following messages\nrepeatedly occurred in the kernel log:\n\n[3014611.640148] WARNING: at mm/vmalloc.c:1491 __vunmap+0xd3/0x100()\n[3014611.640269] Trying to vfree() nonexistent vm area (ffffc90000697000)\n\nWith this update, the underlying source code has been fixed to initialize\npage pointers properly. As a result, the mm/vmalloc.c warnings no longer\noccur under the described circumstances. (BZ#1595600)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1566890 - CVE-2018-3639 hw: cpu: speculative store bypass\n1585005 - CVE-2018-3646 Kernel: hw: cpu: L1 terminal fault (L1TF)\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.37.4.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.37.4.el7.noarch.rpm\nkernel-doc-3.10.0-693.37.4.el7.noarch.rpm\n\nppc64:\nkernel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64.rpm\nperf-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\ns390x:\nkernel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-693.37.4.el7.s390x.rpm\nkernel-devel-3.10.0-693.37.4.el7.s390x.rpm\nkernel-headers-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-693.37.4.el7.s390x.rpm\nperf-3.10.0-693.37.4.el7.s390x.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-3.10.0-693.37.4.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.s390x.rpm\n\nx86_64:\nkernel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-devel-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-headers-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.37.4.el7.x86_64.rpm\nperf-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.4):\n\nppc64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64.rpm\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.37.4.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.37.4.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-3620\nhttps://access.redhat.com/security/cve/CVE-2018-3639\nhttps://access.redhat.com/security/cve/CVE-2018-3646\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/L1TF\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2018 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBW3M4idzjgjWX9erEAQigJg//W8NS9ZAq71IYQ/6q5hTZBUeg3RsIJL4U\nOOCTlpLe3pH45ueU4Pm1HPopyyBHLGo988ZXPkH4z/jKW6txO3RDzf/blyWIwxwi\ndr76FUaMMLUk0ASeGcisZppOt/6zwrp2tfn+TyiC3pK0K5nTp+WVO5xYy5iecXVX\n96M3wIhCIlshYPc1/F8zdYuBFzpYgBnotag//FjyCQlhmOFcKtTRgyQrSuf1ZxnL\nVNQ7UuVGjPWeF0w0OJrb6U7+pVrlwAvtwYkUjm/eFh/AszTe7uZ6C6mG8XAobDrl\nSpxhyqMTcplrKxvl0S01xuezVbVo8RdoAtrW9+xseozknta4cu7RHe0ZSsonY/xN\nRiAingIwsVde+g9KOv8jeleACBZu8mmJptkYbVb1IHPcp+1FzXXAkUc1i/oc7XBU\nlIfe49O3L2GyhI+0hUwhbPuc51L8yHmpr39KM1irKIRWsY692n32LVns3L6Kr0tW\niWlhz4F2e5SNb2zlu3sMRQ4M0kf6JPX8VdRL1qMpfNoa9Ci4wYt+zP29//F6swji\nuwu3+SVH5VTW9VzymSCaQl/gD0loWPKVLFrTF5M9Y9+cl0uXn7CoW2LUNB86PhRz\nmMG+g2ZW9WbKcW/ERHofeii5WZGtsyA4FnUaWhzetfQIItEpmoobE9QVl0ar5GJ2\ndsE8Ald7hA4=scjp\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 6.4) - x86_64\n\n3. (CVE-2018-3639)\n\n* kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. Unfortunately, the update introduced regressions\nthat caused kernel panics when booting in some environments as well\nas preventing Java applications from starting. This update fixes\nthe problems. \n\nWe apologize for the inconvenience. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to the 3.10.0-693.37.1 source\ntree, which provides a number of bug fixes over the previous version. \n(BZ#1599860)\n\n4",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      },
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148908"
      },
      {
        "db": "PACKETSTORM",
        "id": "148912"
      },
      {
        "db": "PACKETSTORM",
        "id": "148952"
      },
      {
        "db": "PACKETSTORM",
        "id": "150108"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      },
      {
        "db": "PACKETSTORM",
        "id": "149010"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148917"
      },
      {
        "db": "PACKETSTORM",
        "id": "148902"
      },
      {
        "db": "PACKETSTORM",
        "id": "148905"
      },
      {
        "db": "PACKETSTORM",
        "id": "148991"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "PACKETSTORM",
        "id": "148903"
      }
    ],
    "trust": 2.97
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-3646",
        "trust": 2.5
      },
      {
        "db": "CERT/CC",
        "id": "VU#982149",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-608355",
        "trust": 1.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-254686",
        "trust": 1.2
      },
      {
        "db": "SECTRACK",
        "id": "1041451",
        "trust": 1.2
      },
      {
        "db": "SECTRACK",
        "id": "1042004",
        "trust": 1.2
      },
      {
        "db": "BID",
        "id": "105080",
        "trust": 1.2
      },
      {
        "db": "LENOVO",
        "id": "LEN-24163",
        "trust": 1.2
      },
      {
        "db": "PACKETSTORM",
        "id": "148991",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "148896",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-133677",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148915",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148908",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148912",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148952",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150108",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148903",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "149010",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148914",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148917",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148902",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148905",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148906",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148908"
      },
      {
        "db": "PACKETSTORM",
        "id": "148912"
      },
      {
        "db": "PACKETSTORM",
        "id": "148952"
      },
      {
        "db": "PACKETSTORM",
        "id": "150108"
      },
      {
        "db": "PACKETSTORM",
        "id": "148903"
      },
      {
        "db": "PACKETSTORM",
        "id": "149010"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148917"
      },
      {
        "db": "PACKETSTORM",
        "id": "148902"
      },
      {
        "db": "PACKETSTORM",
        "id": "148905"
      },
      {
        "db": "PACKETSTORM",
        "id": "148991"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "id": "VAR-201808-0957",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2026-03-09T20:08:15.928000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2018/08/15/foreshadow_sgx_software_attestations_collateral_damage/"
      },
      {
        "title": "The Register",
        "trust": 0.2,
        "url": "https://www.theregister.co.uk/2018/08/14/intel_l1_terminal_fault_bugs/"
      },
      {
        "title": "Red Hat: Important: kernel security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182387 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182388 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182389 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: rhev-hypervisor7 security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182404 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182391 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182603 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182602 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: rhvm-appliance security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182402 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182392 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel-rt security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182396 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182393 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: redhat-virtualization-host security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182403 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: kernel security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182394 - Security Advisory"
      },
      {
        "title": "Debian Security Advisories: DSA-4274-1 xen -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2129055bb51ebf11b86d56acef7f5da1"
      },
      {
        "title": "Debian Security Advisories: DSA-4279-1 linux -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dac4eea76febd76490afc049b9aa11cb"
      },
      {
        "title": "Red Hat: Important: kernel security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182384 - Security Advisory"
      },
      {
        "title": "Ubuntu Security Notice: linux vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3823-1"
      },
      {
        "title": "Red Hat: Important: kernel-rt security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182395 - Security Advisory"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2018-3646"
      },
      {
        "title": "Red Hat: CVE-2018-3646",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-3646"
      },
      {
        "title": "Red Hat: Important: kernel security and bug fix update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20182390 - Security Advisory"
      },
      {
        "title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-1"
      },
      {
        "title": "Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3740-2"
      },
      {
        "title": "Ubuntu Security Notice: intel-microcode vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3756-1"
      },
      {
        "title": "Ubuntu Security Notice: linux regressions",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-3"
      },
      {
        "title": "Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-2"
      },
      {
        "title": "Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3741-1"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2018-1058",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2018-1058"
      },
      {
        "title": "Ubuntu Security Notice: linux-lts-trusty vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-2"
      },
      {
        "title": "Ubuntu Security Notice: linux vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-1"
      },
      {
        "title": "Ubuntu Security Notice: linux-lts-trusty regressions",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3742-3"
      },
      {
        "title": "Amazon Linux 2: ALAS2-2018-1058",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2018-1058"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=831545c255e00dbde24c93b2cf2135d6"
      },
      {
        "title": "IBM: IBM Security Bulletin: Multiple Foreshadow Spectre Variant vulnerabilities affect IBM OS Image for Red Hat Linux Systems in IBM PureApplication System (CVE-2018-3615 CVE-2018-3620 CVE-2018-3646)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=f295531b3aa99d37dbc53693639947d9"
      },
      {
        "title": "HP: HPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBHF03590"
      },
      {
        "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=ba953f0879f87a755234bc0818c99c6d"
      },
      {
        "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBHF03590 rev. 2 - L1 Terminal Fault (L1TF)",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=deca5f6210b098f58ce384c28747b82c"
      },
      {
        "title": "Huawei Security Advisories: Security Advisory - CPU Side Channel Vulnerability \"L1TF\"",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=28eb43a14c12e8c070afa60d55f86b55"
      },
      {
        "title": "Cisco: CPU Side-Channel Information Disclosure Vulnerabilities: August 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180814-cpusidechannel"
      },
      {
        "title": "Forcepoint Security Advisories: Meltdown and Spectre Vulnerability CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2018-3640, CVE-2018-3639, CVE-2018-3615, CVE-2018-3620, CVE-2018-3646",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=459877525c31ac6029f4be4a6ea97e17"
      },
      {
        "title": "Citrix Security Bulletins: XenServer Multiple Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=89d06253986d1cdae0f8d9ffbff97d18"
      },
      {
        "title": "IBM: Potential Impact on Processors in the POWER Family",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=cf9e1e42799edbda36ec7415288ad7f0"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=75b9d198a73a91d81765c8b428423224"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=621cdbb127d953e0d9d06eff7dd10106"
      },
      {
        "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=204a1aa9ebf7b5f47151e8b011269862"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2019",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=f655264a6935505d167bbf45f409a57b"
      },
      {
        "title": "Palo Alto Networks Security Advisory: PAN-SA-2018-0011 Information about L1 Terminal Fault findings",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory\u0026qid=74b853f8cd89b12964ff841924244a71"
      },
      {
        "title": "Fortinet Security Advisories: Meltdown and Spectre class vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-18-002"
      },
      {
        "title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=05b5bbd6fb289370b459faf1f4e3919d"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=55ea315dfb69fce8383762ac64250315"
      },
      {
        "title": "IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal\u2019s dependencies \u2013 Cumulative list from June 28, 2018 to December 13, 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=43da2cd72c1e378d8d94ecec029fcc61"
      },
      {
        "title": "vmware-esxi-67",
        "trust": 0.1,
        "url": "https://github.com/casagency/vmware-esxi-67 "
      },
      {
        "title": "711552870_s",
        "trust": 0.1,
        "url": "https://github.com/Qwhqfmmx/711552870_s "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/teusink/Home-Security-by-OS-Hardening "
      },
      {
        "title": "Network_research_report",
        "trust": 0.1,
        "url": "https://github.com/dongminkim0220/Network_research_report "
      },
      {
        "title": "Home-Security-by-W10-Hardening",
        "trust": 0.1,
        "url": "https://github.com/teusink/Home-Security-by-W10-Hardening "
      },
      {
        "title": "l1tf-poc",
        "trust": 0.1,
        "url": "https://github.com/gregvish/l1tf-poc "
      },
      {
        "title": "arch_linux_installation_guide",
        "trust": 0.1,
        "url": "https://github.com/kyberdrb/arch_linux_installation_guide "
      },
      {
        "title": "711552870_s",
        "trust": 0.1,
        "url": "https://github.com/yoobao55/711552870_s "
      },
      {
        "title": "l1tf-demo",
        "trust": 0.1,
        "url": "https://github.com/blitz/l1tf-demo "
      },
      {
        "title": "lx-port-data",
        "trust": 0.1,
        "url": "https://github.com/omniosorg/lx-port-data "
      },
      {
        "title": "win10-regtweak",
        "trust": 0.1,
        "url": "https://github.com/interlunar/win10-regtweak "
      },
      {
        "title": "cpu-report",
        "trust": 0.1,
        "url": "https://github.com/rosenbergj/cpu-report "
      },
      {
        "title": "specter---meltdown--checker",
        "trust": 0.1,
        "url": "https://github.com/vurtne/specter---meltdown--checker "
      },
      {
        "title": "TEApot",
        "trust": 0.1,
        "url": "https://github.com/github-3rr0r/TEApot "
      },
      {
        "title": "TEApot",
        "trust": 0.1,
        "url": "https://github.com/Mashiro1995/TEApot "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/kali973/spectre-meltdown-checker "
      },
      {
        "title": "puppet-meltdown",
        "trust": 0.1,
        "url": "https://github.com/timidri/puppet-meltdown "
      },
      {
        "title": "cSpeculationControlFixes",
        "trust": 0.1,
        "url": "https://github.com/poshsecurity/cSpeculationControlFixes "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/es0j/hyperbleed "
      },
      {
        "title": "Linux-Tools",
        "trust": 0.1,
        "url": "https://github.com/minutesinch/Linux-Tools "
      },
      {
        "title": "spectre-meltdown",
        "trust": 0.1,
        "url": "https://github.com/edsonjt81/spectre-meltdown "
      },
      {
        "title": "spectre-meltdown-checker",
        "trust": 0.1,
        "url": "https://github.com/speed47/spectre-meltdown-checker "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/merlinepedra25/spectre-meltdown-checker "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/merlinepedra/spectre-meltdown-checker "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/kin-cho/my-spectre-meltdown-checker "
      },
      {
        "title": "Hardware-and-Firmware-Security-Guidance",
        "trust": 0.1,
        "url": "https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance "
      },
      {
        "title": "Firmware-Security",
        "trust": 0.1,
        "url": "https://github.com/virusbeeE/Firmware-Security "
      },
      {
        "title": "hardware-attacks-state-of-the-art",
        "trust": 0.1,
        "url": "https://github.com/codexlynx/hardware-attacks-state-of-the-art "
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-new-intel-microcode-for-windows-10-server-2016/"
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/researchers-disclose-new-foreshadow-l1tf-vulnerabilities-affecting-intel-cpus/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 2.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html"
      },
      {
        "trust": 2.0,
        "url": "https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault"
      },
      {
        "trust": 2.0,
        "url": "https://foreshadowattack.eu/"
      },
      {
        "trust": 1.4,
        "url": "https://access.redhat.com/errata/rhsa-2018:2387"
      },
      {
        "trust": 1.3,
        "url": "https://www.kb.cert.org/vuls/id/982149"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2018:2389"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2018:2393"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2018:2394"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2018:2396"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2018:2402"
      },
      {
        "trust": 1.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/105080"
      },
      {
        "trust": 1.2,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180814-cpusidechannel"
      },
      {
        "trust": 1.2,
        "url": "http://support.lenovo.com/us/en/solutions/len-24163"
      },
      {
        "trust": 1.2,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en"
      },
      {
        "trust": 1.2,
        "url": "http://www.vmware.com/security/advisories/vmsa-2018-0020.html"
      },
      {
        "trust": 1.2,
        "url": "http://xenbits.xen.org/xsa/advisory-273.html"
      },
      {
        "trust": 1.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
      },
      {
        "trust": 1.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
      },
      {
        "trust": 1.2,
        "url": "https://help.ecostruxureit.com/display/public/uadce725/security+fixes+in+struxureware+data+center+expert+v7.6.0"
      },
      {
        "trust": 1.2,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180018"
      },
      {
        "trust": 1.2,
        "url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2018-0010"
      },
      {
        "trust": 1.2,
        "url": "https://security.netapp.com/advisory/ntap-20180815-0001/"
      },
      {
        "trust": 1.2,
        "url": "https://support.f5.com/csp/article/k31300402"
      },
      {
        "trust": 1.2,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
      },
      {
        "trust": 1.2,
        "url": "https://www.synology.com/support/security/synology_sa_18_45"
      },
      {
        "trust": 1.2,
        "url": "https://www.debian.org/security/2018/dsa-4274"
      },
      {
        "trust": 1.2,
        "url": "https://www.debian.org/security/2018/dsa-4279"
      },
      {
        "trust": 1.2,
        "url": "https://security.freebsd.org/advisories/freebsd-sa-18:09.l1tf.asc"
      },
      {
        "trust": 1.2,
        "url": "https://security.gentoo.org/glsa/201810-06"
      },
      {
        "trust": 1.2,
        "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
      },
      {
        "trust": 1.2,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 1.2,
        "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00029.html"
      },
      {
        "trust": 1.2,
        "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2384"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2388"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2390"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2391"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2392"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2395"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2403"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2404"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2602"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2018:2603"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1041451"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1042004"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3740-1/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3740-2/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3741-1/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3741-2/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3742-1/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3742-2/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3756-1/"
      },
      {
        "trust": 1.2,
        "url": "https://usn.ubuntu.com/3823-1/"
      },
      {
        "trust": 1.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03874en_us"
      },
      {
        "trust": 1.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
      },
      {
        "trust": 1.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
      },
      {
        "trust": 1.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3620"
      },
      {
        "trust": 0.8,
        "url": "https://www.usenix.org/conference/usenixsecurity18/presentation/bulck"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.intel.com/content/dam/www/public/us/en/documents/sa00115-microcode-update-guidance.pdf"
      },
      {
        "trust": 0.6,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/vulnerabilities/l1tf"
      },
      {
        "trust": 0.6,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2018-3646"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2018-3620"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.4,
        "url": "https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5391"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5390"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2018-3639"
      },
      {
        "trust": 0.2,
        "url": "https://usn.ubuntu.com/usn/usn-3742-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-18344"
      },
      {
        "trust": 0.2,
        "url": "https://usn.ubuntu.com/usn/usn-3741-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-10901"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2018-10901"
      },
      {
        "trust": 0.1,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03874en_us"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xrfkqwyv2h4bv75cungcge5tnvqclbgz/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/v4uwgorqwcencif2bhwuef2odbv75qs2/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/casagency/vmware-esxi-67"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/teusink/home-security-by-w10-hardening"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-155.205"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1019.19"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1021.21"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1019.19"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1017.18"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1015.18"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1020.22"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-32.35"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3740-1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/2974891"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-5390"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12618"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14064"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4203"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-10784"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4334"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4288"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4308"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4326"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17405"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3640"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4153"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4291"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4340"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4304"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4286"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4126"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14033"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4331"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4310"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4259"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4295"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4242"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-17742"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12613"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4287"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/linux"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-133.159"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1094.102"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1098.103"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1065.75"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1031.37"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3742-2"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/vulnerabilities/ssbd"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-156.206"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787258"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1787127,"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/usn/usn-3741-3"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133677"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646"
      },
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148908"
      },
      {
        "db": "PACKETSTORM",
        "id": "148912"
      },
      {
        "db": "PACKETSTORM",
        "id": "148952"
      },
      {
        "db": "PACKETSTORM",
        "id": "150108"
      },
      {
        "db": "PACKETSTORM",
        "id": "148903"
      },
      {
        "db": "PACKETSTORM",
        "id": "149010"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148917"
      },
      {
        "db": "PACKETSTORM",
        "id": "148902"
      },
      {
        "db": "PACKETSTORM",
        "id": "148905"
      },
      {
        "db": "PACKETSTORM",
        "id": "148991"
      },
      {
        "db": "PACKETSTORM",
        "id": "148906"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "db": "VULHUB",
        "id": "VHN-133677",
        "ident": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3646",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148915",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148908",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148912",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148952",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "150108",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148903",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "149010",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148914",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148917",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148902",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148905",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148991",
        "ident": null
      },
      {
        "db": "PACKETSTORM",
        "id": "148906",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3646",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-08-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133677",
        "ident": null
      },
      {
        "date": "2018-08-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-3646",
        "ident": null
      },
      {
        "date": "2018-08-15T04:42:52",
        "db": "PACKETSTORM",
        "id": "148915",
        "ident": null
      },
      {
        "date": "2018-08-15T04:40:53",
        "db": "PACKETSTORM",
        "id": "148908",
        "ident": null
      },
      {
        "date": "2018-08-15T04:42:35",
        "db": "PACKETSTORM",
        "id": "148912",
        "ident": null
      },
      {
        "date": "2018-08-16T14:16:41",
        "db": "PACKETSTORM",
        "id": "148952",
        "ident": null
      },
      {
        "date": "2018-10-31T15:50:04",
        "db": "PACKETSTORM",
        "id": "150108",
        "ident": null
      },
      {
        "date": "2018-08-15T04:39:03",
        "db": "PACKETSTORM",
        "id": "148903",
        "ident": null
      },
      {
        "date": "2018-08-20T17:06:29",
        "db": "PACKETSTORM",
        "id": "149010",
        "ident": null
      },
      {
        "date": "2018-08-15T04:42:46",
        "db": "PACKETSTORM",
        "id": "148914",
        "ident": null
      },
      {
        "date": "2018-08-15T04:43:02",
        "db": "PACKETSTORM",
        "id": "148917",
        "ident": null
      },
      {
        "date": "2018-08-15T04:38:57",
        "db": "PACKETSTORM",
        "id": "148902",
        "ident": null
      },
      {
        "date": "2018-08-15T04:39:57",
        "db": "PACKETSTORM",
        "id": "148905",
        "ident": null
      },
      {
        "date": "2018-08-18T20:21:00",
        "db": "PACKETSTORM",
        "id": "148991",
        "ident": null
      },
      {
        "date": "2018-08-15T04:40:04",
        "db": "PACKETSTORM",
        "id": "148906",
        "ident": null
      },
      {
        "date": "2018-08-14T19:29:00.920000",
        "db": "NVD",
        "id": "CVE-2018-3646",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2018-09-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#982149",
        "ident": null
      },
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133677",
        "ident": null
      },
      {
        "date": "2023-11-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-3646",
        "ident": null
      },
      {
        "date": "2024-11-21T04:05:50.020000",
        "db": "NVD",
        "id": "CVE-2018-3646",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148915"
      },
      {
        "db": "PACKETSTORM",
        "id": "148912"
      },
      {
        "db": "PACKETSTORM",
        "id": "148914"
      },
      {
        "db": "PACKETSTORM",
        "id": "148917"
      }
    ],
    "trust": 0.4
  },
  "title": {
    "_id": null,
    "data": "Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#982149"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "bypass",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148903"
      },
      {
        "db": "PACKETSTORM",
        "id": "148902"
      },
      {
        "db": "PACKETSTORM",
        "id": "148905"
      }
    ],
    "trust": 0.3
  }
}

VAR-201706-0515

Vulnerability from variot - Updated: 2025-04-20 23:40

The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. VMwareWorkstation and others are virtual machine software products of the US company. VMwareWorkstation is a set of expensive and feature-rich virtual machine software. VMwareWorkstationPlayer is a set of free, open source and simpler virtual machine software. VMWareFusion allows seamless running of Windows applications on Intel-based Mac machines. A memory corruption vulnerability exists in multiple VMware products. An attacker could exploit this vulnerability to execute arbitrary code in the context of a user running in an affected program, which would result in a denial of service. Failed exploit attempts will likely result in denial-of-service conditions. The following products are vulnerable: VMware Workstation Pro 12.x VMware Workstation Player 12.x VMware Fusion Pro 8.x VMware Fusion 8.x

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0515",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "8.5.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "8.0.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.0.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.5.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.5.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.5.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "12.0"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "12.0.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.1.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "8.5.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "8.1.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "8.0.2"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.1.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.5.3"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.5.2"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.5"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "12.5.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "12.5.4"
      },
      {
        "model": "fusion",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "8.x"
      },
      {
        "model": "workstation",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "12.x"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "8.5.5"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.x"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "12.x"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.x"
      },
      {
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "8.x"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.3"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.2"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.1.1"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.1"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.0"
      },
      {
        "model": "workstation pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.0"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.3"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.2"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.1.1"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.1"
      },
      {
        "model": "workstation player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.0"
      },
      {
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.5.2"
      },
      {
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.5"
      },
      {
        "model": "fusion pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.0"
      },
      {
        "model": "workstation pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.4"
      },
      {
        "model": "workstation player",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "12.5.4"
      },
      {
        "model": "fusion pro",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.5.5"
      },
      {
        "model": "fusion",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "8.5.5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "BID",
        "id": "96881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unamer",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2017-4901",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-4901",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-03742",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.1,
            "id": "CVE-2017-4901",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-4901",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-4901",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-03742",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-678",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-4901",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. VMwareWorkstation and others are virtual machine software products of the US company. VMwareWorkstation is a set of expensive and feature-rich virtual machine software. VMwareWorkstationPlayer is a set of free, open source and simpler virtual machine software. VMWareFusion allows seamless running of Windows applications on Intel-based Mac machines. A memory corruption vulnerability exists in multiple VMware products. An attacker could exploit this vulnerability to execute arbitrary code in the context of a user running in an affected program, which would result in a denial of service. Failed exploit  attempts will likely result in denial-of-service conditions. \nThe following products are vulnerable:\nVMware Workstation Pro 12.x\nVMware Workstation Player 12.x\nVMware Fusion Pro 8.x\nVMware Fusion 8.x",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "BID",
        "id": "96881"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      }
    ],
    "trust": 2.52
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=47714",
        "trust": 0.1,
        "type": "exploit"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-4901",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "96881",
        "trust": 1.9
      },
      {
        "db": "SECTRACK",
        "id": "1038025",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "47714",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "db": "BID",
        "id": "96881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "id": "VAR-201706-0515",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:40:04.647000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2017-0005",
        "trust": 0.8,
        "url": "https://www.vmware.com/security/advisories/VMSA-2017-0005.html"
      },
      {
        "title": "Patch for several VMware Product Memory Corruption Vulnerabilities (CNVD-2017-03742)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/91373"
      },
      {
        "title": "Multiple VMware Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68523"
      },
      {
        "title": "VMware Security Advisories: VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=4cc06db86a5adc2cabb5949c6f8b92fd"
      },
      {
        "title": "123",
        "trust": 0.1,
        "url": "https://github.com/wangsheng123168/123 "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/96881"
      },
      {
        "trust": 1.3,
        "url": "https://www.vmware.com/security/advisories/vmsa-2017-0005.html"
      },
      {
        "trust": 1.0,
        "url": "http://www.securitytracker.com/id/1038025"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-4901"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-4901"
      },
      {
        "trust": 0.6,
        "url": "https://www.exploit-db.com/exploits/47714"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "BID",
        "id": "96881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "db": "BID",
        "id": "96881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "date": "2017-06-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "date": "2017-03-14T00:00:00",
        "db": "BID",
        "id": "96881"
      },
      {
        "date": "2017-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "date": "2017-03-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "date": "2017-06-08T13:29:00.187000",
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-03-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-03742"
      },
      {
        "date": "2017-07-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-4901"
      },
      {
        "date": "2017-03-16T01:02:00",
        "db": "BID",
        "id": "96881"
      },
      {
        "date": "2017-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      },
      {
        "date": "2019-11-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-4901"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMware Workstation and  Fusion of  drag-and-drop Memory out-of-bounds access vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004628"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-678"
      }
    ],
    "trust": 0.6
  }
}

VAR-201004-0994

Vulnerability from variot - Updated: 2025-04-11 22:24

The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host's vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. The following applications are vulnerable: Workstation Player ACE Server Fusion NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141

  1. Summary

VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.

Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.

Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.

Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.

End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.

End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.

Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.

  1. Problem Description

a. Windows-based VMware Tools Unsafe Library Loading vulnerability

A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.

VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.

Steps needed to remediate this vulnerability:

Guest systems on VMware Workstation, Player, ACE, Server, Fusion
 - Install the remediated version of Workstation, Player, ACE,
   Server and Fusion. 
 - Upgrade tools in the virtual machine (virtual machine users
   will be prompted to upgrade).

Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
 - Install the relevant patches (see below for patch identifiers)
 - Manually upgrade tools in the virtual machine (virtual machine
   users will not be prompted to upgrade).  Note the VI Client will
   not show the VMware tools is out of date in the summary tab. 
   Please see http://tinyurl.com/27mpjo page 80 for details.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. Windows-based VMware Tools Arbitrary Code Execution vulnerability

A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user.  On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.

Steps needed to remediate this vulnerability: See section 3.a.

VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.

Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.

c. Windows-based VMware Workstation and Player host privilege escalation

A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine.  On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.

VMware would like to thank Thierry Zoller for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Third party library update for libpng to version 1.2.37

The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications. 
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities

The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.

Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.

For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.

VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.

To remediate the above issues either install the stand alone movie
decoder or update your product using the table below. VMware Remote Console format string vulnerability

VMware Remote Console (VMrc) contains a format string vulnerability. 
Exploitation of this issue may lead to arbitrary code execution on
the system where VMrc is installed.

For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.

VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.

Under the following two conditions your version of VMrc is likely
to be affected:

- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
  without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system

The following steps allow you to determine if you have an affected
version of VMrc installed:

- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
  system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
  VMrc is affected

Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):

- Uninstall affected versions of VMrc from the systems where the
  VMrc plug-in has been installed (use the Windows Add/Remove
  Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
  ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
  ESX400-200911223-UG using WebAccess on the system where the VMrc
  needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess.  The
  Console tab is selectable after selecting a virtual machine.

Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps. 
Users are advised to use the Internet Explorer VMrc plug-in.

VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.

g. Windows-based VMware authd remote denial of service

A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts.  The denial of service is limited
to a crash of authd.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.

VMware would like to thank Johann MacDonagh for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability

A format string vulnerability in vmrun could allow arbitrary code
execution.

If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.

VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

VIX API        any       Windows  not affected
VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later
VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  not affected
Workstation    6.5.x     Linux    6.5.4 build 246459 or later

Player         3.x       any      not affected
Player         2.5.x     Windows  not affected
Player         2.5.x     Linux    2.5.4 build 246459 or later

Ace            any       Windows  not affected

Server         2.x       Windows  not affected
Server         2.x       Linux    not being fixed at this time

Fusion         3.x       Mac OS/X not affected
Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later

ESXi           any       any      not affected

ESX            any       any      not affected
  1. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Workstation Movie Decoder stand alone 6.5.4

http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29

VMware Workstation 7.0.1

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697

Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f

Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac

Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a

VMware Workstation 6.5.4

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b

Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a

Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5

Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8

VMware Player 3.0.1

http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html

Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf

Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a

Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df

VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9

VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6

VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d

VMware Player 2.5.4

http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html

Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5

Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d

Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7

Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72

Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22

VMware ACE 2.6.1

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html

VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5

ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798

ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f

ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d

VMware ACE 2.5.4

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html

VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3

ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110

ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134

ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe

VMware Server 2.0.2

http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html

VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b

VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22

For Linux

VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747

VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece

The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474

VMware Fusion 3.0.2

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html

VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3

VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01

VMware Fusion 2.0.7

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html

VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370

VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77

VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713

VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9

VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1

VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b

VIX API Version: 1.8.1 | 2009-10-11 | 207905

VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12

VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907

VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8

VIX API Version: 1.10 Beta | 01/28/10 | 222403

VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73

VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c

VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b

ESXi

ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404

ESXi 3.5

ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.

The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.

In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.

ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip

md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83

http://kb.vmware.com/kb/1015047 (Vi Client)

http://kb.vmware.com/kb/1016665 (VM Tools)

http://kb.vmware.com/kb/1017685 (Firmware)

The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.

ESX

ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403

Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG

ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842

Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG

ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657

ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030

ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html

  1. References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141

  2. Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .

For more information see vulnerabilities #3 through #7 in: SA39206

SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Johann MacDonagh.

Background

VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.

Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).

Workaround

There is no known workaround at this time. We recommend that users unmerge VMware Server:

# emerge --unmerge "app-emulation/vmware-server"

References

[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-25.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

Secunia CSI + Microsoft SCCM

= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

TITLE: VMware Products Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA39206

VERIFY ADVISORY: http://secunia.com/advisories/39206/

DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.

NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista).

3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.

For more information: SA35346

4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.

For more information: SA36712

5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.

For more information: SA39203

7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.

For more information: SA39201

SOLUTION: Update to a fixed version.

PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research

The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner

ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html

Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/

OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/

SA36712: http://secunia.com/advisories/36712/

SA36988: http://secunia.com/advisories/36988/

SA39198: http://secunia.com/advisories/39198/

SA39201: http://secunia.com/advisories/39201/

SA39203: http://secunia.com/advisories/39203/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201004-0994",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "vmware",
        "version": "3.0"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "vmware",
        "version": "7.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "vmware",
        "version": "3.0"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "vmware",
        "version": "2.6"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.6"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "6.5.x"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.3"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.2"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.1"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.5.0"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "3.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "3.0"
      },
      {
        "model": "workstation for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5"
      },
      {
        "model": "workstation for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "0"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5118166"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.3185404"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.2156735"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2203138"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1156745"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "player for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "player for linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2156735"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3185404"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6196839"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3185404"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2156735"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "workstation for linux build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.4246459"
      },
      {
        "model": "workstation build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.0.1227600"
      },
      {
        "model": "workstation build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.4246459"
      },
      {
        "model": "player for linux build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4246459"
      },
      {
        "model": "player build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.0.1227600"
      },
      {
        "model": "player build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4246459"
      },
      {
        "model": "fusion build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.0.1232708"
      },
      {
        "model": "fusion build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.7246742"
      },
      {
        "model": "ace build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.6.1227600"
      },
      {
        "model": "ace build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4246459"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:ace",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:player",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alin Rad Pop",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-1138",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2010-1138",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-1138",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-1138",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201004-157",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "46d9d18e-2356-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-1138",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. plural VMware Product virtual network stack host OS A vulnerability exists in which important information is obtained from the above memory.Hosted by a third party OS Important information may be obtained from the above memory. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. VMWare products do not implement the virtual network stack correctly. Users on the guest operating system can obtain partial memory from the host\u0027s vmware-vmx process. Multiple VMware-hosted products are prone to an information-disclosure vulnerability. This can allow the attackers to harvest potentially sensitive information that can aid in further attacks. \nThe following applications are vulnerable:\nWorkstation\nPlayer\nACE\nServer\nFusion\nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0007\nSynopsis:          VMware hosted products, vCenter Server and ESX\n                   patches resolve multiple security issues\nIssue date:        2010-04-09\nUpdated on:        2010-04-09 (initial release of advisory)\nCVE numbers:       CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n                   CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n                   CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n                   CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. Summary\n\n   VMware hosted products, vCenter Server and ESX patches resolve\n   multiple security issues. \n\n2. \n\n   Notes:\n   Effective May 2010, VMware\u0027s patch and update release program during\n   Extended Support will be continued with the condition that all\n   subsequent patch and update releases will be based on the latest\n   baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n   ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n   \"End of Product Availability FAQs\" at\n   http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n   details. \n\n   Extended support for ESX 2.5.5 ends on 2010-06-15.  Users should plan\n   to upgrade to at least ESX 3.0.3 and preferably to the newest\n   release available. \n\n   Extended support for ESX 3.0.3 ends on 2011-12-10.  Users should plan\n   to upgrade to at least ESX 3.5 and preferably to the newest release\n   available. \n\n   End of General Support for VMware Workstation 6.x is 2011-04-27,\n   users should plan to upgrade to the newest release available. \n\n   End of General Support for VMware Server 2.0 is 2011-06-30, users\n   should plan to upgrade to the newest release of either ESXi or\n   VMware Player. \n\n   Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n   should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n    A vulnerability in the way VMware libraries are referenced allows\n    for arbitrary code execution in the context of the logged on user. This file could be in any file format. The attacker will\n    need to have the ability to host their malicious files on a\n    network share. \n\n    VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n    Security (http://www.acrossecurity.com) for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1141 to this issue. \n\n    Steps needed to remediate this vulnerability:\n\n    Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n     - Install the remediated version of Workstation, Player, ACE,\n       Server and Fusion. \n     - Upgrade tools in the virtual machine (virtual machine users\n       will be prompted to upgrade). \n\n    Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n     - Install the relevant patches (see below for patch identifiers)\n     - Manually upgrade tools in the virtual machine (virtual machine\n       users will not be prompted to upgrade).  Note the VI Client will\n       not show the VMware tools is out of date in the summary tab. \n       Please see http://tinyurl.com/27mpjo page 80 for details. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. See above for remediation\n    details. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n    A vulnerability in the way VMware executables are loaded allows for\n    arbitrary code execution in the context of the logged on user. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the Virtual Machine of the user.  On most\n    recent versions of Windows (XP, Vista) the attacker would need to\n    have administrator privileges to plant the malicious executable in\n    the right location. \n\n    Steps needed to remediate this vulnerability: See section 3.a. \n\n    VMware would like to thank Mitja Kolsek of ACROS Security\n    (http://www.acrossecurity.com) for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1142 to this issue. \n\n    Refer to the previous table in section 3.a for what action\n    remediates the vulnerability (column 4) if a solution is\n    available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n    escalation\n\n    A vulnerability in the USB service allows for a privilege\n    escalation. A local attacker on the host of a Windows-based\n    Operating System where VMware Workstation or VMware Player\n    is installed could plant a malicious executable on the host and\n    elevate their privileges. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the host machine.  On most recent versions of\n    Windows (XP, Vista) the attacker would need to have administrator\n    privileges to plant the malicious executable in the right location. \n\n    VMware would like to thank Thierry Zoller for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1140 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Third party library update for libpng to version 1.2.37\n\n    The libpng libraries through 1.2.35 contain an uninitialized-\n    memory-read bug that may have security implications. \n    Specifically, 1-bit (2-color) interlaced images whose widths are\n    not divisible by 8 may result in several uninitialized bits at the\n    end of certain rows in certain interlace passes being returned to\n    the user. An application that failed to mask these out-of-bounds\n    pixels might display or process them, albeit presumably with benign\n    results in most cases. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2042 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n    The VMware movie decoder contains the VMnc media codec that is\n    required to play back movies recorded with VMware Workstation,\n    VMware Player and VMware ACE, in any compatible media player. The\n    movie decoder is installed as part of VMware Workstation, VMware\n    Player and VMware ACE, or can be downloaded as a stand alone\n    package. \n\n    Vulnerabilities in the decoder allow for execution of arbitrary\n    code with the privileges of the user running an application\n    utilizing the vulnerable codec. \n\n    For an attack to be successful the user must be tricked into\n    visiting a malicious web page or opening a malicious video file on\n    a system that has the vulnerable version of the VMnc codec installed. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n    issues. \n\n    VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n    Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n    of Secunia Research for reporting these issues to us. \n\n    To remediate the above issues either install the stand alone movie\n    decoder or update your product using the table below. VMware Remote Console format string vulnerability\n\n    VMware Remote Console (VMrc) contains a format string vulnerability. \n    Exploitation of this issue may lead to arbitrary code execution on\n    the system where VMrc is installed. \n\n    For an attack to be successful, an attacker would need to trick the\n    VMrc user into opening a malicious Web page or following a malicious\n    URL. Code execution would be at the privilege level of the user. \n\n    VMrc is present on a system if the VMrc browser plug-in has been\n    installed. This plug-in is required when using the console feature in\n    WebAccess. Installation of the plug-in follows after visiting the\n    console tab in WebAccess and choosing \"Install plug-in\". The plug-\n    in can only be installed on Internet Explorer and Firefox. \n\n    Under the following two conditions your version of VMrc is likely\n    to be affected:\n\n    - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n      without patch ESX400-200911223-UG and\n    - VMrc is installed on a Windows-based system\n\n    The following steps allow you to determine if you have an affected\n    version of VMrc installed:\n\n    - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n      system\n    - Right click and go to Properties\n    - Go to the tab \"Versions\"\n    - Click \"File Version\" in the \"Item Name\" window\n    - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n      VMrc is affected\n\n    Remediation of this issue on Windows-based systems requires the\n    following steps (Linux-based systems are not affected):\n\n    - Uninstall affected versions of VMrc from the systems where the\n      VMrc plug-in has been installed (use the Windows Add/Remove\n      Programs interface)\n    - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n      ESX400-200911223-UG\n    - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n      ESX400-200911223-UG using WebAccess on the system where the VMrc\n      needs to be re-installed\n    - Re-install VMrc by going to the console tab in WebAccess.  The\n      Console tab is selectable after selecting a virtual machine. \n\n    Note: the VMrc plug-in for Firefox on Windows-based operating\n    systems is no longer compatible after the above remediation steps. \n    Users are advised to use the Internet Explorer VMrc plug-in. \n\n    VMware would like to thank Alexey Sintsov from Digital Security\n    Research Group for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n    A vulnerability in vmware-authd could cause a denial of service\n    condition on Windows-based hosts.  The denial of service is limited\n    to a crash of authd. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-3707 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1138 to this issue. \n\n    VMware would like to thank Johann MacDonagh for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n    A format string vulnerability in vmrun could allow arbitrary code\n    execution. \n\n    If a vmrun command is issued and processes are listed, code could\n    be executed in the context of the user listing the processes. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1139 to this issue. \n\n    VMware would like to thank Thomas Toth-Steiner for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    VIX API        any       Windows  not affected\n    VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later\n    VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  not affected\n    Workstation    6.5.x     Linux    6.5.4 build 246459 or later\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  not affected\n    Player         2.5.x     Linux    2.5.4 build 246459 or later\n\n    Ace            any       Windows  not affected\n\n    Server         2.x       Windows  not affected\n    Server         2.x       Linux    not being fixed at this time\n\n    Fusion         3.x       Mac OS/X not affected\n    Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later\n\n    ESXi           any       any      not affected\n\n    ESX            any       any      not affected\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation Movie Decoder stand alone 6.5.4\n   --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n   md5sum: ea2ac5907ae4c5c323147fe155443ab8\n   sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n   VMware Workstation 7.0.1\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Linux 32-bit with VMware Tools\n   md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n   sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n   Workstation for Linux 32-bit without VMware Tools\n   md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n   sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n   Workstation for Linux 64-bit with VMware Tools\n   md5sum: 808682eaa6b202fa29172821f7378768\n   sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n   Workstation for Linux 64-bit without VMware Tools\n   md5sum: 5116e27e7b13a76693402577bd9fda58\n   sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n   VMware Workstation 6.5.4\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .rpm\n   md5sum: 9efb43a604d50e541eb3be7081b8b198\n   sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .bundle\n   md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n   sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .rpm\n   md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n   sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .bundle\n   md5sum: ed24296705ad48442549d9cb2b3c0d8d\n   sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n   VMware Player 3.0.1\n   -------------------\n   http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n   Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n   Player for Windows 32-bit and 64-bit\n   md5sum: 78c92c0242c9540f68a629d4ac49c516\n   sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n   Player for Linux 32-bit (.bundle)\n   md5sum: e7cd19d39c7bbd1aee582743d76a7863\n   sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n   Player for Linux 64-bit (.bundle)\n   md5sum: 88b08537c6eea705883dc1755b97738c\n   sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n   VMware VIX API for Windows 32-bit and 64-bit\n   md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n   sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n   VMware VIX API for 32-bit Linux\n   md5sum: 8b0994a26363246b5e954f97bd5a088d\n   sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n   VMware VIX API for 64-bit Linux\n   md5sum: ef7b9890c52b1e333f2357760a7fff85\n   sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n   VMware Player 2.5.4\n   -------------------\n   http://downloads.vmware.com/download/player/player_reg.html\n   Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n   Player for Windows 32-bit and 64-bit (.exe)\n   md5sum: 531140a1eeed7d8b71f726b3d32a9174\n   sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n   Player for Linux (.rpm)\n   md5sum: 1905f61af490f9760bef54450747e708\n   sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n   Player for Linux (.bundle)\n   md5sum: 74f539005687a4efce7971f7ef019af5\n   sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n   Player for Linux - 64-bit (.rpm)\n   md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n   sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n   Player for Linux - 64-bit (.bundle)\n   md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n   sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n   VMware ACE 2.6.1\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n   VMware Workstation for 32-bit and 64-bit Windows with tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   VMware Workstation for Windows 32-bit and 64-bit without tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   ACE Management Server Virtual Appliance\n   md5sum: e26d258c511572064e99774fbac9184c\n   sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n   ACE Management Server for Windows\n   md5sum: e970828f2a5a62ac108879033a70f4b6\n   sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   md5sum: 59b3ad5964daef2844e72fd1765590fc\n   sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   md5sum: 6623f6a8a645402a1c8c351ec99a1889\n   sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n   VMware ACE 2.5.4\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n   VMware ACE for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   ACE Management Server Virtual Appliance\n   AMS Virtual Appliance .zip\n   md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n   sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n   ACE Management Server for Windows\n   Windows .exe\n   md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n   sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   SLES 9 .rpm\n   md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n   sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   RHEL 4 .rpm\n   md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n   sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n   VMware Server 2.0.2\n   -------------------\n   http://www.vmware.com/download/server/\n   Release notes:\n  http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n   VMware Server 2\n   Version 2.0.2 | 203138   - 10/26/09\n   507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n   master installer file containing all Windows components of VMware\n   Server. \n   md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n   sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n   VIX API 1.6 for Windows\n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB image\n   md5sum: 827e65e70803ec65ade62dd27a74407a\n   sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n   For Linux\n\n   VMware Server 2 for Linux Operating Systems. \n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB TAR image\n   md5sum: 95ddea5a0579a35887bd15b083ffea20\n   sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n   VMware Server 2 for Linux Operating Systems 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   452 MB RPM image\n   md5sum: 35c8b176601133749e4055e0034f8be6\n   sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n   The core application needed to run VMware Server 2, 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   451 MB TAR image\n   md5sum: cc7aef813008eeb7150c21547d431b39\n   sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n   VMware Fusion 3.0.2\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n   Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n   VMware Fusion 3.0.2 (for Intel-based Macs)\n   md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n   sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n   VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n   md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n   sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n   VMware Fusion 2.0.7\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n   Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n   VMware Fusion 2.0.7 (for Intel-based Macs)\n   md5sum: a293f5ce6ccc227760640753386e9da6\n   sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n   VMware Fusion 2.0.7 Light (for Intel-based Macs)\n   md5sum: d4772d118fb90323f598849e70c21189\n   sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n   VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n   ----------------------------------------------\n   VIX API for Window 32-bit and 64-bit\n   Main installation file for Windows 32-bit and 64-bit host\n   md5sum:b494fc3092f07d0f29cc06a19fe61306\n   sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n   VIX API for Linux 32-bit\n   md5sum:6b0ed8872d8b714363cddc68b6a77008\n   sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n   VIX API for Linux 64-bit\n   md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n   sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n   VIX API Version: 1.8.1 | 2009-10-11 |  207905\n   ---------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:4f21e4cb518767bc08045f5a39f5d41f\n   sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n   VIX API for Linux 32-bit\n   md5sum:f347e94d907c26754540d59956ee5d53\n   sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n   VIX API for Linux 64-bit\n   md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n   sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n   VIX API Version: 1.10 Beta | 01/28/10 | 222403\n   ----------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n   sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n   VIX API for Linux 32-bit\n   md5sum:07d1989d042e317eb9d2b3daf269dda7\n   sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n   VIX API for Linux 64-bit\n   md5sum:9b345008e0adec3c044988307294944b\n   sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n   ESXi\n   ----\n   ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n   md5sum: e5aa2968d389594abdc59cbac7b0183d\n   sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n   http://kb.vmware.com/kb/1018404\n\n   ESXi 3.5\n   --------\n   ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n   ESXe350-200912401-O-BG from December 2009. \n\n   The same patch, ESXe350-200912402-T-BG, is also contained in\n   ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n   In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n   included in ESXe350-201003401-O-BG from March 2010. \n\n\n   ESXe350-201002401-O-SG (latest security update)\n   http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n   md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n   http://kb.vmware.com/kb/1015047 (Vi Client)\n\n   http://kb.vmware.com/kb/1016665 (VM Tools)\n\n   http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n   The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n   VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n   ESX\n   ---\n   ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n   md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n   sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n   http://kb.vmware.com/kb/1018403\n\n   Note: ESX400-201002001 contains the bundle with the security fix,\n         ESX400-201002401-BG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n   ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n   md5sum: 99c1fcafbf0ca105ce73840d686e9914\n   sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n   http://kb.vmware.com/kb/1014842\n\n   Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n         ESX400-200911223-UG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n   ESX 3.5 patch ESX350-200912401-BG\n   http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n   md5sum: f1d3589745b4ae933554785aef22bacc\n   sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n   http://kb.vmware.com/kb/1016657\n\n   ESX 3.0.3 patch ESX303-201002203-UG\n   http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n   md5sum: 49ee56b687707cbe6999836c315f081a\n   http://kb.vmware.com/kb/1018030\n\n   ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n   md5sum: c346fe510b6e51145570e03083f77357\n   sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n   http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n   http://www.acrossecurity.com/advisories.htm\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09  VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Johann MacDonagh. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/vmware-player\n                              \u003c= 2.5.5.328052              Vulnerable!\n  2  app-emulation/vmware-workstation\n                              \u003c= 6.5.5.328052              Vulnerable!\n  3  app-emulation/vmware-server\n                              \u003c= 1.0.9.156507              Vulnerable!\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n  # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[  1 ] CVE-2007-5269\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[  2 ] CVE-2007-5503\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[  3 ] CVE-2007-5671\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[  4 ] CVE-2008-0967\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[  5 ] CVE-2008-1340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[  6 ] CVE-2008-1361\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[  7 ] CVE-2008-1362\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[  8 ] CVE-2008-1363\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[  9 ] CVE-2008-1364\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n  Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. \n\nNOTE: This vulnerability cannot be exploited without administrative\nprivileges on recent Windows versions (e.g. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-1138",
        "trust": 4.0
      },
      {
        "db": "SECUNIA",
        "id": "39203",
        "trust": 3.2
      },
      {
        "db": "SECUNIA",
        "id": "39206",
        "trust": 2.6
      },
      {
        "db": "SECUNIA",
        "id": "39215",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "39395",
        "trust": 2.2
      },
      {
        "db": "OSVDB",
        "id": "63607",
        "trust": 1.9
      },
      {
        "db": "SECTRACK",
        "id": "1023836",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157",
        "trust": 1.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0852",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788\u203b14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D7CB6C1-463F-11E9-973F-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "46D9D18E-2356-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88215",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88234",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88236",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "117012",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88233",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "id": "VAR-201004-0994",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      }
    ],
    "trust": 0.1
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      }
    ]
  },
  "last_update_date": "2025-04-11T22:24:07.581000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2010-0007",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
      },
      {
        "title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/157"
      },
      {
        "title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://secunia.com/advisories/39203"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39215"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39206"
      },
      {
        "trust": 2.0,
        "url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
      },
      {
        "trust": 2.0,
        "url": "http://www.securityfocus.com/bid/39395"
      },
      {
        "trust": 1.9,
        "url": "http://osvdb.org/63607"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023836"
      },
      {
        "trust": 1.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1138"
      },
      {
        "trust": 0.8,
        "url": "http://www.vupen.com/english/advisories/2010/0852"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/39206/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/39203/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1015047"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016665"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018404"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016657"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1017685"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/player/player_reg.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018030"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/server/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com)"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://tinyurl.com/27mpjo"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com)"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1014842"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com/advisories.htm"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018403"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39215/"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36988/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36712/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-36/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-37/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39201/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39198/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35346/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "date": "2010-04-09T00:00:00",
        "db": "BID",
        "id": "39395"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "date": "2010-04-10T03:16:16",
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "date": "2010-04-12T12:34:16",
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "date": "2010-04-12T12:34:21",
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "date": "2012-09-30T16:40:15",
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "date": "2010-04-12T12:34:14",
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "date": "2010-04-12T18:30:00.553000",
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      },
      {
        "date": "2013-05-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1138"
      },
      {
        "date": "2012-10-01T19:10:00",
        "db": "BID",
        "id": "39395"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001366"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-1138"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "39395"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88236"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMWare product vmware-vmx Virtual Network Stack Information Disclosure Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c1-463f-11e9-973f-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d9d18e-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0572"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-157"
      }
    ],
    "trust": 0.6
  }
}

VAR-201004-0982

Vulnerability from variot - Updated: 2025-04-11 20:05

Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. When the vmrun tool lists processes, it will cause arbitrary code to be executed with elevated privileges. Multiple VMware products are prone to a local privilege-escalation vulnerability. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Toth-Steiner. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141

Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.

Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.

Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.

End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.

End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.

Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.

  1. Problem Description

a. Windows-based VMware Tools Unsafe Library Loading vulnerability

A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user. 
This vulnerability is present only on Windows Guest Operating
Systems.

In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.

VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue. 
 - Upgrade tools in the virtual machine (virtual machine users
   will be prompted to upgrade).

Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
 - Install the relevant patches (see below for patch identifiers)
 - Manually upgrade tools in the virtual machine (virtual machine
   users will not be prompted to upgrade).  Note the VI Client will
   not show the VMware tools is out of date in the summary tab. 
   Please see http://tinyurl.com/27mpjo page 80 for details.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.x       any      not affected
Workstation    6.5.x     any      6.5.4 build 246459 or later

Player         3.x       any      not affected
Player         2.5.x     any      2.5.4 build 246459 or later

ACE            2.6.x     Windows  not affected
ACE            2.5.x     Windows  2.5.4 build 246459 or later

Server         2.x       any      2.0.2 build 203138 or later

Fusion         3.x       Mac OS/X not affected
Fusion         2.x       Mac OS/X 2.0.6 build 246742 or later

ESXi           4.0       ESXi     ESXi400-201002402-BG
ESXi           3.5       ESXi     ESXe350-200912401-T-BG or later

ESX            4.0       ESX      ESX400-201002401-BG
ESX            3.5       ESX      ESX350-200912401-BG
ESX            3.0.3     ESX      ESX303-201002203-UG
ESX            2.5.5     ESX      Upgrade Patch 15

b. Windows-based VMware Tools Arbitrary Code Execution vulnerability

A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user. This
vulnerability is present only on Windows Guest Operating Systems.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user.  On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.

Steps needed to remediate this vulnerability: See section 3.a.

VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.

Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.

c. Windows-based VMware Workstation and Player host privilege escalation

A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine.  On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.

VMware would like to thank Thierry Zoller for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.0       Windows  7.0.1 build 227600 or later
Workstation    7.0       Linux    not affected
Workstation    6.5.x     any      not affected

Player         3.0       Windows  3.0.1 build 227600 or later
Player         3.0       Linux    not affected
Player         2.5.x     any      not affected

Ace            any       any      not affected

Server         2.x       any      not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

d. Third party library update for libpng to version 1.2.37

The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications. 
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not applicable

Workstation    7.0       any      7.0.1 build 227600 or later
Workstation    6.5.x     any      6.5.4 build 246459 or later

Player         3.0       any      3.0.1 build 227600 or later
Player         2.5.x     any      2.5.4 build 246459 or later

Ace            2.6       Windows  2.6.1 build 227600 or later
Ace            2.5.x     Windows  2.5.4 build 246459 or later

Server         2.x       any      not being fixed at this time

Fusion         any       any      Mac OS/X not affected

ESXi           any       ESXi     not applicable

ESX            any       ESX      not applicable

e. VMware VMnc Codec heap overflow vulnerabilities

The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.

For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.

VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.

To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Movie Decoder  any       Windows  6.5.4 Build 246459 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  6.5.4 build 246459 or later
Workstation    6.5.x     Linux    not affected

Player         3.x       any      not affected
Player         2.5.x     Windows  2.5.4 build 246459 or later
Player         2.5.x     Linux    not affected

ACE            any       any      not affected

Server         2.x       Window   not being addressed at this time
Server         2.x       Linux    not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

f. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. 

For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.

VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.

Under the following two conditions your version of VMrc is likely
to be affected:

- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
  without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system

The following steps allow you to determine if you have an affected
version of VMrc installed:

- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
  system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
  VMrc is affected

Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):

- Uninstall affected versions of VMrc from the systems where the
  VMrc plug-in has been installed (use the Windows Add/Remove
  Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
  ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
  ESX400-200911223-UG using WebAccess on the system where the VMrc
  needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess.  The
  Console tab is selectable after selecting a virtual machine.

Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps. 
Users are advised to use the Internet Explorer VMrc plug-in.

VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.

g. Windows-based VMware authd remote denial of service

A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts.  The denial of service is limited
to a crash of authd.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.0       Windows  7.0.1 build 227600 or later
Workstation    7.0       Linux    not affected
Workstation    6.5.x     Windows  6.5.4 build 246459 or later
Workstation    6.5.x     Linux    not affected

Player         3.0       Windows  3.0.1 build 227600 or later
Player         3.x       Linux    not affected
Player         2.5.x     Windows  2.5.4 build 246459 or later
Player         2.5.x     Linux    not affected

Ace            2.6       Windows  2.6.1 build 227600 or later
Ace            2.5.x     Windows  2.5.4 build 246459 or later

Server         2.x       Windows  not being addressed at this time
Server         2.x       Linux    not affected

Fusion         any       Mac OS/X not affected

ESXi           any       any      not affected

ESX            any       any      not affected

h. Potential information leak via hosted networking stack

A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.

A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.

VMware would like to thank Johann MacDonagh for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.0       any      7.0.1 build 227600 or later
Workstation    6.5.x     Windows  6.5.4 build 246459 or later
Workstation    6.5.x     Linux    not affected

Player         3.0       any      3.0.1 build 227600 or later
Player         2.5.x     Windows  2.5.4 build 246459 or later
Player         2.5.x     Linux    not affected

Ace            2.6       Windows  2.6.1 build 227600 or later
Ace            2.5.x     Windows  2.5.4 build 246459 or later

Server         2.x       any      not being fixed at this time

Fusion         3.0       Mac OS/X 3.0.1 build 232708 or later
Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later

ESXi           any       any      not affected

ESX            any       any      not affected

i. 

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.

VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Workstation Movie Decoder stand alone 6.5.4

http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29

VMware Workstation 7.0.1

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697

Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f

Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac

Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a

VMware Workstation 6.5.4

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b

Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a

Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5

Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8

VMware Player 3.0.1

http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html

Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf

Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a

Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df

VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9

VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6

VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d

VMware Player 2.5.4

http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html

Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5

Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d

Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7

Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72

Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22

VMware ACE 2.6.1

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html

VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5

ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798

ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f

ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d

VMware ACE 2.5.4

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html

VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3

ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110

ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134

ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe

VMware Server 2.0.2

http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html

VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747

VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece

The core application needed to run VMware Server 2, 64-bit version.

The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.

In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.

ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip

md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83

http://kb.vmware.com/kb/1015047 (Vi Client)

http://kb.vmware.com/kb/1016665 (VM Tools)

http://kb.vmware.com/kb/1017685 (Firmware)

The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.

ESX

ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403

Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG

ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842

Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG

ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657

ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030

ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html

  1. References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141

  2. Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .

For more information see vulnerabilities #3 through #7 in: SA39206

SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files.

Background

VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.

Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).

Workaround

There is no known workaround at this time. We recommend that users unmerge VMware Server:

# emerge --unmerge "app-emulation/vmware-server"

References

[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-25.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

Secunia CSI + Microsoft SCCM

= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

TITLE: VMware Products Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA39206

VERIFY ADVISORY: http://secunia.com/advisories/39206/

DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system.

NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista).

3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.

For more information: SA35346

4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.

For more information: SA36712

5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.

For more information: SA39201

SOLUTION: Update to a fixed version.

PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research

The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner

ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html

Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/

OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/

SA36712: http://secunia.com/advisories/36712/

SA36988: http://secunia.com/advisories/36988/

SA39198: http://secunia.com/advisories/39198/

SA39201: http://secunia.com/advisories/39201/

SA39203: http://secunia.com/advisories/39203/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201004-0982",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.6"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.6.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.6.1"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.3"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.2"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.1"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.5.0"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "1.6.x"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "6.5.x"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "6.5.4246459"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "2.0.6246742"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "2.5.4246459"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "vmware",
        "version": "1.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "vix api",
        "version": "1.6.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "vix api",
        "version": "1.6.1"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5118166"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.3185404"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.2156735"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.6"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2203138"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1156745"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2156735"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3185404"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6196839"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "workstation build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.4246459"
      },
      {
        "model": "vix api",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.7"
      },
      {
        "model": "player build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4246459"
      },
      {
        "model": "fusion build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.7246742"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:player",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:vix_api",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alin Rad Pop",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-1139",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2010-1139",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "7d7d04e1-463f-11e9-941d-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-1139",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-1139",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201004-158",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7d04e1-463f-11e9-941d-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-1139",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. When the vmrun tool lists processes, it will cause arbitrary code to be executed with elevated privileges. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thomas Toth-Steiner. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0007\nSynopsis:          VMware hosted products, vCenter Server and ESX\n                   patches resolve multiple security issues\nIssue date:        2010-04-09\nUpdated on:        2010-04-09 (initial release of advisory)\nCVE numbers:       CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n                   CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n                   CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n                   CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n   Notes:\n   Effective May 2010, VMware\u0027s patch and update release program during\n   Extended Support will be continued with the condition that all\n   subsequent patch and update releases will be based on the latest\n   baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n   ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n   \"End of Product Availability FAQs\" at\n   http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n   details. \n\n   Extended support for ESX 2.5.5 ends on 2010-06-15.  Users should plan\n   to upgrade to at least ESX 3.0.3 and preferably to the newest\n   release available. \n\n   Extended support for ESX 3.0.3 ends on 2011-12-10.  Users should plan\n   to upgrade to at least ESX 3.5 and preferably to the newest release\n   available. \n\n   End of General Support for VMware Workstation 6.x is 2011-04-27,\n   users should plan to upgrade to the newest release available. \n\n   End of General Support for VMware Server 2.0 is 2011-06-30, users\n   should plan to upgrade to the newest release of either ESXi or\n   VMware Player. \n\n   Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n   should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n    A vulnerability in the way VMware libraries are referenced allows\n    for arbitrary code execution in the context of the logged on user. \n    This vulnerability is present only on Windows Guest Operating\n    Systems. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to lure the user that is logged on a Windows Guest\n    Operating System to click on the attacker\u0027s file on a network\n    share. This file could be in any file format. The attacker will\n    need to have the ability to host their malicious files on a\n    network share. \n\n    VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n    Security (http://www.acrossecurity.com) for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1141 to this issue. \n     - Upgrade tools in the virtual machine (virtual machine users\n       will be prompted to upgrade). \n\n    Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n     - Install the relevant patches (see below for patch identifiers)\n     - Manually upgrade tools in the virtual machine (virtual machine\n       users will not be prompted to upgrade).  Note the VI Client will\n       not show the VMware tools is out of date in the summary tab. \n       Please see http://tinyurl.com/27mpjo page 80 for details. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. See above for remediation\n    details. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     any      6.5.4 build 246459 or later\n\n    Player         3.x       any      not affected\n    Player         2.5.x     any      2.5.4 build 246459 or later\n\n    ACE            2.6.x     Windows  not affected\n    ACE            2.5.x     Windows  2.5.4 build 246459 or later\n\n    Server         2.x       any      2.0.2 build 203138 or later\n\n    Fusion         3.x       Mac OS/X not affected\n    Fusion         2.x       Mac OS/X 2.0.6 build 246742 or later\n\n    ESXi           4.0       ESXi     ESXi400-201002402-BG\n    ESXi           3.5       ESXi     ESXe350-200912401-T-BG or later\n\n    ESX            4.0       ESX      ESX400-201002401-BG\n    ESX            3.5       ESX      ESX350-200912401-BG\n    ESX            3.0.3     ESX      ESX303-201002203-UG\n    ESX            2.5.5     ESX      Upgrade Patch 15\n\n b. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n    A vulnerability in the way VMware executables are loaded allows for\n    arbitrary code execution in the context of the logged on user. This\n    vulnerability is present only on Windows Guest Operating Systems. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the Virtual Machine of the user.  On most\n    recent versions of Windows (XP, Vista) the attacker would need to\n    have administrator privileges to plant the malicious executable in\n    the right location. \n\n    Steps needed to remediate this vulnerability: See section 3.a. \n\n    VMware would like to thank Mitja Kolsek of ACROS Security\n    (http://www.acrossecurity.com) for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1142 to this issue. \n\n    Refer to the previous table in section 3.a for what action\n    remediates the vulnerability (column 4) if a solution is\n    available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n    escalation\n\n    A vulnerability in the USB service allows for a privilege\n    escalation. A local attacker on the host of a Windows-based\n    Operating System where VMware Workstation or VMware Player\n    is installed could plant a malicious executable on the host and\n    elevate their privileges. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the host machine.  On most recent versions of\n    Windows (XP, Vista) the attacker would need to have administrator\n    privileges to plant the malicious executable in the right location. \n\n    VMware would like to thank Thierry Zoller for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1140 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.0       Windows  7.0.1 build 227600 or later\n    Workstation    7.0       Linux    not affected\n    Workstation    6.5.x     any      not affected\n\n    Player         3.0       Windows  3.0.1 build 227600 or later\n    Player         3.0       Linux    not affected\n    Player         2.5.x     any      not affected\n\n    Ace            any       any      not affected\n\n    Server         2.x       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n    The libpng libraries through 1.2.35 contain an uninitialized-\n    memory-read bug that may have security implications. \n    Specifically, 1-bit (2-color) interlaced images whose widths are\n    not divisible by 8 may result in several uninitialized bits at the\n    end of certain rows in certain interlace passes being returned to\n    the user. An application that failed to mask these out-of-bounds\n    pixels might display or process them, albeit presumably with benign\n    results in most cases. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2042 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not applicable\n\n    Workstation    7.0       any      7.0.1 build 227600 or later\n    Workstation    6.5.x     any      6.5.4 build 246459 or later\n\n    Player         3.0       any      3.0.1 build 227600 or later\n    Player         2.5.x     any      2.5.4 build 246459 or later\n\n    Ace            2.6       Windows  2.6.1 build 227600 or later\n    Ace            2.5.x     Windows  2.5.4 build 246459 or later\n\n    Server         2.x       any      not being fixed at this time\n\n    Fusion         any       any      Mac OS/X not affected\n\n    ESXi           any       ESXi     not applicable\n\n    ESX            any       ESX      not applicable\n\n e. VMware VMnc Codec heap overflow vulnerabilities\n\n    The VMware movie decoder contains the VMnc media codec that is\n    required to play back movies recorded with VMware Workstation,\n    VMware Player and VMware ACE, in any compatible media player. The\n    movie decoder is installed as part of VMware Workstation, VMware\n    Player and VMware ACE, or can be downloaded as a stand alone\n    package. \n\n    For an attack to be successful the user must be tricked into\n    visiting a malicious web page or opening a malicious video file on\n    a system that has the vulnerable version of the VMnc codec installed. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n    issues. \n\n    VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n    Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n    of Secunia Research for reporting these issues to us. \n\n    To remediate the above issues either install the stand alone movie\n    decoder or update your product using the table below. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Movie Decoder  any       Windows  6.5.4 Build 246459 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  6.5.4 build 246459 or later\n    Workstation    6.5.x     Linux    not affected\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  2.5.4 build 246459 or later\n    Player         2.5.x     Linux    not affected\n\n    ACE            any       any      not affected\n\n    Server         2.x       Window   not being addressed at this time\n    Server         2.x       Linux    not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\nf. \n    Exploitation of this issue may lead to arbitrary code execution on\n    the system where VMrc is installed. \n\n    For an attack to be successful, an attacker would need to trick the\n    VMrc user into opening a malicious Web page or following a malicious\n    URL. Code execution would be at the privilege level of the user. \n\n    VMrc is present on a system if the VMrc browser plug-in has been\n    installed. This plug-in is required when using the console feature in\n    WebAccess. Installation of the plug-in follows after visiting the\n    console tab in WebAccess and choosing \"Install plug-in\". The plug-\n    in can only be installed on Internet Explorer and Firefox. \n\n    Under the following two conditions your version of VMrc is likely\n    to be affected:\n\n    - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n      without patch ESX400-200911223-UG and\n    - VMrc is installed on a Windows-based system\n\n    The following steps allow you to determine if you have an affected\n    version of VMrc installed:\n\n    - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n      system\n    - Right click and go to Properties\n    - Go to the tab \"Versions\"\n    - Click \"File Version\" in the \"Item Name\" window\n    - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n      VMrc is affected\n\n    Remediation of this issue on Windows-based systems requires the\n    following steps (Linux-based systems are not affected):\n\n    - Uninstall affected versions of VMrc from the systems where the\n      VMrc plug-in has been installed (use the Windows Add/Remove\n      Programs interface)\n    - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n      ESX400-200911223-UG\n    - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n      ESX400-200911223-UG using WebAccess on the system where the VMrc\n      needs to be re-installed\n    - Re-install VMrc by going to the console tab in WebAccess.  The\n      Console tab is selectable after selecting a virtual machine. \n\n    Note: the VMrc plug-in for Firefox on Windows-based operating\n    systems is no longer compatible after the above remediation steps. \n    Users are advised to use the Internet Explorer VMrc plug-in. \n\n    VMware would like to thank Alexey Sintsov from Digital Security\n    Research Group for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n    A vulnerability in vmware-authd could cause a denial of service\n    condition on Windows-based hosts.  The denial of service is limited\n    to a crash of authd. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-3707 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.0       Windows  7.0.1 build 227600 or later\n    Workstation    7.0       Linux    not affected\n    Workstation    6.5.x     Windows  6.5.4 build 246459 or later\n    Workstation    6.5.x     Linux    not affected\n\n    Player         3.0       Windows  3.0.1 build 227600 or later\n    Player         3.x       Linux    not affected\n    Player         2.5.x     Windows  2.5.4 build 246459 or later\n    Player         2.5.x     Linux    not affected\n\n    Ace            2.6       Windows  2.6.1 build 227600 or later\n    Ace            2.5.x     Windows  2.5.4 build 246459 or later\n\n    Server         2.x       Windows  not being addressed at this time\n    Server         2.x       Linux    not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       any      not affected\n\n    ESX            any       any      not affected\n\n h. Potential information leak via hosted networking stack\n\n    A vulnerability in the virtual networking stack of VMware hosted\n    products could allow host information disclosure. \n\n    A guest operating system could send memory from the host vmware-vmx\n    process to the virtual network adapter and potentially to the\n    host\u0027s physical Ethernet wire. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1138 to this issue. \n\n    VMware would like to thank Johann MacDonagh for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.0       any      7.0.1 build 227600 or later\n    Workstation    6.5.x     Windows  6.5.4 build 246459 or later\n    Workstation    6.5.x     Linux    not affected\n\n    Player         3.0       any      3.0.1 build 227600 or later\n    Player         2.5.x     Windows  2.5.4 build 246459 or later\n    Player         2.5.x     Linux    not affected\n\n    Ace            2.6       Windows  2.6.1 build 227600 or later\n    Ace            2.5.x     Windows  2.5.4 build 246459 or later\n\n    Server         2.x       any      not being fixed at this time\n\n    Fusion         3.0       Mac OS/X 3.0.1 build 232708 or later\n    Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later\n\n    ESXi           any       any      not affected\n\n    ESX            any       any      not affected\n\n i. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1139 to this issue. \n\n    VMware would like to thank Thomas Toth-Steiner for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation Movie Decoder stand alone 6.5.4\n   --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n   md5sum: ea2ac5907ae4c5c323147fe155443ab8\n   sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n   VMware Workstation 7.0.1\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Linux 32-bit with VMware Tools\n   md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n   sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n   Workstation for Linux 32-bit without VMware Tools\n   md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n   sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n   Workstation for Linux 64-bit with VMware Tools\n   md5sum: 808682eaa6b202fa29172821f7378768\n   sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n   Workstation for Linux 64-bit without VMware Tools\n   md5sum: 5116e27e7b13a76693402577bd9fda58\n   sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n   VMware Workstation 6.5.4\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .rpm\n   md5sum: 9efb43a604d50e541eb3be7081b8b198\n   sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .bundle\n   md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n   sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .rpm\n   md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n   sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .bundle\n   md5sum: ed24296705ad48442549d9cb2b3c0d8d\n   sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n   VMware Player 3.0.1\n   -------------------\n   http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n   Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n   Player for Windows 32-bit and 64-bit\n   md5sum: 78c92c0242c9540f68a629d4ac49c516\n   sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n   Player for Linux 32-bit (.bundle)\n   md5sum: e7cd19d39c7bbd1aee582743d76a7863\n   sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n   Player for Linux 64-bit (.bundle)\n   md5sum: 88b08537c6eea705883dc1755b97738c\n   sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n   VMware VIX API for Windows 32-bit and 64-bit\n   md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n   sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n   VMware VIX API for 32-bit Linux\n   md5sum: 8b0994a26363246b5e954f97bd5a088d\n   sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n   VMware VIX API for 64-bit Linux\n   md5sum: ef7b9890c52b1e333f2357760a7fff85\n   sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n   VMware Player 2.5.4\n   -------------------\n   http://downloads.vmware.com/download/player/player_reg.html\n   Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n   Player for Windows 32-bit and 64-bit (.exe)\n   md5sum: 531140a1eeed7d8b71f726b3d32a9174\n   sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n   Player for Linux (.rpm)\n   md5sum: 1905f61af490f9760bef54450747e708\n   sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n   Player for Linux (.bundle)\n   md5sum: 74f539005687a4efce7971f7ef019af5\n   sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n   Player for Linux - 64-bit (.rpm)\n   md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n   sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n   Player for Linux - 64-bit (.bundle)\n   md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n   sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n   VMware ACE 2.6.1\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n   VMware Workstation for 32-bit and 64-bit Windows with tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   VMware Workstation for Windows 32-bit and 64-bit without tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   ACE Management Server Virtual Appliance\n   md5sum: e26d258c511572064e99774fbac9184c\n   sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n   ACE Management Server for Windows\n   md5sum: e970828f2a5a62ac108879033a70f4b6\n   sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   md5sum: 59b3ad5964daef2844e72fd1765590fc\n   sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   md5sum: 6623f6a8a645402a1c8c351ec99a1889\n   sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n   VMware ACE 2.5.4\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n   VMware ACE for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   ACE Management Server Virtual Appliance\n   AMS Virtual Appliance .zip\n   md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n   sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n   ACE Management Server for Windows\n   Windows .exe\n   md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n   sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   SLES 9 .rpm\n   md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n   sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   RHEL 4 .rpm\n   md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n   sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n   VMware Server 2.0.2\n   -------------------\n   http://www.vmware.com/download/server/\n   Release notes:\n  http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n   VMware Server 2\n   Version 2.0.2 | 203138   - 10/26/09\n   507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n   master installer file containing all Windows components of VMware\n   Server. \n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB TAR image\n   md5sum: 95ddea5a0579a35887bd15b083ffea20\n   sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n   VMware Server 2 for Linux Operating Systems 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   452 MB RPM image\n   md5sum: 35c8b176601133749e4055e0034f8be6\n   sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n   The core application needed to run VMware Server 2, 64-bit version. \n\n   The same patch, ESXe350-200912402-T-BG, is also contained in\n   ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n   In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n   included in ESXe350-201003401-O-BG from March 2010. \n\n\n   ESXe350-201002401-O-SG (latest security update)\n   http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n   md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n   http://kb.vmware.com/kb/1015047 (Vi Client)\n\n   http://kb.vmware.com/kb/1016665 (VM Tools)\n\n   http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n   The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n   VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n   ESX\n   ---\n   ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n   md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n   sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n   http://kb.vmware.com/kb/1018403\n\n   Note: ESX400-201002001 contains the bundle with the security fix,\n         ESX400-201002401-BG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n   ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n   md5sum: 99c1fcafbf0ca105ce73840d686e9914\n   sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n   http://kb.vmware.com/kb/1014842\n\n   Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n         ESX400-200911223-UG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n   ESX 3.5 patch ESX350-200912401-BG\n   http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n   md5sum: f1d3589745b4ae933554785aef22bacc\n   sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n   http://kb.vmware.com/kb/1016657\n\n   ESX 3.0.3 patch ESX303-201002203-UG\n   http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n   md5sum: 49ee56b687707cbe6999836c315f081a\n   http://kb.vmware.com/kb/1018030\n\n   ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n   md5sum: c346fe510b6e51145570e03083f77357\n   sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n   http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n   http://www.acrossecurity.com/advisories.htm\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09  VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nFor more information see vulnerabilities #3 through #7 in:\nSA39206\n\nSOLUTION:\nRestrict local access to trusted users only. Do not open untrusted\nimages or video files. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/vmware-player\n                              \u003c= 2.5.5.328052              Vulnerable!\n  2  app-emulation/vmware-workstation\n                              \u003c= 6.5.5.328052              Vulnerable!\n  3  app-emulation/vmware-server\n                              \u003c= 1.0.9.156507              Vulnerable!\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n  # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[  1 ] CVE-2007-5269\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[  2 ] CVE-2007-5503\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[  3 ] CVE-2007-5671\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[  4 ] CVE-2008-0967\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[  5 ] CVE-2008-1340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[  6 ] CVE-2008-1361\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[  7 ] CVE-2008-1362\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[  8 ] CVE-2008-1363\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[  9 ] CVE-2008-1364\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n  Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. \n\nNOTE: This vulnerability cannot be exploited without administrative\nprivileges on recent Windows versions (e.g. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-1139",
        "trust": 4.0
      },
      {
        "db": "SECUNIA",
        "id": "39201",
        "trust": 3.2
      },
      {
        "db": "SECUNIA",
        "id": "39206",
        "trust": 2.6
      },
      {
        "db": "SECUNIA",
        "id": "39215",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "39407",
        "trust": 2.2
      },
      {
        "db": "OSVDB",
        "id": "63606",
        "trust": 1.9
      },
      {
        "db": "SECTRACK",
        "id": "1023835",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158",
        "trust": 1.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0852",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788\u203b14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D7D04E1-463F-11E9-941D-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "46D0BBE4-2356-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88508",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88215",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88234",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "117012",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88233",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "id": "VAR-201004-0982",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      }
    ],
    "trust": 0.1
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      }
    ]
  },
  "last_update_date": "2025-04-11T20:05:20.586000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2010-0007",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
      },
      {
        "title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/158"
      },
      {
        "title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-134",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://secunia.com/advisories/39201"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39206"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39215"
      },
      {
        "trust": 2.0,
        "url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
      },
      {
        "trust": 2.0,
        "url": "http://www.securityfocus.com/bid/39407"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023835"
      },
      {
        "trust": 1.9,
        "url": "http://osvdb.org/63606"
      },
      {
        "trust": 1.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1139"
      },
      {
        "trust": 0.8,
        "url": "http://www.vupen.com/english/advisories/2010/0852"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.3,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/39201/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/39206/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/134.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1015047"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016665"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018404"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016657"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1017685"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/player/player_reg.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018030"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/server/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com)"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://tinyurl.com/27mpjo"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com)"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1014842"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com/advisories.htm"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018403"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39215/"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36988/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36712/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-36/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-37/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39203/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39198/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35346/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "date": "2010-04-09T00:00:00",
        "db": "BID",
        "id": "39407"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "date": "2010-04-16T05:45:28",
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "date": "2010-04-10T03:16:16",
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "date": "2010-04-12T12:34:16",
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "date": "2012-09-30T16:40:15",
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "date": "2010-04-12T12:34:14",
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "date": "2010-04-12T18:30:00.587000",
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      },
      {
        "date": "2013-05-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1139"
      },
      {
        "date": "2012-10-01T19:10:00",
        "db": "BID",
        "id": "39407"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001367"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-1139"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "39407"
      },
      {
        "db": "PACKETSTORM",
        "id": "88508"
      },
      {
        "db": "PACKETSTORM",
        "id": "88234"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMWare VIX API vmrun Tool Format String Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0571"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Format string",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7d04e1-463f-11e9-941d-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46d0bbe4-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-158"
      }
    ],
    "trust": 1.0
  }
}

VAR-201004-0988

Vulnerability from variot - Updated: 2025-04-11 20:01

VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading.plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. All guest operating system users on Windows platforms can gain privilege escalation by placing Trojans on the guest system's disks. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. NOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. Please see the vendor's advisory for more information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2010-0007 Synopsis: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Issue date: 2010-04-09 Updated on: 2010-04-09 (initial release of advisory) CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042 CVE-2009-1564 CVE-2009-1565 CVE-2009-3732 CVE-2009-3707 CVE-2010-1138 CVE-2010-1139 CVE-2010-1141

Notes: Effective May 2010, VMware's patch and update release program during Extended Support will be continued with the condition that all subsequent patch and update releases will be based on the latest baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1, ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section "End of Product Availability FAQs" at http://www.vmware.com/support/policies/lifecycle/vi/faq.html for details.

Extended support for ESX 2.5.5 ends on 2010-06-15. Users should plan to upgrade to at least ESX 3.0.3 and preferably to the newest release available.

Extended support for ESX 3.0.3 ends on 2011-12-10. Users should plan to upgrade to at least ESX 3.5 and preferably to the newest release available.

End of General Support for VMware Workstation 6.x is 2011-04-27, users should plan to upgrade to the newest release available.

End of General Support for VMware Server 2.0 is 2011-06-30, users should plan to upgrade to the newest release of either ESXi or VMware Player.

Extended support for Virtual Center 2.0.2 is 2011-12-10, users should plan to upgrade to the newest release of vCenter Server.

  1. Problem Description

a. Windows-based VMware Tools Unsafe Library Loading vulnerability

A vulnerability in the way VMware libraries are referenced allows
for arbitrary code execution in the context of the logged on user.

In order for an attacker to exploit the vulnerability, the attacker
would need to lure the user that is logged on a Windows Guest
Operating System to click on the attacker's file on a network
share. This file could be in any file format. The attacker will
need to have the ability to host their malicious files on a
network share.

VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS
Security (http://www.acrossecurity.com) for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1141 to this issue.

Steps needed to remediate this vulnerability:

Guest systems on VMware Workstation, Player, ACE, Server, Fusion
 - Install the remediated version of Workstation, Player, ACE,
   Server and Fusion. 
 - Upgrade tools in the virtual machine (virtual machine users
   will be prompted to upgrade).

Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5
 - Install the relevant patches (see below for patch identifiers)
 - Manually upgrade tools in the virtual machine (virtual machine
   users will not be prompted to upgrade).  Note the VI Client will
   not show the VMware tools is out of date in the summary tab. 
   Please see http://tinyurl.com/27mpjo page 80 for details.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. See above for remediation
details. Windows-based VMware Tools Arbitrary Code Execution vulnerability

A vulnerability in the way VMware executables are loaded allows for
arbitrary code execution in the context of the logged on user.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the Virtual Machine of the user.  On most
recent versions of Windows (XP, Vista) the attacker would need to
have administrator privileges to plant the malicious executable in
the right location.

Steps needed to remediate this vulnerability: See section 3.a.

VMware would like to thank Mitja Kolsek of ACROS Security
(http://www.acrossecurity.com) for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1142 to this issue.

Refer to the previous table in section 3.a for what action
remediates the vulnerability (column 4) if a solution is
available. See above for remediation details.

c. Windows-based VMware Workstation and Player host privilege escalation

A vulnerability in the USB service allows for a privilege
escalation. A local attacker on the host of a Windows-based
Operating System where VMware Workstation or VMware Player
is installed could plant a malicious executable on the host and
elevate their privileges.

In order for an attacker to exploit the vulnerability, the attacker
would need to be able to plant their malicious executable in a
certain location on the host machine.  On most recent versions of
Windows (XP, Vista) the attacker would need to have administrator
privileges to plant the malicious executable in the right location.

VMware would like to thank Thierry Zoller for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-1140 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.0       Windows  7.0.1 build 227600 or later
Workstation    7.0       Linux    not affected
Workstation    6.5.x     any      not affected

Player         3.0       Windows  3.0.1 build 227600 or later
Player         3.0       Linux    not affected
Player         2.5.x     any      not affected

Ace            any       any      not affected

Server         2.x       any      not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

d. Third party library update for libpng to version 1.2.37

The libpng libraries through 1.2.35 contain an uninitialized-
memory-read bug that may have security implications. 
Specifically, 1-bit (2-color) interlaced images whose widths are
not divisible by 8 may result in several uninitialized bits at the
end of certain rows in certain interlace passes being returned to
the user. An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2042 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities

The VMware movie decoder contains the VMnc media codec that is
required to play back movies recorded with VMware Workstation,
VMware Player and VMware ACE, in any compatible media player. The
movie decoder is installed as part of VMware Workstation, VMware
Player and VMware ACE, or can be downloaded as a stand alone
package.

Vulnerabilities in the decoder allow for execution of arbitrary
code with the privileges of the user running an application
utilizing the vulnerable codec.

For an attack to be successful the user must be tricked into
visiting a malicious web page or opening a malicious video file on
a system that has the vulnerable version of the VMnc codec installed.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.

VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.

To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Movie Decoder  any       Windows  6.5.4 Build 246459 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  6.5.4 build 246459 or later
Workstation    6.5.x     Linux    not affected

Player         3.x       any      not affected
Player         2.5.x     Windows  2.5.4 build 246459 or later
Player         2.5.x     Linux    not affected

ACE            any       any      not affected

Server         2.x       Window   not being addressed at this time
Server         2.x       Linux    not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

f. 

For an attack to be successful, an attacker would need to trick the
VMrc user into opening a malicious Web page or following a malicious
URL. Code execution would be at the privilege level of the user.

VMrc is present on a system if the VMrc browser plug-in has been
installed. This plug-in is required when using the console feature in
WebAccess. Installation of the plug-in follows after visiting the
console tab in WebAccess and choosing "Install plug-in". The plug-
in can only be installed on Internet Explorer and Firefox.

Under the following two conditions your version of VMrc is likely
to be affected:

- the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0
  without patch ESX400-200911223-UG and
- VMrc is installed on a Windows-based system

The following steps allow you to determine if you have an affected
version of VMrc installed:

- Locate the VMrc executable vmware-vmrc.exe on your Windows-based
  system
- Right click and go to Properties
- Go to the tab "Versions"
- Click "File Version" in the "Item Name" window
- If the "Value" window shows "e.x.p build-158248", the version of
  VMrc is affected

Remediation of this issue on Windows-based systems requires the
following steps (Linux-based systems are not affected):

- Uninstall affected versions of VMrc from the systems where the
  VMrc plug-in has been installed (use the Windows Add/Remove
  Programs interface)
- Install vCenter 4.0 Update 1 or install the ESX 4.0 patch
  ESX400-200911223-UG
- Login into vCenter 4.0 Update 1 or ESX 4.0 with patch
  ESX400-200911223-UG using WebAccess on the system where the VMrc
  needs to be re-installed
- Re-install VMrc by going to the console tab in WebAccess.  The
  Console tab is selectable after selecting a virtual machine.

Note: the VMrc plug-in for Firefox on Windows-based operating
systems is no longer compatible after the above remediation steps. 
Users are advised to use the Internet Explorer VMrc plug-in.

VMware would like to thank Alexey Sintsov from Digital Security
Research Group for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3732 to this issue.

g. Windows-based VMware authd remote denial of service

A vulnerability in vmware-authd could cause a denial of service
condition on Windows-based hosts.  The denial of service is limited
to a crash of authd.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3707 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Potential information leak via hosted networking stack

A vulnerability in the virtual networking stack of VMware hosted
products could allow host information disclosure.

A guest operating system could send memory from the host vmware-vmx
process to the virtual network adapter and potentially to the
host's physical Ethernet wire.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1138 to this issue.

VMware would like to thank Johann MacDonagh for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available. Linux-based vmrun format string vulnerability

A format string vulnerability in vmrun could allow arbitrary code
execution.

If a vmrun command is issued and processes are listed, code could
be executed in the context of the user listing the processes.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2010-1139 to this issue.

VMware would like to thank Thomas Toth-Steiner for reporting this
issue to us.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

VIX API        any       Windows  not affected
VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later
VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later

Workstation    7.x       any      not affected
Workstation    6.5.x     Windows  not affected
Workstation    6.5.x     Linux    6.5.4 build 246459 or later

Player         3.x       any      not affected
Player         2.5.x     Windows  not affected
Player         2.5.x     Linux    2.5.4 build 246459 or later

Ace            any       Windows  not affected

Server         2.x       Windows  not affected
Server         2.x       Linux    not being fixed at this time

Fusion         3.x       Mac OS/X not affected
Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later

ESXi           any       any      not affected

ESX            any       any      not affected
  1. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Workstation Movie Decoder stand alone 6.5.4

http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe md5sum: ea2ac5907ae4c5c323147fe155443ab8 sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29

VMware Workstation 7.0.1

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Windows 32-bit and 64-bit with VMware Tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

Workstation for Windows 32-bit and 64-bit without VMware Tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX Release notes: http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html

Workstation for Linux 32-bit with VMware Tools md5sum: a896f7aaedde8799f21b52b89f5fc9ef sha1sum: f6d0789afa7927ca154973a071603a0bd098e697

Workstation for Linux 32-bit without VMware Tools md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874 sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f

Workstation for Linux 64-bit with VMware Tools md5sum: 808682eaa6b202fa29172821f7378768 sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac

Workstation for Linux 64-bit without VMware Tools md5sum: 5116e27e7b13a76693402577bd9fda58 sha1sum: dbcd045a889b95ac14828b8106631b678354e30a

VMware Workstation 6.5.4

For Windows

http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

For Linux http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX Release Notes: http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html

Workstation for Linux 32-bit Linux 32-bit .rpm md5sum: 9efb43a604d50e541eb3be7081b8b198 sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b

Workstation for Linux 32-bit Linux 32-bit .bundle md5sum: 38760682ad3b2f6bfb4e40f424c95c2a sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a

Workstation for Linux 64-bit Linux 64-bit .rpm md5sum: 24311492bc515e9bc98eff9b2e7d33a2 sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5

Workstation for Linux 64-bit Linux 64-bit .bundle md5sum: ed24296705ad48442549d9cb2b3c0d8d sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8

VMware Player 3.0.1

http://downloads.vmware.com/tryvmware/?p=player&lp=default Release notes: http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html

Player for Windows 32-bit and 64-bit md5sum: 78c92c0242c9540f68a629d4ac49c516 sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf

Player for Linux 32-bit (.bundle) md5sum: e7cd19d39c7bbd1aee582743d76a7863 sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a

Player for Linux 64-bit (.bundle) md5sum: 88b08537c6eea705883dc1755b97738c sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df

VMware VIX API for Windows 32-bit and 64-bit md5sum: 2c46fc7e2516f331eb4dd23154d00a54 sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9

VMware VIX API for 32-bit Linux md5sum: 8b0994a26363246b5e954f97bd5a088d sha1sum: af93da138a158ee6e05780a5c4042414735987b6

VMware VIX API for 64-bit Linux md5sum: ef7b9890c52b1e333f2357760a7fff85 sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d

VMware Player 2.5.4

http://downloads.vmware.com/download/player/player_reg.html Release notes: http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html

Player for Windows 32-bit and 64-bit (.exe) md5sum: 531140a1eeed7d8b71f726b3d32a9174 sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5

Player for Linux (.rpm) md5sum: 1905f61af490f9760bef54450747e708 sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d

Player for Linux (.bundle) md5sum: 74f539005687a4efce7971f7ef019af5 sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7

Player for Linux - 64-bit (.rpm) md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39 sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72

Player for Linux - 64-bit (.bundle) md5sum: 175ce2f9656ff10a1327c0d48f80c65f sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22

VMware ACE 2.6.1

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN Release notes: http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html

VMware Workstation for 32-bit and 64-bit Windows with tools md5sum: fc8502a748de3b8f94c5c9571c1f17d2 sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206

VMware Workstation for Windows 32-bit and 64-bit without tools md5sum: 6a18ea3847cb727b03f7890f5643db79 sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984

ACE Management Server Virtual Appliance md5sum: e26d258c511572064e99774fbac9184c sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5

ACE Management Server for Windows md5sum: e970828f2a5a62ac108879033a70f4b6 sha1sum: eca89372eacc78c3130781d0d183715055d64798

ACE Management Server for SUSE Enterprise Linux 9 md5sum: 59b3ad5964daef2844e72fd1765590fc sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f

ACE Management Server for Red Hat Enterprise Linux 4 md5sum: 6623f6a8a645402a1c8c351ec99a1889 sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d

VMware ACE 2.5.4

http://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN Release notes: http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html

VMware ACE for Windows 32-bit and 64-bit Windows 32-bit and 64-bit .exe md5sum: 2dc393fcc4e78dcf2165098a4938699a sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569

ACE Management Server Virtual Appliance AMS Virtual Appliance .zip md5sum: 3935f23d4a074e7a3429a1c80cfd2155 sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3

ACE Management Server for Windows Windows .exe md5sum: 1173bd7da6ed330a262ed4e2eff6562c sha1sum: d9bce88a350aa957f3387f870af763875d4d9110

ACE Management Server for SUSE Enterprise Linux 9 SLES 9 .rpm md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208 sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134

ACE Management Server for Red Hat Enterprise Linux 4 RHEL 4 .rpm md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5 sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe

VMware Server 2.0.2

http://www.vmware.com/download/server/ Release notes: http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html

VMware Server 2 Version 2.0.2 | 203138 - 10/26/09 507 MB EXE image VMware Server 2 for Windows Operating Systems. A master installer file containing all Windows components of VMware Server. md5sum: a6430bcc16ff7b3a29bb8da1704fc38a sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b

VIX API 1.6 for Windows Version 2.0.2 | 203138 - 10/26/09 37 MB image md5sum: 827e65e70803ec65ade62dd27a74407a sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22

For Linux

VMware Server 2 for Linux Operating Systems. Version 2.0.2 | 203138 - 10/26/09 37 MB TAR image md5sum: 95ddea5a0579a35887bd15b083ffea20 sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747

VMware Server 2 for Linux Operating Systems 64-bit version. Version 2.0.2 | 203138 - 10/26/09 452 MB RPM image md5sum: 35c8b176601133749e4055e0034f8be6 sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece

The core application needed to run VMware Server 2, 64-bit version. Version 2.0.2 | 203138 - 10/26/09 451 MB TAR image md5sum: cc7aef813008eeb7150c21547d431b39 sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474

VMware Fusion 3.0.2

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302 Release notes: http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html

VMware Fusion 3.0.2 (for Intel-based Macs) md5sum: aa17278a4a668eeb9f9467e4e3111ccc sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3

VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs) md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896 sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01

VMware Fusion 2.0.7

http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207 Release notes: http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html

VMware Fusion 2.0.7 (for Intel-based Macs) md5sum: a293f5ce6ccc227760640753386e9da6 sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370

VMware Fusion 2.0.7 Light (for Intel-based Macs) md5sum: d4772d118fb90323f598849e70c21189 sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77

VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713

VIX API for Window 32-bit and 64-bit Main installation file for Windows 32-bit and 64-bit host md5sum:b494fc3092f07d0f29cc06a19fe61306 sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9

VIX API for Linux 32-bit md5sum:6b0ed8872d8b714363cddc68b6a77008 sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1

VIX API for Linux 64-bit md5sum:d57aa9f98058d5a386c18e14cc05bf4d sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b

VIX API Version: 1.8.1 | 2009-10-11 | 207905

VIX API for Windows 32-bit and 64-bit md5sum:4f21e4cb518767bc08045f5a39f5d41f sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12

VIX API for Linux 32-bit md5sum:f347e94d907c26754540d59956ee5d53 sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907

VIX API for Linux 64-bit md5sum:b8a3982072d0d42c0c37dd7eb49d686c sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8

VIX API Version: 1.10 Beta | 01/28/10 | 222403

VIX API for Windows 32-bit and 64-bit md5sum:ac5b6e9197cb68c302bfac9ed683e3af sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73

VIX API for Linux 32-bit md5sum:07d1989d042e317eb9d2b3daf269dda7 sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c

VIX API for Linux 64-bit md5sum:9b345008e0adec3c044988307294944b sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b

ESXi

ESXi 4.0 bulletin ESXi400-201002402-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip md5sum: e5aa2968d389594abdc59cbac7b0183d sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2 http://kb.vmware.com/kb/1018404

ESXi 3.5

ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in ESXe350-200912401-O-BG from December 2009.

The same patch, ESXe350-200912402-T-BG, is also contained in ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update.

In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also included in ESXe350-201003401-O-BG from March 2010.

ESXe350-201002401-O-SG (latest security update) http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip

md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83

http://kb.vmware.com/kb/1015047 (Vi Client)

http://kb.vmware.com/kb/1016665 (VM Tools)

http://kb.vmware.com/kb/1017685 (Firmware)

The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.

ESX

ESX 4.0 bulletin ESX400-201002401-BG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403

Note: ESX400-201002001 contains the bundle with the security fix, ESX400-201002401-BG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG

ESX 4.0 bulletin ESX400-200911223-UG https://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip md5sum: 99c1fcafbf0ca105ce73840d686e9914 sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb http://kb.vmware.com/kb/1014842

Note: ESX-4.0.0-update01a contains the bundle with the security fix, ESX400-200911223-UG To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG

ESX 3.5 patch ESX350-200912401-BG http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip md5sum: f1d3589745b4ae933554785aef22bacc sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47 http://kb.vmware.com/kb/1016657

ESX 3.0.3 patch ESX303-201002203-UG http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip md5sum: 49ee56b687707cbe6999836c315f081a http://kb.vmware.com/kb/1018030

ESX 2.5.5 Upgrade Patch 15 http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz md5sum: c346fe510b6e51145570e03083f77357 sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4 http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html

  1. References http://www.acrossecurity.com/advisories.htm http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141

  2. Change log 2010-04-09 VMSA-2010-0007 Initial security advisory after release of Workstation 6.5.4 and Fusion 2.0.7 on 2010-04-08.

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT d58bjKG6Ic7m/TsoJP4M2tw= =Q1zv -----END PGP SIGNATURE----- .

Background

VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 app-emulation/vmware-player <= 2.5.5.328052 Vulnerable! 2 app-emulation/vmware-workstation <= 6.5.5.328052 Vulnerable! 3 app-emulation/vmware-server <= 1.0.9.156507 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.

Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS).

Workaround

There is no known workaround at this time. We recommend that users unmerge VMware Server:

# emerge --unmerge "app-emulation/vmware-server"

References

[ 1 ] CVE-2007-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269 [ 2 ] CVE-2007-5503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503 [ 3 ] CVE-2007-5671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671 [ 4 ] CVE-2008-0967 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967 [ 5 ] CVE-2008-1340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340 [ 6 ] CVE-2008-1361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361 [ 7 ] CVE-2008-1362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362 [ 8 ] CVE-2008-1363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363 [ 9 ] CVE-2008-1364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364 [ 10 ] CVE-2008-1392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392 [ 11 ] CVE-2008-1447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 [ 12 ] CVE-2008-1806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806 [ 13 ] CVE-2008-1807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807 [ 14 ] CVE-2008-1808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808 [ 15 ] CVE-2008-2098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098 [ 16 ] CVE-2008-2100 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100 [ 17 ] CVE-2008-2101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101 [ 18 ] CVE-2008-4915 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915 [ 19 ] CVE-2008-4916 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916 [ 20 ] CVE-2008-4917 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917 [ 21 ] CVE-2009-0040 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040 [ 22 ] CVE-2009-0909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909 [ 23 ] CVE-2009-0910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910 [ 24 ] CVE-2009-1244 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244 [ 25 ] CVE-2009-2267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267 [ 26 ] CVE-2009-3707 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707 [ 27 ] CVE-2009-3732 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732 [ 28 ] CVE-2009-3733 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733 [ 29 ] CVE-2009-4811 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811 [ 30 ] CVE-2010-1137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137 [ 31 ] CVE-2010-1138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138 [ 32 ] CVE-2010-1139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139 [ 33 ] CVE-2010-1140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140 [ 34 ] CVE-2010-1141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141 [ 35 ] CVE-2010-1142 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142 [ 36 ] CVE-2010-1143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143 [ 37 ] CVE-2011-3868 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-25.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

Secunia CSI + Microsoft SCCM

= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

TITLE: VMware Products Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA39206

VERIFY ADVISORY: http://secunia.com/advisories/39206/

DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system. Windows XP and Windows Vista).

3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image.

For more information: SA35346

4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code.

For more information: SA36712

5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash.

For more information: SA39203

7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges.

For more information: SA39201

SOLUTION: Update to a fixed version.

PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research

The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner

ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html

Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/

OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/

SA36712: http://secunia.com/advisories/36712/

SA36988: http://secunia.com/advisories/36988/

SA39198: http://secunia.com/advisories/39198/

SA39201: http://secunia.com/advisories/39201/

SA39203: http://secunia.com/advisories/39203/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201004-0988",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "2.5.5"
      },
      {
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.0.3"
      },
      {
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "model": "esx",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "esxi",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "model": "esxi",
        "scope": "eq",
        "trust": 3.0,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "6.5.x"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.x"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.3"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.2"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "6.5.1"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "3.0"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.0"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.5"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "6.5.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "workstation",
        "version": "6.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "player",
        "version": "2.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "ace",
        "version": "2.5.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "server",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "2.0.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "fusion",
        "version": "3.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esxi",
        "version": "3.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esxi",
        "version": "4.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "2.5.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "3.0.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "3.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "esx",
        "version": "4.0"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5118166"
      },
      {
        "model": "vix api",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.6"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2203138"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1156745"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6196839"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6"
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "model": "esxi server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "esxi server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.0.3"
      },
      {
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.5"
      },
      {
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "4.0"
      },
      {
        "model": "esx server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.5"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3185404"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2156735"
      },
      {
        "model": "ace build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "ace",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.6"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "BID",
        "id": "39394"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:ace",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esx",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:esxi",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:player",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:server",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:vmware:workstation",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Alin Rad Pop",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-1142",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2010-1142",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.8,
            "id": "46e2c62c-2356-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-1142",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-1142",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201004-161",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "46e2c62c-2356-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-1142",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading.plural VMware Product VMware Tools Is VMware There is a vulnerability in which privileges can be obtained due to a flaw in processing related to program loading. VMWare is a virtual PC software that allows two or more Windows, DOS, and LINUX systems to run simultaneously on a single machine. All guest operating system users on Windows platforms can gain privilege escalation by placing Trojans on the guest system\u0027s disks. On recent versions of Windows, only users with administrative privileges can successfully perform an attack. Multiple VMware products are prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to execute arbitrary code with elevated privileges; this may aid in other attacks. \nNOTE: This issue was previously covered in BID 39345 (VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities), but has been given its own record to better document it. \nPlease see the vendor\u0027s advisory for more information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0007\nSynopsis:          VMware hosted products, vCenter Server and ESX\n                   patches resolve multiple security issues\nIssue date:        2010-04-09\nUpdated on:        2010-04-09 (initial release of advisory)\nCVE numbers:       CVE-2010-1142 CVE-2010-1140 CVE-2009-2042\n                   CVE-2009-1564 CVE-2009-1565 CVE-2009-3732\n                   CVE-2009-3707 CVE-2010-1138 CVE-2010-1139\n                   CVE-2010-1141\n- -------------------------------------------------------------------------\n\n1. \n\n2. \n\n   Notes:\n   Effective May 2010, VMware\u0027s patch and update release program during\n   Extended Support will be continued with the condition that all\n   subsequent patch and update releases will be based on the latest\n   baseline release version as of May 2010 (i.e. ESX 3.0.3 Update 1,\n   ESX 3.5 Update 5, and VirtualCenter 2.5 Update 6). Refer to section\n   \"End of Product Availability FAQs\" at\n   http://www.vmware.com/support/policies/lifecycle/vi/faq.html for\n   details. \n\n   Extended support for ESX 2.5.5 ends on 2010-06-15.  Users should plan\n   to upgrade to at least ESX 3.0.3 and preferably to the newest\n   release available. \n\n   Extended support for ESX 3.0.3 ends on 2011-12-10.  Users should plan\n   to upgrade to at least ESX 3.5 and preferably to the newest release\n   available. \n\n   End of General Support for VMware Workstation 6.x is 2011-04-27,\n   users should plan to upgrade to the newest release available. \n\n   End of General Support for VMware Server 2.0 is 2011-06-30, users\n   should plan to upgrade to the newest release of either ESXi or\n   VMware Player. \n\n   Extended support for Virtual Center 2.0.2 is 2011-12-10, users\n   should plan to upgrade to the newest release of vCenter Server. \n\n3. Problem Description\n\n a. Windows-based VMware Tools Unsafe Library Loading vulnerability\n\n    A vulnerability in the way VMware libraries are referenced allows\n    for arbitrary code execution in the context of the logged on user. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to lure the user that is logged on a Windows Guest\n    Operating System to click on the attacker\u0027s file on a network\n    share. This file could be in any file format. The attacker will\n    need to have the ability to host their malicious files on a\n    network share. \n\n    VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS\n    Security (http://www.acrossecurity.com) for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1141 to this issue. \n\n    Steps needed to remediate this vulnerability:\n\n    Guest systems on VMware Workstation, Player, ACE, Server, Fusion\n     - Install the remediated version of Workstation, Player, ACE,\n       Server and Fusion. \n     - Upgrade tools in the virtual machine (virtual machine users\n       will be prompted to upgrade). \n\n    Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5\n     - Install the relevant patches (see below for patch identifiers)\n     - Manually upgrade tools in the virtual machine (virtual machine\n       users will not be prompted to upgrade).  Note the VI Client will\n       not show the VMware tools is out of date in the summary tab. \n       Please see http://tinyurl.com/27mpjo page 80 for details. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. See above for remediation\n    details. Windows-based VMware Tools Arbitrary Code Execution vulnerability\n\n    A vulnerability in the way VMware executables are loaded allows for\n    arbitrary code execution in the context of the logged on user. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the Virtual Machine of the user.  On most\n    recent versions of Windows (XP, Vista) the attacker would need to\n    have administrator privileges to plant the malicious executable in\n    the right location. \n\n    Steps needed to remediate this vulnerability: See section 3.a. \n\n    VMware would like to thank Mitja Kolsek of ACROS Security\n    (http://www.acrossecurity.com) for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1142 to this issue. \n\n    Refer to the previous table in section 3.a for what action\n    remediates the vulnerability (column 4) if a solution is\n    available. See above for remediation details. \n\n c. Windows-based VMware Workstation and Player host privilege\n    escalation\n\n    A vulnerability in the USB service allows for a privilege\n    escalation. A local attacker on the host of a Windows-based\n    Operating System where VMware Workstation or VMware Player\n    is installed could plant a malicious executable on the host and\n    elevate their privileges. \n\n    In order for an attacker to exploit the vulnerability, the attacker\n    would need to be able to plant their malicious executable in a\n    certain location on the host machine.  On most recent versions of\n    Windows (XP, Vista) the attacker would need to have administrator\n    privileges to plant the malicious executable in the right location. \n\n    VMware would like to thank Thierry Zoller for reporting this issue\n    to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-1140 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.0       Windows  7.0.1 build 227600 or later\n    Workstation    7.0       Linux    not affected\n    Workstation    6.5.x     any      not affected\n\n    Player         3.0       Windows  3.0.1 build 227600 or later\n    Player         3.0       Linux    not affected\n    Player         2.5.x     any      not affected\n\n    Ace            any       any      not affected\n\n    Server         2.x       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n d. Third party library update for libpng to version 1.2.37\n\n    The libpng libraries through 1.2.35 contain an uninitialized-\n    memory-read bug that may have security implications. \n    Specifically, 1-bit (2-color) interlaced images whose widths are\n    not divisible by 8 may result in several uninitialized bits at the\n    end of certain rows in certain interlace passes being returned to\n    the user. An application that failed to mask these out-of-bounds\n    pixels might display or process them, albeit presumably with benign\n    results in most cases. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-2042 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. VMware VMnc Codec heap overflow vulnerabilities\n\n    The VMware movie decoder contains the VMnc media codec that is\n    required to play back movies recorded with VMware Workstation,\n    VMware Player and VMware ACE, in any compatible media player. The\n    movie decoder is installed as part of VMware Workstation, VMware\n    Player and VMware ACE, or can be downloaded as a stand alone\n    package. \n\n    Vulnerabilities in the decoder allow for execution of arbitrary\n    code with the privileges of the user running an application\n    utilizing the vulnerable codec. \n\n    For an attack to be successful the user must be tricked into\n    visiting a malicious web page or opening a malicious video file on\n    a system that has the vulnerable version of the VMnc codec installed. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2009-1564 and CVE-2009-1565 to these\n    issues. \n\n    VMware would like to thank iDefense, Sebastien Renaud of VUPEN\n    Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop\n    of Secunia Research for reporting these issues to us. \n\n    To remediate the above issues either install the stand alone movie\n    decoder or update your product using the table below. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Movie Decoder  any       Windows  6.5.4 Build 246459 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  6.5.4 build 246459 or later\n    Workstation    6.5.x     Linux    not affected\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  2.5.4 build 246459 or later\n    Player         2.5.x     Linux    not affected\n\n    ACE            any       any      not affected\n\n    Server         2.x       Window   not being addressed at this time\n    Server         2.x       Linux    not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\nf. \n\n    For an attack to be successful, an attacker would need to trick the\n    VMrc user into opening a malicious Web page or following a malicious\n    URL. Code execution would be at the privilege level of the user. \n\n    VMrc is present on a system if the VMrc browser plug-in has been\n    installed. This plug-in is required when using the console feature in\n    WebAccess. Installation of the plug-in follows after visiting the\n    console tab in WebAccess and choosing \"Install plug-in\". The plug-\n    in can only be installed on Internet Explorer and Firefox. \n\n    Under the following two conditions your version of VMrc is likely\n    to be affected:\n\n    - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0\n      without patch ESX400-200911223-UG and\n    - VMrc is installed on a Windows-based system\n\n    The following steps allow you to determine if you have an affected\n    version of VMrc installed:\n\n    - Locate the VMrc executable vmware-vmrc.exe on your Windows-based\n      system\n    - Right click and go to Properties\n    - Go to the tab \"Versions\"\n    - Click \"File Version\" in the \"Item Name\" window\n    - If the \"Value\" window shows \"e.x.p build-158248\", the version of\n      VMrc is affected\n\n    Remediation of this issue on Windows-based systems requires the\n    following steps (Linux-based systems are not affected):\n\n    - Uninstall affected versions of VMrc from the systems where the\n      VMrc plug-in has been installed (use the Windows Add/Remove\n      Programs interface)\n    - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch\n      ESX400-200911223-UG\n    - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch\n      ESX400-200911223-UG using WebAccess on the system where the VMrc\n      needs to be re-installed\n    - Re-install VMrc by going to the console tab in WebAccess.  The\n      Console tab is selectable after selecting a virtual machine. \n\n    Note: the VMrc plug-in for Firefox on Windows-based operating\n    systems is no longer compatible after the above remediation steps. \n    Users are advised to use the Internet Explorer VMrc plug-in. \n\n    VMware would like to thank Alexey Sintsov from Digital Security\n    Research Group for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3732 to this issue. \n\n\n g. Windows-based VMware authd remote denial of service\n\n    A vulnerability in vmware-authd could cause a denial of service\n    condition on Windows-based hosts.  The denial of service is limited\n    to a crash of authd. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2009-3707 to this issue. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Potential information leak via hosted networking stack\n\n    A vulnerability in the virtual networking stack of VMware hosted\n    products could allow host information disclosure. \n\n    A guest operating system could send memory from the host vmware-vmx\n    process to the virtual network adapter and potentially to the\n    host\u0027s physical Ethernet wire. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1138 to this issue. \n\n    VMware would like to thank Johann MacDonagh for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. Linux-based vmrun format string vulnerability\n\n    A format string vulnerability in vmrun could allow arbitrary code\n    execution. \n\n    If a vmrun command is issued and processes are listed, code could\n    be executed in the context of the user listing the processes. \n\n    The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n    has assigned the name CVE-2010-1139 to this issue. \n\n    VMware would like to thank Thomas Toth-Steiner for reporting this\n    issue to us. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    VIX API        any       Windows  not affected\n    VIX API        1.6.x     Linux    upgrade to VIX API 1.7 or later\n    VIX API        1.6.x     Linux64  upgrade to VIX API 1.7 or later\n\n    Workstation    7.x       any      not affected\n    Workstation    6.5.x     Windows  not affected\n    Workstation    6.5.x     Linux    6.5.4 build 246459 or later\n\n    Player         3.x       any      not affected\n    Player         2.5.x     Windows  not affected\n    Player         2.5.x     Linux    2.5.4 build 246459 or later\n\n    Ace            any       Windows  not affected\n\n    Server         2.x       Windows  not affected\n    Server         2.x       Linux    not being fixed at this time\n\n    Fusion         3.x       Mac OS/X not affected\n    Fusion         2.x       Mac OS/X 2.0.7 build 246742 or later\n\n    ESXi           any       any      not affected\n\n    ESX            any       any      not affected\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation Movie Decoder stand alone 6.5.4\n   --------------------------------------------------\n\nhttp://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe\n   md5sum: ea2ac5907ae4c5c323147fe155443ab8\n   sha1sum: 5ca8d1fd45f6a7a6f38019b259c3e836ee4e8f29\n\n   VMware Workstation 7.0.1\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-701-LX\n   Release notes:\n   http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html\n\n   Workstation for Linux 32-bit with VMware Tools\n   md5sum: a896f7aaedde8799f21b52b89f5fc9ef\n   sha1sum: f6d0789afa7927ca154973a071603a0bd098e697\n\n   Workstation for Linux 32-bit without VMware Tools\n   md5sum: 59ecd27bdf3f59be3b4df8f04d1b3874\n   sha1sum: 22e1a475069fca5e8d2446bf14661fa6d894d34f\n\n   Workstation for Linux 64-bit with VMware Tools\n   md5sum: 808682eaa6b202fa29172821f7378768\n   sha1sum: a901c45a2a02678b0d1722e8f27152c3af12a7ac\n\n   Workstation for Linux 64-bit without VMware Tools\n   md5sum: 5116e27e7b13a76693402577bd9fda58\n   sha1sum: dbcd045a889b95ac14828b8106631b678354e30a\n\n   VMware Workstation 6.5.4\n   ------------------------\n   For Windows\n\nhttp://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-WIN\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   For Linux\n   http://downloads.vmware.com/download/download.do?downloadGroup=WKST-654-LX\n   Release Notes:\n   http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .rpm\n   md5sum: 9efb43a604d50e541eb3be7081b8b198\n   sha1sum: 4240d664f85a11f47288d2279224b26bef92aa8b\n\n   Workstation for Linux 32-bit\n   Linux 32-bit .bundle\n   md5sum: 38760682ad3b2f6bfb4e40f424c95c2a\n   sha1sum: ec78099322b5fb2a737cd74a1978a5c07382dc8a\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .rpm\n   md5sum: 24311492bc515e9bc98eff9b2e7d33a2\n   sha1sum: b4947ef09f740440e8a24fc2ba05c0a7c11b82f5\n\n   Workstation for Linux 64-bit\n   Linux 64-bit .bundle\n   md5sum: ed24296705ad48442549d9cb2b3c0d8d\n   sha1sum: 3c0f1efae0a64fa3a41be21b0bfc962f12e0e6d8\n\n\n   VMware Player 3.0.1\n   -------------------\n   http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default\n   Release notes:\nhttp://downloads.vmware.com/support/player30/doc/releasenotes_player301.html\n\n   Player for Windows 32-bit and 64-bit\n   md5sum: 78c92c0242c9540f68a629d4ac49c516\n   sha1sum: 7fc255fcd1a6784458012314db1206ed922e92cf\n\n   Player for Linux 32-bit (.bundle)\n   md5sum: e7cd19d39c7bbd1aee582743d76a7863\n   sha1sum: cff76010f0429576288ea1e5a594cd47a2c64f4a\n\n   Player for Linux 64-bit (.bundle)\n   md5sum: 88b08537c6eea705883dc1755b97738c\n   sha1sum: 84f25370d24c03a18968a4f4c8e06cef3d21c2df\n\n   VMware VIX API for Windows 32-bit and 64-bit\n   md5sum: 2c46fc7e2516f331eb4dd23154d00a54\n   sha1sum: 85ceb1b718806c6870e3a918bcc772d1486ccdc9\n\n   VMware VIX API for 32-bit Linux\n   md5sum: 8b0994a26363246b5e954f97bd5a088d\n   sha1sum: af93da138a158ee6e05780a5c4042414735987b6\n\n   VMware VIX API for 64-bit Linux\n   md5sum: ef7b9890c52b1e333f2357760a7fff85\n   sha1sum: dfef8531356de78171e13c4c108ebaeb43eaa62d\n\n   VMware Player 2.5.4\n   -------------------\n   http://downloads.vmware.com/download/player/player_reg.html\n   Release notes:\nhttp://downloads.vmware.com/support/player25/doc/releasenotes_player254.html\n\n   Player for Windows 32-bit and 64-bit (.exe)\n   md5sum: 531140a1eeed7d8b71f726b3d32a9174\n   sha1sum: 2500fa8af48452bd0e97040b80c569c3cb4f73e5\n\n   Player for Linux (.rpm)\n   md5sum: 1905f61af490f9760bef54450747e708\n   sha1sum: cf7444c0a6331439c5479a4158112a60eb0e6e8d\n\n   Player for Linux (.bundle)\n   md5sum: 74f539005687a4efce7971f7ef019af5\n   sha1sum: 4c4412c5807ecd00e66886e0e7c43ed61b62aab7\n\n   Player for Linux - 64-bit (.rpm)\n   md5sum: 013078d7f6adcdbcbaafbf5e0ae11a39\n   sha1sum: 7c434173a3fe446ebefce4803bfaa7ab67d1ff72\n\n   Player for Linux - 64-bit (.bundle)\n   md5sum: 175ce2f9656ff10a1327c0d48f80c65f\n   sha1sum: bf7acfdcb44bf345d58f79ad1bcb04816f262d22\n\n\n   VMware ACE 2.6.1\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-261-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html\n\n   VMware Workstation for 32-bit and 64-bit Windows with tools\n   md5sum: fc8502a748de3b8f94c5c9571c1f17d2\n   sha1sum: 3de01b355b17363a92d80200ff5e7267b3bde206\n\n   VMware Workstation for Windows 32-bit and 64-bit without tools\n   md5sum: 6a18ea3847cb727b03f7890f5643db79\n   sha1sum: 260b019db4619b0d1d775e5c38cc46b6db250984\n\n   ACE Management Server Virtual Appliance\n   md5sum: e26d258c511572064e99774fbac9184c\n   sha1sum: 9363656b70caa11a31a6229451202d9f8203c1f5\n\n   ACE Management Server for Windows\n   md5sum: e970828f2a5a62ac108879033a70f4b6\n   sha1sum: eca89372eacc78c3130781d0d183715055d64798\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   md5sum: 59b3ad5964daef2844e72fd1765590fc\n   sha1sum: 91048de7665f5dc466f06e2ebc4c08f08026a97f\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   md5sum: 6623f6a8a645402a1c8c351ec99a1889\n   sha1sum: a6d74ba072c5a513fcf8993edebaaf7f8225c05d\n\n   VMware ACE 2.5.4\n   ----------------\nhttp://downloads.vmware.com/download/download.do?downloadGroup=ACE-254-WIN\n   Release notes:\n   http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html\n\n   VMware ACE for Windows 32-bit and 64-bit\n   Windows 32-bit and 64-bit .exe\n   md5sum: 2dc393fcc4e78dcf2165098a4938699a\n   sha1sum: acfff457860c8c53c637c01f74f8aaa72d1c9569\n\n   ACE Management Server Virtual Appliance\n   AMS Virtual Appliance .zip\n   md5sum: 3935f23d4a074e7a3429a1c80cfd2155\n   sha1sum: 5b09439a9c840d39ae49fbd7a79732ecd58c52a3\n\n   ACE Management Server for Windows\n   Windows .exe\n   md5sum: 1173bd7da6ed330a262ed4e2eff6562c\n   sha1sum: d9bce88a350aa957f3387f870af763875d4d9110\n\n   ACE Management Server for SUSE Enterprise Linux 9\n   SLES 9 .rpm\n   md5sum: 0bec2cf8d6ae3bb6976c9d8cc2573208\n   sha1sum: f3c6d9ee3357535b1540cedd9e86d723e2ed2134\n\n   ACE Management Server for Red Hat Enterprise Linux 4\n   RHEL 4 .rpm\n   md5sum: 17caa522af79cf1f6b2ebad16a4ac8a5\n   sha1sum: cdd6e2a4e3d7ad89f95e60f1af024bea7eaba0fe\n\n\n   VMware Server 2.0.2\n   -------------------\n   http://www.vmware.com/download/server/\n   Release notes:\n  http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html\n\n   VMware Server 2\n   Version 2.0.2 | 203138   - 10/26/09\n   507 MB EXE image VMware Server 2 for Windows Operating Systems. A\n   master installer file containing all Windows components of VMware\n   Server. \n   md5sum: a6430bcc16ff7b3a29bb8da1704fc38a\n   sha1sum: 39683e7333732cf879ff0b34f66e693dde0e340b\n\n   VIX API 1.6 for Windows\n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB image\n   md5sum: 827e65e70803ec65ade62dd27a74407a\n   sha1sum: a14281bc055271a19be3c88026e92304bc3f0e22\n\n   For Linux\n\n   VMware Server 2 for Linux Operating Systems. \n   Version 2.0.2 | 203138   - 10/26/09\n   37 MB TAR image\n   md5sum: 95ddea5a0579a35887bd15b083ffea20\n   sha1sum: 14cf12063a7480f240ccd96178ad4258cb26a747\n\n   VMware Server 2 for Linux Operating Systems 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   452 MB RPM image\n   md5sum: 35c8b176601133749e4055e0034f8be6\n   sha1sum: e8dc842d89899df5cd3e1136af76f19ca5ccbece\n\n   The core application needed to run VMware Server 2, 64-bit version. \n   Version 2.0.2 | 203138   - 10/26/09\n   451 MB TAR image\n   md5sum: cc7aef813008eeb7150c21547d431b39\n   sha1sum: b65d3d46dc947fc7995bda354c4947afabd23474\n\n\n   VMware Fusion 3.0.2\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-302\n   Release notes:\nhttp://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html\n\n   VMware Fusion 3.0.2 (for Intel-based Macs)\n   md5sum: aa17278a4a668eeb9f9467e4e3111ccc\n   sha1sum: 58c3d63705ac90839f7c1ae14264177e1fd56df3\n\n   VMware Fusion 3.0.2 Light for Mac (for Intel-based Macs)\n   md5sum: 052ecbbfc4f59a85e2d08b4bd3ef0896\n   sha1sum: 61e00487f4c649588099647d4a5f47ddf5b8ad01\n\n   VMware Fusion 2.0.7\n   -------------------\n   http://downloads.vmware.com/download/download.do?downloadGroup=FUS-207\n   Release notes:\nhttp://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html\n\n   VMware Fusion 2.0.7 (for Intel-based Macs)\n   md5sum: a293f5ce6ccc227760640753386e9da6\n   sha1sum: ddfda92f9baf30e536bc485e42325d173a1aa370\n\n   VMware Fusion 2.0.7 Light (for Intel-based Macs)\n   md5sum: d4772d118fb90323f598849e70c21189\n   sha1sum: 5c1df1597e77ebe0f0555749b281008ca5f2fb77\n\n\n   VIX API 1.7 Version: 1.7 | 2009-08-26 | 186713\n   ----------------------------------------------\n   VIX API for Window 32-bit and 64-bit\n   Main installation file for Windows 32-bit and 64-bit host\n   md5sum:b494fc3092f07d0f29cc06a19fe61306\n   sha1sum:aa8638424cb7f25c1e42343134ac9f0bd2c2e0c9\n\n   VIX API for Linux 32-bit\n   md5sum:6b0ed8872d8b714363cddc68b6a77008\n   sha1sum:8a9b12a61641394b347488119a7120eaa47dc2a1\n\n   VIX API for Linux 64-bit\n   md5sum:d57aa9f98058d5a386c18e14cc05bf4d\n   sha1sum:3b7d4461ea257e795b322cc080f4ae29a230666b\n\n   VIX API Version: 1.8.1 | 2009-10-11 |  207905\n   ---------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:4f21e4cb518767bc08045f5a39f5d41f\n   sha1sum:5b8275c549f9d9498bd2ed078557f1ce1986ac12\n\n   VIX API for Linux 32-bit\n   md5sum:f347e94d907c26754540d59956ee5d53\n   sha1sum:6ddc6c9371ba127d04bc83bd55988a6c83366907\n\n   VIX API for Linux 64-bit\n   md5sum:b8a3982072d0d42c0c37dd7eb49d686c\n   sha1sum:d044ac3dd42f806bc4ff48ddf584b5e3d82910c8\n\n   VIX API Version: 1.10 Beta | 01/28/10 | 222403\n   ----------------------------------------------\n   VIX API for Windows 32-bit and 64-bit\n   md5sum:ac5b6e9197cb68c302bfac9ed683e3af\n   sha1sum:0d942e7409e88e684bdb65811e7be7f47d631a73\n\n   VIX API for Linux 32-bit\n   md5sum:07d1989d042e317eb9d2b3daf269dda7\n   sha1sum:1e3840d426d7dfff53fa7e1bd22b09b56cf2362c\n\n   VIX API for Linux 64-bit\n   md5sum:9b345008e0adec3c044988307294944b\n   sha1sum:7a54a893369c2227f7e8058430c40983168c6e0b\n\n\n   ESXi\n   ----\n   ESXi 4.0 bulletin ESXi400-201002402-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-193-20100228-731251/ESXi400-201002001.zip\n   md5sum: e5aa2968d389594abdc59cbac7b0183d\n   sha1sum: bb50b3ad7934e3f9e24edc879b35e83b357343b2\n   http://kb.vmware.com/kb/1018404\n\n   ESXi 3.5\n   --------\n   ESXi 3.5 patch ESXe350-200912402-T-BG was first contained in\n   ESXe350-200912401-O-BG from December 2009. \n\n   The same patch, ESXe350-200912402-T-BG, is also contained in\n   ESXe350-201002401-O-SG from February 2010 ESXi 3.5 security update. \n\n   In latest non-security ESXi 3.5 update, ESXe350-201003402-T-BG is also\n   included in ESXe350-201003401-O-BG from March 2010. \n\n\n   ESXe350-201002401-O-SG (latest security update)\n   http://download3.vmware.com/software/vi/ESXe350-201002401-O-SG.zip\n\n   md5sum: 0c8d4d1c0e3c2aed9f785cf081225d83\n\n   http://kb.vmware.com/kb/1015047 (Vi Client)\n\n   http://kb.vmware.com/kb/1016665 (VM Tools)\n\n   http://kb.vmware.com/kb/1017685 (Firmware)\n\n\n\n   The three ESXi patches for Firmware \"I\", VMware Tools \"T,\" and the\n   VI Client \"C\" are contained in a single offline \"O\" download file. \n\n\n   ESX\n   ---\n   ESX 4.0 bulletin ESX400-201002401-BG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732240/ESX400-201002001.zip\n   md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n   sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n   http://kb.vmware.com/kb/1018403\n\n   Note: ESX400-201002001 contains the bundle with the security fix,\n         ESX400-201002401-BG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX400-201002001 -b ESX400-201002401-BG\n\n   ESX 4.0 bulletin ESX400-200911223-UG\nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-166-20091202-254879/ESX-4.0.0-update01a.zip\n   md5sum: 99c1fcafbf0ca105ce73840d686e9914\n   sha1sum: aa8a23416271bc28b6b8f6bdbe00045e36314ebb\n   http://kb.vmware.com/kb/1014842\n\n   Note: ESX-4.0.0-update01a contains the bundle with the security fix,\n         ESX400-200911223-UG\n   To install an individual bulletin use esxupdate with the -b option. \n   esxupdate --bundle ESX-4.0.0-update01a -b ESX400-200911223-UG\n\n   ESX 3.5 patch ESX350-200912401-BG\n   http://download3.vmware.com/software/vi/ESX350-200912401-BG.zip\n   md5sum: f1d3589745b4ae933554785aef22bacc\n   sha1sum: d1e5a9209b165d43d75f076e556fc028bec4cc47\n   http://kb.vmware.com/kb/1016657\n\n   ESX 3.0.3 patch ESX303-201002203-UG\n   http://download3.vmware.com/software/vi/ESX303-201002203-UG.zip\n   md5sum: 49ee56b687707cbe6999836c315f081a\n   http://kb.vmware.com/kb/1018030\n\n   ESX 2.5.5 Upgrade Patch 15\n http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz\n   md5sum: c346fe510b6e51145570e03083f77357\n   sha1sum: ef6b19247825fb3fe2c55f8fda3cdd05ac7bb1f4\n   http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html\n\n\n5. References\n   http://www.acrossecurity.com/advisories.htm\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1564\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1565\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3707\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3732\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1138\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1139\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1140\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1142\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1141\n\n6. Change log\n2010-04-09  VMSA-2010-0007\nInitial security advisory after release of Workstation 6.5.4 and Fusion\n2.0.7 on 2010-04-08. \n\n- ------------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFLvvM8S2KysvBH1xkRAgu/AJ9RrzlOq/5Ug0t8R4qoi/UwDVJDpACbBGgT\nd58bjKG6Ic7m/TsoJP4M2tw=\n=Q1zv\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/vmware-player\n                              \u003c= 2.5.5.328052              Vulnerable!\n  2  app-emulation/vmware-workstation\n                              \u003c= 6.5.5.328052              Vulnerable!\n  3  app-emulation/vmware-server\n                              \u003c= 1.0.9.156507              Vulnerable!\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nA remote attacker could entice a user to open a specially crafted file,\npossibly resulting in the remote execution of arbitrary code, or a\nDenial of Service. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nFurthermore, guest OS users may be able to execute arbitrary code on\nthe host OS, gain escalated privileges on the guest OS, or cause a\nDenial of Service (crash the host OS). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. We recommend that users\nunmerge VMware Server:\n\n  # emerge --unmerge \"app-emulation/vmware-server\"\n\nReferences\n==========\n\n[  1 ] CVE-2007-5269\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5269\n[  2 ] CVE-2007-5503\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5503\n[  3 ] CVE-2007-5671\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5671\n[  4 ] CVE-2008-0967\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0967\n[  5 ] CVE-2008-1340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1340\n[  6 ] CVE-2008-1361\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1361\n[  7 ] CVE-2008-1362\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1362\n[  8 ] CVE-2008-1363\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1363\n[  9 ] CVE-2008-1364\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1364\n[ 10 ] CVE-2008-1392\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1392\n[ 11 ] CVE-2008-1447\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447\n[ 12 ] CVE-2008-1806\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1806\n[ 13 ] CVE-2008-1807\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1807\n[ 14 ] CVE-2008-1808\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1808\n[ 15 ] CVE-2008-2098\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2098\n[ 16 ] CVE-2008-2100\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2100\n[ 17 ] CVE-2008-2101\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2101\n[ 18 ] CVE-2008-4915\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4915\n[ 19 ] CVE-2008-4916\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4916\n[ 20 ] CVE-2008-4917\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4917\n[ 21 ] CVE-2009-0040\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040\n[ 22 ] CVE-2009-0909\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909\n[ 23 ] CVE-2009-0910\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910\n[ 24 ] CVE-2009-1244\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244\n[ 25 ] CVE-2009-2267\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267\n[ 26 ] CVE-2009-3707\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707\n[ 27 ] CVE-2009-3732\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3732\n[ 28 ] CVE-2009-3733\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733\n[ 29 ] CVE-2009-4811\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4811\n[ 30 ] CVE-2010-1137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1137\n[ 31 ] CVE-2010-1138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1138\n[ 32 ] CVE-2010-1139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1139\n[ 33 ] CVE-2010-1140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1140\n[ 34 ] CVE-2010-1141\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1141\n[ 35 ] CVE-2010-1142\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1142\n[ 36 ] CVE-2010-1143\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1143\n[ 37 ] CVE-2011-3868\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3868\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201209-25.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\n\n  Secunia CSI\n+ Microsoft SCCM\n-----------------------\n= Extensive Patch Management\n\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Products Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA39206\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39206/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in multiple VMware products,\nwhich can be exploited by malicious, local users to disclose\nsensitive information or gain escalated privileges, and by malicious\npeople to disclose sensitive information, cause a DoS (Denial of\nService), or potentially compromise a user\u0027s system. Windows XP and Windows\nVista). \n\n3) An error in libpng can be exploited to disclose uninitialised\nmemory via a specially crafted image. \n\nFor more information:\nSA35346\n\n4) A boundary error and two integer truncation errors in the VMnc\ncodec can be exploited to potentially execute arbitrary code. \n\nFor more information:\nSA36712\n\n5) An error in the VMware Authorization Service (\"vmware-authd\") can\nbe exploited to cause a crash. \n\nFor more information:\nSA39203\n\n7) A format string error in \"vmrun\" can be exploited to potentially\ngain escalated privileges. \n\nFor more information:\nSA39201\n\nSOLUTION:\nUpdate to a fixed version. \n\nPROVIDED AND/OR DISCOVERED BY:\n4) Alin Rad Pop, Secunia Research\n\nThe vendor also credits:\n1) Jure Skofic and Mitja Kolsek of ACROS Security\n2) Thierry Zoller\n4) iDefense and Sebastien Renaud of Vupen\n6) Johann MacDonagh\n7) Thomas Toth-Steiner\n\nORIGINAL ADVISORY:\nVMware (VMSA-2010-0007):\nhttp://lists.vmware.com/pipermail/security-announce/2010/000090.html\n\nSecunia Research:\nhttp://secunia.com/secunia_research/2009-36/\nhttp://secunia.com/secunia_research/2009-37/\n\nOTHER REFERENCES:\nSA35346:\nhttp://secunia.com/advisories/35346/\n\nSA36712:\nhttp://secunia.com/advisories/36712/\n\nSA36988:\nhttp://secunia.com/advisories/36988/\n\nSA39198:\nhttp://secunia.com/advisories/39198/\n\nSA39201:\nhttp://secunia.com/advisories/39201/\n\nSA39203:\nhttp://secunia.com/advisories/39203/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "BID",
        "id": "39394"
      },
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "PACKETSTORM",
        "id": "88509"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-1142",
        "trust": 4.0
      },
      {
        "db": "SECUNIA",
        "id": "39198",
        "trust": 3.2
      },
      {
        "db": "SECUNIA",
        "id": "39206",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "39394",
        "trust": 2.2
      },
      {
        "db": "SECTRACK",
        "id": "1023832",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1023833",
        "trust": 1.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161",
        "trust": 1.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0852",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788\u203b14789",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "14788",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "MLIST",
        "id": "[SECURITY-ANNOUNCE] 20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20100409 VMSA-2010-0007 VMWARE HOSTED PRODUCTS, VCENTER SERVER AND ESX PATCHES RESOLVE MULTIPLE SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "7D7CB6C0-463F-11E9-AC95-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "46E2C62C-2356-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88509",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88215",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "117012",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88233",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "BID",
        "id": "39394"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "PACKETSTORM",
        "id": "88509"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "id": "VAR-201004-0988",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      }
    ],
    "trust": 0.1
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      }
    ]
  },
  "last_update_date": "2025-04-11T20:01:08.315000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2010-0007",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2010-0007.html"
      },
      {
        "title": "VMSA-2010-0007: Multiple Security Patches for vCenter Server and ESX",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/156"
      },
      {
        "title": "VMware Security Advisories: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9a156b22cf9a31c993f6585b6881d5a5"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://secunia.com/advisories/39198"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/39206"
      },
      {
        "trust": 2.0,
        "url": "http://www.securityfocus.com/bid/39394"
      },
      {
        "trust": 1.9,
        "url": "http://lists.vmware.com/pipermail/security-announce/2010/000090.html"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023832"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1023833"
      },
      {
        "trust": 1.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0007.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html"
      },
      {
        "trust": 1.5,
        "url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-2-pub.txt"
      },
      {
        "trust": 1.2,
        "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1142"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1142"
      },
      {
        "trust": 0.8,
        "url": "http://www.vupen.com/english/advisories/2010/0852"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/14788\u203b14789"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/39198/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/264.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com/aspr/aspr-2010-04-12-1-pub.txt"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1015047"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/wkst/vmware-moviedecoder-6.5.4-246459.exe"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/esx/esx-2.5.5-191611-upgrade.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016665"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/esx25/doc/esx-255-200910-patch.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732240/esx400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018404"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx303-201002203-ug.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/lifecycle/vi/faq.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-302"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-254-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion3/doc/releasenotes_fusion_302.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/tryvmware/?p=player\u0026lp=default"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1016657"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-lx"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-193-20100228-731251/esxi400-201002001.zip"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player30/doc/releasenotes_player301.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=fus-207"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1017685"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/player/player_reg.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/fusion2/doc/releasenotes_fusion_207.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws65/doc/releasenotes_ws654.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace26/doc/releasenotes_ace261.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/server2/doc/releasenotes_vmserver202.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018030"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws7/doc/releasenotes_ws701.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player25/doc/releasenotes_player254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=ace-261-win"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1565"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/server/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-win"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com)"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esx350-200912401-bg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://tinyurl.com/27mpjo"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com)"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-701-win"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1014842"
      },
      {
        "trust": 0.1,
        "url": "https://hostupdate.vmware.com/software/vum/offline/release-166-20091202-254879/esx-4.0.0-update01a.zip"
      },
      {
        "trust": 0.1,
        "url": "http://www.acrossecurity.com/advisories.htm"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://download3.vmware.com/software/vi/esxe350-201002401-o-sg.zip"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace25/doc/releasenotes_ace254.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/download/download.do?downloadgroup=wkst-654-lx"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1564"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1018403"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36988/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36712/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-36/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39206/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/2009-37/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39201/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/39203/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/35346/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "BID",
        "id": "39394"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "PACKETSTORM",
        "id": "88509"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "db": "BID",
        "id": "39394"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "db": "PACKETSTORM",
        "id": "88509"
      },
      {
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "date": "2010-04-09T00:00:00",
        "db": "BID",
        "id": "39394"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "date": "2010-04-16T05:45:30",
        "db": "PACKETSTORM",
        "id": "88509"
      },
      {
        "date": "2010-04-10T03:16:16",
        "db": "PACKETSTORM",
        "id": "88215"
      },
      {
        "date": "2012-09-30T16:40:15",
        "db": "PACKETSTORM",
        "id": "117012"
      },
      {
        "date": "2010-04-12T12:34:14",
        "db": "PACKETSTORM",
        "id": "88233"
      },
      {
        "date": "2010-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "date": "2010-04-12T18:30:00.710000",
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      },
      {
        "date": "2013-05-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-1142"
      },
      {
        "date": "2012-10-01T19:10:00",
        "db": "BID",
        "id": "39394"
      },
      {
        "date": "2010-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001365"
      },
      {
        "date": "2010-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-1142"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMWare Tools Package Local Privilege Escalation Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "7d7cb6c0-463f-11e9-ac95-000c29342cb1"
      },
      {
        "db": "IVD",
        "id": "46e2c62c-2356-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2010-0575"
      }
    ],
    "trust": 1.0
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201004-161"
      }
    ],
    "trust": 0.6
  }
}

VAR-200910-0009

Vulnerability from variot - Updated: 2025-04-10 23:16

The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors. VMware Fusion is prone to a privilege-escalation vulnerability caused by an unspecified file-permission problem. An attacker can exploit this issue to run arbitrary code with superuser privileges. Successful attacks will completely compromise affected computers. This issue affects versions prior to Fusion 2.0.6 build 196839. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: VMware Fusion Denial of Service and Privilege Escalation

SECUNIA ADVISORY ID: SA36928

VERIFY ADVISORY: http://secunia.com/advisories/36928/

DESCRIPTION: Two vulnerabilities have been reported in VMware Fusion, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

The vulnerabilities are reported in version 2.0.5 and prior.

SOLUTION: Update to version 2.0.6 build 196839.

ORIGINAL ADVISORY: VMSA-2009-0013: http://lists.vmware.com/pipermail/security-announce/2009/000066.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2009-0013 Synopsis: VMware Fusion resolves two security issues Issue date: 2009-10-01 Updated on: 2009-10-01 (initial release of advisory) CVE numbers: CVE-2009-3281 CVE-2009-3282

  1. Relevant releases

VMware Fusion 2.0.5 and earlier.

  1. Problem Description

VMware Fusion is a product that allows you to seamlessly run your favorite Windows applications on any Intel-based Mac.

a. 

VMware would like to thank Neil Kettle of Convergent Network
Solutions for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3281 to this issue.

b. Kernel denial of service vulnerability

An integer overflow vulnerability in the vmx86 kernel extension
allows for a denial of service of the host by an unprivileged user
on the host system.

VMware would like to thank Neil Kettle of Convergent Network
Solutions for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3282 to this issue.

To remediate the above issues update your product using the table
below.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    6.5.x     Windows  not affected
Workstation    6.5.x     Linux    not affected

Player         2.5.x     Windows  not affected
Player         2.5.x     Linux    not affected

ACE            2.5.x     any      not affected

Server         any       any      not affected

Fusion         any       Mac OS/X Fusion 2.0.6 build 196839

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected
  1. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Fusion 2.0.6 (for Intel-based Macs): Download including VMware Fusion and a 12 month complimentary subscription to McAfee VirusScan Plus 2009

md5sum: d35490aa8caa92e21339c95c77314b2f sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26

VMware Fusion 2.0.6 (for Intel-based Macs): Download including only VMware Fusion software

md5sum: 2e8d39defdffed224c4bab4218cc6659 sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef

  1. References

CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3282

  1. Change log

2009-10-01 VMSA-2009-0013 Initial security advisory after release of Fusion 2.0.6 on 2009-10-01

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2009 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFKxYtnS2KysvBH1xkRAgZjAJ9xF6r9OKjHc4iayvPz0VEiLf2T6QCfdglG 7vvN45BLtMo4BuHfCGRGHo4= =y8E6 -----END PGP SIGNATURE-----

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200910-0009",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "1.0"
      },
      {
        "model": "fusion",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "model": "fusion",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Neil Kettle",
    "sources": [
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2009-3281",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2009-3281",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-40727",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2009-3281",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2009-3281",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200910-242",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-40727",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors. VMware Fusion is prone to a privilege-escalation vulnerability caused by an unspecified file-permission problem. \nAn attacker can exploit this issue to run arbitrary code with superuser privileges.  Successful attacks will completely compromise affected computers. \nThis issue affects versions prior to Fusion 2.0.6 build 196839. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Fusion Denial of Service and Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA36928\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36928/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in VMware Fusion, which can be\nexploited by malicious, local users to cause a DoS (Denial of Service)\nor gain escalated privileges. \n\nThe vulnerabilities are reported in version 2.0.5 and prior. \n\nSOLUTION:\nUpdate to version 2.0.6 build 196839. \n\nORIGINAL ADVISORY:\nVMSA-2009-0013:\nhttp://lists.vmware.com/pipermail/security-announce/2009/000066.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2009-0013\nSynopsis:          VMware Fusion resolves two security issues\nIssue date:        2009-10-01\nUpdated on:        2009-10-01 (initial release of advisory)\nCVE numbers:       CVE-2009-3281 CVE-2009-3282\n- ------------------------------------------------------------------------\n\n1. Relevant releases\n\n   VMware Fusion 2.0.5 and earlier. \n\n3. Problem Description\n\n   VMware Fusion is a product that allows you to seamlessly run your\n   favorite Windows applications on any Intel-based Mac. \n\n a. \n\n    VMware would like to thank Neil Kettle of Convergent Network\n    Solutions for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3281 to this issue. \n\n b. Kernel denial of service vulnerability\n\n    An integer overflow vulnerability in the vmx86 kernel extension\n    allows for a denial of service of the host by an unprivileged user\n    on the host system. \n\n    VMware would like to thank Neil Kettle of Convergent Network\n    Solutions for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3282 to this issue. \n\n    To remediate the above issues update your product using the table\n    below. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    6.5.x     Windows  not affected\n    Workstation    6.5.x     Linux    not affected\n\n    Player         2.5.x     Windows  not affected\n    Player         2.5.x     Linux    not affected\n\n    ACE            2.5.x     any      not affected\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X Fusion 2.0.6 build 196839\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Fusion 2.0.6 (for Intel-based Macs): Download including\n   VMware Fusion and a 12 month complimentary subscription to McAfee\n   VirusScan Plus 2009\n\n   md5sum: d35490aa8caa92e21339c95c77314b2f\n   sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26\n\n   VMware Fusion 2.0.6 (for Intel-based Macs): Download including only\n   VMware Fusion software\n\n   md5sum: 2e8d39defdffed224c4bab4218cc6659\n   sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3281\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3282\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-10-01  VMSA-2009-0013\nInitial security advisory after release of Fusion 2.0.6 on 2009-10-01\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFKxYtnS2KysvBH1xkRAgZjAJ9xF6r9OKjHc4iayvPz0VEiLf2T6QCfdglG\n7vvN45BLtMo4BuHfCGRGHo4=\n=y8E6\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-40727",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-3281",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "36928",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1022981",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-2811",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242",
        "trust": 0.7
      },
      {
        "db": "MLIST",
        "id": "[SECURITY-ANNOUNCE] 20091001 VMSA-2009-0013 VMWARE FUSION RESOLVES TWO SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "36578",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "81777",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-67053",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81775",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "10076",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-40727",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81792",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "id": "VAR-200910-0009",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-10T23:16:24.798000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2009-0013",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2009-0013.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1022981"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/36928"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2009/2811"
      },
      {
        "trust": 2.1,
        "url": "http://lists.vmware.com/pipermail/security-announce/2009/000066.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.vmware.com/security/advisories/vmsa-2009-0013.html"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3281"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3281"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/506893"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/506891"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36928/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3282"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3282"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3281"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "date": "2009-10-01T00:00:00",
        "db": "BID",
        "id": "36578"
      },
      {
        "date": "2010-03-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "date": "2009-10-05T14:37:34",
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "date": "2009-10-02T17:18:03",
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "date": "2009-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "date": "2009-10-16T16:30:00.670000",
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-40727"
      },
      {
        "date": "2009-10-02T19:40:00",
        "db": "BID",
        "id": "36578"
      },
      {
        "date": "2010-03-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      },
      {
        "date": "2009-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2009-3281"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "36578"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMware Fusion of  vmx86 Elevation of privilege vulnerability in Kernel Extensions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002522"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-242"
      }
    ],
    "trust": 0.6
  }
}

VAR-200910-0010

Vulnerability from variot - Updated: 2025-04-10 23:16

Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors. VMware Fusion is prone to a denial-of-service vulnerability caused by an unspecified integer-overflow issue. An attacker can exploit this issue to crash the affected system, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. This issue affects versions prior to Fusion 2.0.6 build 196839. Users of the main operating system can use unknown parameters to cause a denial of service attack on the main operating system. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

For more information visit: http://secunia.com/advisories/business_solutions/

Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com

TITLE: VMware Fusion Denial of Service and Privilege Escalation

SECUNIA ADVISORY ID: SA36928

VERIFY ADVISORY: http://secunia.com/advisories/36928/

DESCRIPTION: Two vulnerabilities have been reported in VMware Fusion, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

The vulnerabilities are reported in version 2.0.5 and prior.

SOLUTION: Update to version 2.0.6 build 196839.

ORIGINAL ADVISORY: VMSA-2009-0013: http://lists.vmware.com/pipermail/security-announce/2009/000066.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

               VMware Security Advisory

Advisory ID: VMSA-2009-0013 Synopsis: VMware Fusion resolves two security issues Issue date: 2009-10-01 Updated on: 2009-10-01 (initial release of advisory) CVE numbers: CVE-2009-3281 CVE-2009-3282

  1. Relevant releases

VMware Fusion 2.0.5 and earlier.

  1. Problem Description

VMware Fusion is a product that allows you to seamlessly run your favorite Windows applications on any Intel-based Mac.

a. Kernel code execution vulnerability

An file permission problem in the vmx86 kernel extension allows for
executing arbitrary code in the host system kernel context by an
unprivileged user on the host system.

VMware would like to thank Neil Kettle of Convergent Network
Solutions for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3281 to this issue.

b. 

VMware would like to thank Neil Kettle of Convergent Network
Solutions for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-3282 to this issue.

To remediate the above issues update your product using the table
below.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    6.5.x     Windows  not affected
Workstation    6.5.x     Linux    not affected

Player         2.5.x     Windows  not affected
Player         2.5.x     Linux    not affected

ACE            2.5.x     any      not affected

Server         any       any      not affected

Fusion         any       Mac OS/X Fusion 2.0.6 build 196839

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected
  1. Solution

Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Fusion 2.0.6 (for Intel-based Macs): Download including VMware Fusion and a 12 month complimentary subscription to McAfee VirusScan Plus 2009

md5sum: d35490aa8caa92e21339c95c77314b2f sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26

VMware Fusion 2.0.6 (for Intel-based Macs): Download including only VMware Fusion software

md5sum: 2e8d39defdffed224c4bab4218cc6659 sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef

  1. References

CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3282

  1. Change log

2009-10-01 VMSA-2009-0013 Initial security advisory after release of Fusion 2.0.6 on 2009-10-01

  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2009 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32)

iD8DBQFKxYtnS2KysvBH1xkRAgZjAJ9xF6r9OKjHc4iayvPz0VEiLf2T6QCfdglG 7vvN45BLtMo4BuHfCGRGHo4= =y8E6 -----END PGP SIGNATURE-----

Show details on source website
To clipboard 

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200910-0010",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.4"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "vmware",
        "version": "2.0.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.3"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "vmware",
        "version": "1.1.2"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "1.0"
      },
      {
        "model": "fusion",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "vmware",
        "version": "2.0.5"
      },
      {
        "model": "fusion",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "model": "fusion build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2147997"
      },
      {
        "model": "fusion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2"
      },
      {
        "model": "fusion",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.6"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:vmware:fusion",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Neil Kettle",
    "sources": [
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2009-3282",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2009-3282",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-40728",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2009-3282",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2009-3282",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200910-243",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-40728",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in the vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors. VMware Fusion is prone to a denial-of-service vulnerability caused by an unspecified integer-overflow issue. \nAn attacker can exploit this issue to crash the affected system, resulting in denial-of-service conditions. \nGiven the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed. \nThis issue affects versions prior to  Fusion 2.0.6 build 196839. Users of the main operating system can use unknown parameters to cause a denial of service attack on the main operating system. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nVMware Fusion Denial of Service and Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA36928\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36928/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in VMware Fusion, which can be\nexploited by malicious, local users to cause a DoS (Denial of Service)\nor gain escalated privileges. \n\nThe vulnerabilities are reported in version 2.0.5 and prior. \n\nSOLUTION:\nUpdate to version 2.0.6 build 196839. \n\nORIGINAL ADVISORY:\nVMSA-2009-0013:\nhttp://lists.vmware.com/pipermail/security-announce/2009/000066.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2009-0013\nSynopsis:          VMware Fusion resolves two security issues\nIssue date:        2009-10-01\nUpdated on:        2009-10-01 (initial release of advisory)\nCVE numbers:       CVE-2009-3281 CVE-2009-3282\n- ------------------------------------------------------------------------\n\n1. Relevant releases\n\n   VMware Fusion 2.0.5 and earlier. \n\n3. Problem Description\n\n   VMware Fusion is a product that allows you to seamlessly run your\n   favorite Windows applications on any Intel-based Mac. \n\n a. Kernel code execution vulnerability\n\n    An file permission problem in the vmx86 kernel extension allows for\n    executing arbitrary code in the host system kernel context by an\n    unprivileged user on the host system. \n\n    VMware would like to thank Neil Kettle of Convergent Network\n    Solutions for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3281 to this issue. \n\n b. \n\n    VMware would like to thank Neil Kettle of Convergent Network\n    Solutions for reporting this issue to us. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2009-3282 to this issue. \n\n    To remediate the above issues update your product using the table\n    below. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    6.5.x     Windows  not affected\n    Workstation    6.5.x     Linux    not affected\n\n    Player         2.5.x     Windows  not affected\n    Player         2.5.x     Linux    not affected\n\n    ACE            2.5.x     any      not affected\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X Fusion 2.0.6 build 196839\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Fusion 2.0.6 (for Intel-based Macs): Download including\n   VMware Fusion and a 12 month complimentary subscription to McAfee\n   VirusScan Plus 2009\n\n   md5sum: d35490aa8caa92e21339c95c77314b2f\n   sha1sum: 9c41985d754ac718032a47af8a3f98ea28fddb26\n\n   VMware Fusion 2.0.6 (for Intel-based Macs): Download including only\n   VMware Fusion software\n\n   md5sum: 2e8d39defdffed224c4bab4218cc6659\n   sha1sum: 453d54a2f37b257a0aad17c95843305250c7b6ef\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3281\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3282\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2009-10-01  VMSA-2009-0013\nInitial security advisory after release of Fusion 2.0.6 on 2009-10-01\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2009 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (MingW32)\n\niD8DBQFKxYtnS2KysvBH1xkRAgZjAJ9xF6r9OKjHc4iayvPz0VEiLf2T6QCfdglG\n7vvN45BLtMo4BuHfCGRGHo4=\n=y8E6\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-40728",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-3282",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "36928",
        "trust": 2.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-2811",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1022981",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243",
        "trust": 0.7
      },
      {
        "db": "MLIST",
        "id": "[SECURITY-ANNOUNCE] 20091001 VMSA-2009-0013 VMWARE FUSION RESOLVES TWO SECURITY ISSUES",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "36579",
        "trust": 0.4
      },
      {
        "db": "PACKETSTORM",
        "id": "81776",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-40728",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81792",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "81777",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "id": "VAR-200910-0010",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-10T23:16:24.751000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "VMSA-2009-0013",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/VMSA-2009-0013.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1022981"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/36928"
      },
      {
        "trust": 2.5,
        "url": "http://www.vupen.com/english/advisories/2009/2811"
      },
      {
        "trust": 2.1,
        "url": "http://lists.vmware.com/pipermail/security-announce/2009/000066.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.vmware.com/security/advisories/vmsa-2009-0013.html"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3282"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3282"
      },
      {
        "trust": 0.3,
        "url": "http://www.vmware.com"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/506893"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/506891"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/36928/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3282"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3281"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3281"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "db": "BID",
        "id": "36579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "date": "2009-10-01T00:00:00",
        "db": "BID",
        "id": "36579"
      },
      {
        "date": "2010-03-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "date": "2009-10-05T14:37:34",
        "db": "PACKETSTORM",
        "id": "81792"
      },
      {
        "date": "2009-10-02T17:18:03",
        "db": "PACKETSTORM",
        "id": "81777"
      },
      {
        "date": "2009-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "date": "2009-10-16T16:30:00.717000",
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-10-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-40728"
      },
      {
        "date": "2009-10-02T20:00:00",
        "db": "BID",
        "id": "36579"
      },
      {
        "date": "2010-03-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      },
      {
        "date": "2009-10-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      },
      {
        "date": "2025-04-09T00:30:58.490000",
        "db": "NVD",
        "id": "CVE-2009-3282"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "VMware Fusion of  vmx86 Kernel extension integer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-002523"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200910-243"
      }
    ],
    "trust": 0.6
  }
}

CVE-2026-22715 (GCVE-0-2026-22715)

Vulnerability from nvd – Published: 2026-02-26 18:29 – Updated: 2026-02-27 17:55
VLAI?
Title
VMware Workstation/Fusion NAT vulnerability
Summary
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.  Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's.  Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1
Severity ?
5.9 (Medium)
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
CWE
  • CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Assigner
References
Impacted products
Vendor Product Version
VMware Workstation Affected: 17.0 , < 25H2U1 (custom)
Unaffected: 25H2U1 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.0 , < 25H2U1 (custom)
Unaffected: 25H2U1 (custom)
Create a notification for this product.
Credits
Broadcom would like to thank Ao Wang, Yuxiang Yang, Ke Xu, Xuewei Feng, Qi Li, and Xueying Li for reporting this issue to us.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22715",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-27T17:55:05.951870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-923",
                "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T17:55:10.640Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": "VMware Workstation",
          "platforms": [
            "Linux",
            "Windows"
          ],
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "25H2U1",
              "status": "affected",
              "version": "17.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "25H2U1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "ProductB",
          "platforms": [
            "MacOS"
          ],
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "25H2U1",
              "status": "affected",
              "version": "13.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "25H2U1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Broadcom would like to thank Ao Wang, Yuxiang Yang, Ke Xu, Xuewei Feng, Qi Li, and Xueying Li for reporting this issue to us."
        }
      ],
      "datePublic": "2026-02-26T07:33:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVMWare Workstation and Fusion contain a logic flaw in the management of network packets.\u0026nbsp;\u003c/p\u003e\u003cp\u003eKnown attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM\u0027s.\u0026nbsp;\u003c/p\u003e\u003cp\u003eResolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1\u003c/p\u003e"
            }
          ],
          "value": "VMWare Workstation and Fusion contain a logic flaw in the management of network packets.\u00a0\n\nKnown attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM\u0027s.\u00a0\n\nResolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-26T18:36:41.929Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eTo remediate CVE-2026-22715 please upgrade to VMwate Workstation or Fusion Version 25H2U1\u003c/p\u003e"
            }
          ],
          "value": "To remediate CVE-2026-22715 please upgrade to VMwate Workstation or Fusion Version 25H2U1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMware Workstation/Fusion NAT vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2026-22715",
    "datePublished": "2026-02-26T18:29:14.190Z",
    "dateReserved": "2026-01-09T06:54:36.840Z",
    "dateUpdated": "2026-02-27T17:55:10.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41239 (GCVE-0-2025-41239)

Vulnerability from nvd – Published: 2025-07-15 18:35 – Updated: 2025-07-15 18:51
VLAI?
Title
vSockets information-disclosure vulnerability
Summary
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
Severity ?
7.1 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CWE
  • CWE-908 - Use of Uninitialized Resource
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
    VMware Cloud Foundation Affected: 5.x, 4.5.x
Create a notification for this product.
    VMware Workstation Affected: 17.x , < 17.6.4 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.x , < 13.6.4 (custom)
Create a notification for this product.
    VMware Telco Cloud Platform Affected: 5.x, 4.x, 3.x, 2.x
Create a notification for this product.
    VMware Telco Cloud Infrastructure Affected: 3.x, 2.x
Create a notification for this product.
    VMware Tools Affected: 13.x.x , < 13.0.1.0 (custom)
Affected: 12.x.x, 11.x.x, , < 12.5.3 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-15T18:51:16.482481Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T18:51:58.342Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Tools",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.0.1.0",
              "status": "affected",
              "version": "13.x.x",
              "versionType": "custom"
            },
            {
              "lessThan": "12.5.3",
              "status": "affected",
              "version": "12.x.x, 11.x.x,",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:35:03.747Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "vSockets information-disclosure vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41239",
    "datePublished": "2025-07-15T18:35:03.747Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2025-07-15T18:51:58.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-41238 (GCVE-0-2025-41238)

Vulnerability from nvd – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
PVSCSI heap-overflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41238",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:56:02.745794Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:39.320Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:48.818Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "PVSCSI heap-overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41238",
    "datePublished": "2025-07-15T18:34:48.818Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:39.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41237 (GCVE-0-2025-41237)

Vulnerability from nvd – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
VMCI integer-underflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware Cloud Foundation Affected: 9.0.0.0, 5.x, 4.5.x
Create a notification for this product.
    VMware vSphere Foundation Affected: 9.0.0.0
Create a notification for this product.
    VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
    VMware Workstation Affected: 17.x , < 17.6.4 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.x , < 13.6.4 (custom)
Create a notification for this product.
    VMware Telco Cloud Platform Affected: 5.x, 4.x, 3.x, 2.x
Create a notification for this product.
    VMware Telco Cloud Infrastructure Affected: 3.x, 2.x
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41237",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:56:00.503549Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:39.727Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0.0, 5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "vSphere Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi,\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Workstation, and Fusion\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi,\u00a0Workstation, and Fusion\u00a0contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:21.083Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMCI integer-underflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41237",
    "datePublished": "2025-07-15T18:34:21.083Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:39.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41236 (GCVE-0-2025-41236)

Vulnerability from nvd – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
VMXNET3 integer-overflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:55:59.335825Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:40.035Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThanOrEqual": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u00a0A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:12.719Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMXNET3 integer-overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41236",
    "datePublished": "2025-07-15T18:34:12.719Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:40.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41227 (GCVE-0-2025-41227)

Vulnerability from nvd – Published: 2025-05-20 14:24 – Updated: 2025-06-24 07:13
VLAI?
Title
Denial-of-Service Vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3se-24659227 (custom)
Affected: 7.0 , < ESXi70U3sv-24723868 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41227",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-20T15:59:41.340433Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-20T16:00:12.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3se-24659227",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3sv-24723868",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.3",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-05-20T11:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "VMware ESXi,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWorkstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi,\u00a0Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u00a0A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-24T07:13:30.222Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial-of-Service Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41227",
    "datePublished": "2025-05-20T14:24:29.316Z",
    "dateReserved": "2025-04-16T09:29:46.972Z",
    "dateUpdated": "2025-06-24T07:13:30.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-22226 (GCVE-0-2025-22226)

Vulnerability from nvd – Published: 2025-03-04 11:56 – Updated: 2026-02-26 19:09
VLAI?
Summary
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
Severity ?
7.1 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CWE
  • Information disclosure vulnerability
Assigner
References
Impacted products
Vendor Product Version
n/a ESXi Affected: 8.0 , < ESXi80U3d-24585383 (custom)
Affected: 8.0 , < ESXi80U2d-24585300 (custom)
Affected: 7.0 , < ESXi70U3s-24585291 (custom)
    n/a VMware Workstation Affected: 17.x , < 17.6.3 (custom)
    n/a VMware Fusion Affected: 13.x , < 13.6.3 (custom)
    n/a VMware Cloud Foundation Affected: 5.x, 4.5.x
    n/a VMware Telco Cloud Platform Affected: 5.x, 4.x, 3.x, 2.x
    n/a VMware Telco Cloud Infrastructure Affected: 3.x, 2.x
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22226",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T04:55:25.321408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-03-04",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22226"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T19:09:47.240Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22226"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-03-04T00:00:00.000Z",
            "value": "CVE-2025-22226 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "ESXi80U3d-24585383",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2d-24585300",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3s-24585291",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "Linux"
          ],
          "product": "VMware Workstation",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MacOS"
          ],
          "product": "VMware Fusion",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "13.6.3",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VMware Cloud Foundation",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VMware Telco Cloud Platform",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VMware Telco Cloud Infrastructure",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-03-04T11:50:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;an information disclosure \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerability \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edue to an out-of-bounds read in HGFS.\u0026nbsp;\u003c/span\u003eA malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, and Fusion contain\u00a0an information disclosure vulnerability due to an out-of-bounds read in HGFS.\u00a0A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information disclosure vulnerability",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-04T11:56:57.541Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-22226",
    "datePublished": "2025-03-04T11:56:57.541Z",
    "dateReserved": "2025-01-02T04:29:59.190Z",
    "dateUpdated": "2026-02-26T19:09:47.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22715 (GCVE-0-2026-22715)

Vulnerability from cvelistv5 – Published: 2026-02-26 18:29 – Updated: 2026-02-27 17:55
VLAI?
Title
VMware Workstation/Fusion NAT vulnerability
Summary
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.  Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's.  Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1
Severity ?
5.9 (Medium)
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
CWE
  • CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
Assigner
References
Impacted products
Vendor Product Version
VMware Workstation Affected: 17.0 , < 25H2U1 (custom)
Unaffected: 25H2U1 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.0 , < 25H2U1 (custom)
Unaffected: 25H2U1 (custom)
Create a notification for this product.
Credits
Broadcom would like to thank Ao Wang, Yuxiang Yang, Ke Xu, Xuewei Feng, Qi Li, and Xueying Li for reporting this issue to us.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22715",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-27T17:55:05.951870Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-923",
                "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T17:55:10.640Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": "VMware Workstation",
          "platforms": [
            "Linux",
            "Windows"
          ],
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "25H2U1",
              "status": "affected",
              "version": "17.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "25H2U1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "packageName": "ProductB",
          "platforms": [
            "MacOS"
          ],
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "25H2U1",
              "status": "affected",
              "version": "13.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "25H2U1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Broadcom would like to thank Ao Wang, Yuxiang Yang, Ke Xu, Xuewei Feng, Qi Li, and Xueying Li for reporting this issue to us."
        }
      ],
      "datePublic": "2026-02-26T07:33:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVMWare Workstation and Fusion contain a logic flaw in the management of network packets.\u0026nbsp;\u003c/p\u003e\u003cp\u003eKnown attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM\u0027s.\u0026nbsp;\u003c/p\u003e\u003cp\u003eResolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1\u003c/p\u003e"
            }
          ],
          "value": "VMWare Workstation and Fusion contain a logic flaw in the management of network packets.\u00a0\n\nKnown attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM\u0027s.\u00a0\n\nResolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-26T18:36:41.929Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eTo remediate CVE-2026-22715 please upgrade to VMwate Workstation or Fusion Version 25H2U1\u003c/p\u003e"
            }
          ],
          "value": "To remediate CVE-2026-22715 please upgrade to VMwate Workstation or Fusion Version 25H2U1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMware Workstation/Fusion NAT vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2026-22715",
    "datePublished": "2026-02-26T18:29:14.190Z",
    "dateReserved": "2026-01-09T06:54:36.840Z",
    "dateUpdated": "2026-02-27T17:55:10.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41239 (GCVE-0-2025-41239)

Vulnerability from cvelistv5 – Published: 2025-07-15 18:35 – Updated: 2025-07-15 18:51
VLAI?
Title
vSockets information-disclosure vulnerability
Summary
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
Severity ?
7.1 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CWE
  • CWE-908 - Use of Uninitialized Resource
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
    VMware Cloud Foundation Affected: 5.x, 4.5.x
Create a notification for this product.
    VMware Workstation Affected: 17.x , < 17.6.4 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.x , < 13.6.4 (custom)
Create a notification for this product.
    VMware Telco Cloud Platform Affected: 5.x, 4.x, 3.x, 2.x
Create a notification for this product.
    VMware Telco Cloud Infrastructure Affected: 3.x, 2.x
Create a notification for this product.
    VMware Tools Affected: 13.x.x , < 13.0.1.0 (custom)
Affected: 12.x.x, 11.x.x, , < 12.5.3 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-15T18:51:16.482481Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T18:51:58.342Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Tools",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.0.1.0",
              "status": "affected",
              "version": "13.x.x",
              "versionType": "custom"
            },
            {
              "lessThan": "12.5.3",
              "status": "affected",
              "version": "12.x.x, 11.x.x,",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:35:03.747Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "vSockets information-disclosure vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41239",
    "datePublished": "2025-07-15T18:35:03.747Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2025-07-15T18:51:58.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-41238 (GCVE-0-2025-41238)

Vulnerability from cvelistv5 – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
PVSCSI heap-overflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41238",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:56:02.745794Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:39.320Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:48.818Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "PVSCSI heap-overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41238",
    "datePublished": "2025-07-15T18:34:48.818Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:39.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41237 (GCVE-0-2025-41237)

Vulnerability from cvelistv5 – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
VMCI integer-underflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware Cloud Foundation Affected: 9.0.0.0, 5.x, 4.5.x
Create a notification for this product.
    VMware vSphere Foundation Affected: 9.0.0.0
Create a notification for this product.
    VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
    VMware Workstation Affected: 17.x , < 17.6.4 (custom)
Create a notification for this product.
    VMware Fusion Affected: 13.x , < 13.6.4 (custom)
Create a notification for this product.
    VMware Telco Cloud Platform Affected: 5.x, 4.x, 3.x, 2.x
Create a notification for this product.
    VMware Telco Cloud Infrastructure Affected: 3.x, 2.x
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41237",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:56:00.503549Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:39.727Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0.0, 5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "vSphere Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi,\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Workstation, and Fusion\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi,\u00a0Workstation, and Fusion\u00a0contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:21.083Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMCI integer-underflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41237",
    "datePublished": "2025-07-15T18:34:21.083Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:39.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41236 (GCVE-0-2025-41236)

Vulnerability from cvelistv5 – Published: 2025-07-15 18:34 – Updated: 2026-02-26 17:50
VLAI?
Title
VMXNET3 integer-overflow vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.
Severity ?
9.3 (Critical)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3f-24784735 (custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom)
Affected: 7.0 , < ESXi70U3w-24784741 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:55:59.335825Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:40.035Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3f-24784735",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi80U2e-24789317",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3w-24784741",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.4",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThanOrEqual": "13.6.4",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        }
      ],
      "datePublic": "2025-07-15T03:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u00a0A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T18:34:12.719Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "VMXNET3 integer-overflow vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41236",
    "datePublished": "2025-07-15T18:34:12.719Z",
    "dateReserved": "2025-04-16T09:30:17.798Z",
    "dateUpdated": "2026-02-26T17:50:40.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-41227 (GCVE-0-2025-41227)

Vulnerability from cvelistv5 – Published: 2025-05-20 14:24 – Updated: 2025-06-24 07:13
VLAI?
Title
Denial-of-Service Vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
VMware ESXi Affected: 8.0 , < ESXi80U3se-24659227 (custom)
Affected: 7.0 , < ESXi70U3sv-24723868 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-41227",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-20T15:59:41.340433Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-20T16:00:12.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ESXi",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "ESXi80U3se-24659227",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "ESXi70U3sv-24723868",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud Foundation",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.5.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Platform",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "5.x, 4.x, 3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Telco Cloud Infrastructure",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "3.x, 2.x"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Workstation",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "17.6.3",
              "status": "affected",
              "version": "17.x",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "13.6.3",
              "status": "affected",
              "version": "13.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-05-20T11:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "VMware ESXi,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWorkstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "VMware ESXi,\u00a0Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u00a0A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-24T07:13:30.222Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial-of-Service Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-41227",
    "datePublished": "2025-05-20T14:24:29.316Z",
    "dateReserved": "2025-04-16T09:29:46.972Z",
    "dateUpdated": "2025-06-24T07:13:30.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2026-AVI-0218

Vulnerability from certfr_avis - Published: 2026-02-26 - Updated: 2026-02-26

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
VMware Tanzu Kubernetes Runtime Platform Services pour Tanzu Platform versions antérieures à 10.3.5
VMware Tanzu Kubernetes Runtime Tanzu Hub versions antérieures à 10.3.5
VMware Tanzu Data Intelligence Tanzu pour Postgres versions 16.x antérieures à 16.12.0
VMware Tanzu Data Intelligence Tanzu pour Postgres versions antérieures à 4.3.2 sur Kubernetes
VMware Tanzu Data Intelligence Tanzu pour Postgres versions 18.x antérieures à 18.2.0
VMware Tanzu Kubernetes Runtime Stemcells (Ubuntu Noble) versions antérieures à 1.238.x
VMware Workstation Workstation versions antérieures à 25H2u1
VMware Fusion Fusion versions antérieures à 25H2u1 sur MacOS
VMware Tanzu Kubernetes Runtime Stemcells (Ubuntu Jammy) versions antérieures à 1.1065.x
VMware Tanzu Data Intelligence Tanzu pour Postgres versions 15.x antérieures à 15.16.0
VMware Tanzu Kubernetes Runtime Stemcells (Windows) versions antérieures à 2019.95.x
VMware Tanzu Data Intelligence Tanzu pour Postgres versions 17.x antérieures à 17.8.0
VMware Tanzu Data Intelligence Tanzu pour Postgres versions antérieures à 14.21.0
References
Bulletin de sécurité VMware 37096 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37092 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37102 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37078 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37109 2026-02-26 vendor-advisory
Bulletin de sécurité VMware 37087 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37090 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37077 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37098 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37079 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37101 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37104 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37080 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37097 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37083 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37086 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37082 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37100 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37099 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37081 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37089 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37076 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37088 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 36986 2026-02-26 vendor-advisory
Bulletin de sécurité VMware DSA-2025-27 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37084 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37110 2026-02-26 vendor-advisory
Bulletin de sécurité VMware 37093 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37085 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37095 2026-02-25 vendor-advisory
Bulletin de sécurité VMware 37094 2026-02-25 vendor-advisory

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Platform Services pour Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.5",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.12.0",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions ant\u00e9rieures \u00e0 4.3.2 sur Kubernetes",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.2.0",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells (Ubuntu Noble)  versions ant\u00e9rieures \u00e0 1.238.x",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Workstation versions ant\u00e9rieures \u00e0 25H2u1",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Fusion versions ant\u00e9rieures \u00e0 25H2u1 sur MacOS",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.1065.x",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.16.0",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Stemcells (Windows) versions ant\u00e9rieures \u00e0 2019.95.x",
      "product": {
        "name": "Tanzu Kubernetes Runtime",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.8.0",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres versions ant\u00e9rieures \u00e0 14.21.0",
      "product": {
        "name": "Tanzu Data Intelligence",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2019-25013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
    },
    {
      "name": "CVE-2017-9937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
    },
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2026-22722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22722"
    },
    {
      "name": "CVE-2023-52356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
    },
    {
      "name": "CVE-2013-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
    },
    {
      "name": "CVE-2025-8715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
    },
    {
      "name": "CVE-2017-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
    },
    {
      "name": "CVE-2021-22898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
    },
    {
      "name": "CVE-2025-38490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38490"
    },
    {
      "name": "CVE-2025-37850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
    },
    {
      "name": "CVE-2025-66865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66865"
    },
    {
      "name": "CVE-2022-35252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
    },
    {
      "name": "CVE-2005-0602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
    },
    {
      "name": "CVE-2025-61730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
    },
    {
      "name": "CVE-2025-38485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38485"
    },
    {
      "name": "CVE-2025-22026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22026"
    },
    {
      "name": "CVE-2025-39987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
    },
    {
      "name": "CVE-2025-62727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
    },
    {
      "name": "CVE-2015-4789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
    },
    {
      "name": "CVE-2025-38579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38579"
    },
    {
      "name": "CVE-2025-37761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37761"
    },
    {
      "name": "CVE-2025-21861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
    },
    {
      "name": "CVE-2025-37865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
    },
    {
      "name": "CVE-2025-38328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
    },
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2025-58183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
    },
    {
      "name": "CVE-2024-7006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2023-3316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
    },
    {
      "name": "CVE-2025-15282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
    },
    {
      "name": "CVE-2025-38711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38711"
    },
    {
      "name": "CVE-2025-38487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38487"
    },
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2025-58190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
    },
    {
      "name": "CVE-2025-37775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37775"
    },
    {
      "name": "CVE-2025-38335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38335"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2025-38304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38304"
    },
    {
      "name": "CVE-2025-37892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
    },
    {
      "name": "CVE-2025-38100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
    },
    {
      "name": "CVE-2025-37859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
    },
    {
      "name": "CVE-2025-9231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
    },
    {
      "name": "CVE-2025-1372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
    },
    {
      "name": "CVE-2025-8851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
    },
    {
      "name": "CVE-2025-38043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
    },
    {
      "name": "CVE-2025-68973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
    },
    {
      "name": "CVE-2025-38471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38471"
    },
    {
      "name": "CVE-2025-38520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38520"
    },
    {
      "name": "CVE-2025-37792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
    },
    {
      "name": "CVE-2022-3626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
    },
    {
      "name": "CVE-2024-28834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
    },
    {
      "name": "CVE-2021-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
    },
    {
      "name": "CVE-2001-1268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2025-38108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
    },
    {
      "name": "CVE-2025-38230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38230"
    },
    {
      "name": "CVE-2025-38229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
    },
    {
      "name": "CVE-2023-46218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
    },
    {
      "name": "CVE-2025-40055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40055"
    },
    {
      "name": "CVE-2025-38158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38158"
    },
    {
      "name": "CVE-2025-37872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37872"
    },
    {
      "name": "CVE-2025-9714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
    },
    {
      "name": "CVE-2025-38588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38588"
    },
    {
      "name": "CVE-2026-22801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
    },
    {
      "name": "CVE-2025-39876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
    },
    {
      "name": "CVE-2025-40029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
    },
    {
      "name": "CVE-2025-38279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38279"
    },
    {
      "name": "CVE-2025-38561",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38561"
    },
    {
      "name": "CVE-2014-8141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
    },
    {
      "name": "CVE-2025-38574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38574"
    },
    {
      "name": "CVE-2022-2255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2255"
    },
    {
      "name": "CVE-2025-10148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
    },
    {
      "name": "CVE-2025-25724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
    },
    {
      "name": "CVE-2025-27818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
    },
    {
      "name": "CVE-2025-14087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
    },
    {
      "name": "CVE-2025-40048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40048"
    },
    {
      "name": "CVE-2025-5222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
    },
    {
      "name": "CVE-2025-38147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
    },
    {
      "name": "CVE-2023-6780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
    },
    {
      "name": "CVE-2022-48468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
    },
    {
      "name": "CVE-2025-23155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23155"
    },
    {
      "name": "CVE-2025-38286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
    },
    {
      "name": "CVE-2025-40219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
    },
    {
      "name": "CVE-2025-39757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
    },
    {
      "name": "CVE-2025-38501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38501"
    },
    {
      "name": "CVE-2025-38474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38474"
    },
    {
      "name": "CVE-2025-7545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7545"
    },
    {
      "name": "CVE-2025-37979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
    },
    {
      "name": "CVE-2025-40043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
    },
    {
      "name": "CVE-2024-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
    },
    {
      "name": "CVE-2022-3599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
    },
    {
      "name": "CVE-2025-37777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37777"
    },
    {
      "name": "CVE-2021-39537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
    },
    {
      "name": "CVE-2025-39772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
    },
    {
      "name": "CVE-2025-37936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37936"
    },
    {
      "name": "CVE-2015-4787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
    },
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2025-38601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38601"
    },
    {
      "name": "CVE-2021-22925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
    },
    {
      "name": "CVE-2025-37766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
    },
    {
      "name": "CVE-2022-47008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47008"
    },
    {
      "name": "CVE-2023-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
    },
    {
      "name": "CVE-2025-38104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
    },
    {
      "name": "CVE-2025-37844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
    },
    {
      "name": "CVE-2016-0682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
    },
    {
      "name": "CVE-2025-21931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21931"
    },
    {
      "name": "CVE-2025-37871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
    },
    {
      "name": "CVE-2025-37778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37778"
    },
    {
      "name": "CVE-2025-39716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39716"
    },
    {
      "name": "CVE-2025-39702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
    },
    {
      "name": "CVE-2025-39973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
    },
    {
      "name": "CVE-2025-38515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-38645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38645"
    },
    {
      "name": "CVE-2025-8941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
    },
    {
      "name": "CVE-2023-52425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
    },
    {
      "name": "CVE-2025-38163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
    },
    {
      "name": "CVE-2025-22126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
    },
    {
      "name": "CVE-2025-38444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
    },
    {
      "name": "CVE-2025-38109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38109"
    },
    {
      "name": "CVE-2023-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
    },
    {
      "name": "CVE-2025-39779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39779"
    },
    {
      "name": "CVE-2025-66866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66866"
    },
    {
      "name": "CVE-2025-28164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-28164"
    },
    {
      "name": "CVE-2025-37755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37755"
    },
    {
      "name": "CVE-2025-39685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
    },
    {
      "name": "CVE-2025-38660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38660"
    },
    {
      "name": "CVE-2025-39761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
    },
    {
      "name": "CVE-2025-39943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39943"
    },
    {
      "name": "CVE-2025-39945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
    },
    {
      "name": "CVE-2025-11840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11840"
    },
    {
      "name": "CVE-2025-11731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
    },
    {
      "name": "CVE-2024-33602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
    },
    {
      "name": "CVE-2022-47629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47629"
    },
    {
      "name": "CVE-2025-39883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
    },
    {
      "name": "CVE-2025-39720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39720"
    },
    {
      "name": "CVE-2025-38624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38624"
    },
    {
      "name": "CVE-2025-38388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38388"
    },
    {
      "name": "CVE-2022-48554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
    },
    {
      "name": "CVE-2022-0563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
    },
    {
      "name": "CVE-2025-38157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
    },
    {
      "name": "CVE-2025-4056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
    },
    {
      "name": "CVE-2025-37790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
    },
    {
      "name": "CVE-2024-28757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
    },
    {
      "name": "CVE-2020-29562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
    },
    {
      "name": "CVE-2025-38417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38417"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-39746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39746"
    },
    {
      "name": "CVE-2015-4776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
    },
    {
      "name": "CVE-2025-38323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38323"
    },
    {
      "name": "CVE-2025-40019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
    },
    {
      "name": "CVE-2017-3616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
    },
    {
      "name": "CVE-2025-38208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38208"
    },
    {
      "name": "CVE-2025-27817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
    },
    {
      "name": "CVE-2023-30086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
    },
    {
      "name": "CVE-2025-40240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40240"
    },
    {
      "name": "CVE-2025-38219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
    },
    {
      "name": "CVE-2025-39889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39889"
    },
    {
      "name": "CVE-2015-4785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
    },
    {
      "name": "CVE-2025-38099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38099"
    },
    {
      "name": "CVE-2025-38524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38524"
    },
    {
      "name": "CVE-2025-38466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
    },
    {
      "name": "CVE-2025-37758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
    },
    {
      "name": "CVE-2022-32208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
    },
    {
      "name": "CVE-2025-40081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40081"
    },
    {
      "name": "CVE-2025-38087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38087"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2025-1181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1181"
    },
    {
      "name": "CVE-2022-41409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
    },
    {
      "name": "CVE-2023-25586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25586"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2024-58011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2025-38039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38039"
    },
    {
      "name": "CVE-2017-20052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-20052"
    },
    {
      "name": "CVE-2025-40026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
    },
    {
      "name": "CVE-2025-40153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40153"
    },
    {
      "name": "CVE-2025-0840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0840"
    },
    {
      "name": "CVE-2022-2057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2025-38595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38595"
    },
    {
      "name": "CVE-2024-47611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
    },
    {
      "name": "CVE-2025-38626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38626"
    },
    {
      "name": "CVE-2025-40121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40121"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2025-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
    },
    {
      "name": "CVE-2025-40204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40204"
    },
    {
      "name": "CVE-2025-37852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
    },
    {
      "name": "CVE-2025-37841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
    },
    {
      "name": "CVE-2025-40171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40171"
    },
    {
      "name": "CVE-2025-37918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37918"
    },
    {
      "name": "CVE-2025-37917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37917"
    },
    {
      "name": "CVE-2025-38290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38290"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2025-38063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38063"
    },
    {
      "name": "CVE-2021-3998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3998"
    },
    {
      "name": "CVE-2025-1179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1179"
    },
    {
      "name": "CVE-2025-37770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
    },
    {
      "name": "CVE-2025-37773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
    },
    {
      "name": "CVE-2023-26965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
    },
    {
      "name": "CVE-2023-2602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2017-10140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2025-38578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38578"
    },
    {
      "name": "CVE-2025-38675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38675"
    },
    {
      "name": "CVE-2025-39911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
    },
    {
      "name": "CVE-2025-69419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
    },
    {
      "name": "CVE-2025-6052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
    },
    {
      "name": "CVE-2025-38646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38646"
    },
    {
      "name": "CVE-2025-38491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38491"
    },
    {
      "name": "CVE-2025-38708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38708"
    },
    {
      "name": "CVE-2025-37961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37961"
    },
    {
      "name": "CVE-2025-40125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40125"
    },
    {
      "name": "CVE-2023-52426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
    },
    {
      "name": "CVE-2025-38313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
    },
    {
      "name": "CVE-2025-38336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
    },
    {
      "name": "CVE-2025-40349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40349"
    },
    {
      "name": "CVE-2025-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
    },
    {
      "name": "CVE-2025-38408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38408"
    },
    {
      "name": "CVE-2022-2058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
    },
    {
      "name": "CVE-2025-38644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
    },
    {
      "name": "CVE-2025-38692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38692"
    },
    {
      "name": "CVE-2025-38061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
    },
    {
      "name": "CVE-2024-45492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
    },
    {
      "name": "CVE-2025-37983",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
    },
    {
      "name": "CVE-2015-4764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
    },
    {
      "name": "CVE-2025-38127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38127"
    },
    {
      "name": "CVE-2026-22715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22715"
    },
    {
      "name": "CVE-2020-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
    },
    {
      "name": "CVE-2025-38375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
    },
    {
      "name": "CVE-2025-37784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37784"
    },
    {
      "name": "CVE-2025-39701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39701"
    },
    {
      "name": "CVE-2015-4779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
    },
    {
      "name": "CVE-2025-4330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
    },
    {
      "name": "CVE-2025-40187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40187"
    },
    {
      "name": "CVE-2025-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37920"
    },
    {
      "name": "CVE-2025-58185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
    },
    {
      "name": "CVE-2025-37815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
    },
    {
      "name": "CVE-2025-38686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38686"
    },
    {
      "name": "CVE-2025-37819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
    },
    {
      "name": "CVE-2025-49794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
    },
    {
      "name": "CVE-2024-57970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
    },
    {
      "name": "CVE-2025-39913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39913"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2025-40092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40092"
    },
    {
      "name": "CVE-2022-47007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47007"
    },
    {
      "name": "CVE-2025-4138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
    },
    {
      "name": "CVE-2025-61731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
    },
    {
      "name": "CVE-2022-3627",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
    },
    {
      "name": "CVE-2025-38609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38609"
    },
    {
      "name": "CVE-2025-39967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
    },
    {
      "name": "CVE-2023-36632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
    },
    {
      "name": "CVE-2025-38463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38463"
    },
    {
      "name": "CVE-2025-40115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40115"
    },
    {
      "name": "CVE-2023-25433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25433"
    },
    {
      "name": "CVE-2025-38112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
    },
    {
      "name": "CVE-2025-66863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66863"
    },
    {
      "name": "CVE-2015-4780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
    },
    {
      "name": "CVE-2025-38521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38521"
    },
    {
      "name": "CVE-2025-38023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
    },
    {
      "name": "CVE-2025-39709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
    },
    {
      "name": "CVE-2025-38282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38282"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2025-39689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39689"
    },
    {
      "name": "CVE-2025-38215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38215"
    },
    {
      "name": "CVE-2022-3598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
    },
    {
      "name": "CVE-2023-0798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
    },
    {
      "name": "CVE-2025-39787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39787"
    },
    {
      "name": "CVE-2025-37943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37943"
    },
    {
      "name": "CVE-2025-37745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37745"
    },
    {
      "name": "CVE-2025-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
    },
    {
      "name": "CVE-2025-13837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
    },
    {
      "name": "CVE-2025-39731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39731"
    },
    {
      "name": "CVE-2025-38734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38734"
    },
    {
      "name": "CVE-2025-38653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38653"
    },
    {
      "name": "CVE-2025-38571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38571"
    },
    {
      "name": "CVE-2025-37789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2022-38476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
    },
    {
      "name": "CVE-2021-45078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45078"
    },
    {
      "name": "CVE-2025-38695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
    },
    {
      "name": "CVE-2022-3515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
    },
    {
      "name": "CVE-2025-38004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
    },
    {
      "name": "CVE-2025-39749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39749"
    },
    {
      "name": "CVE-2025-39949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
    },
    {
      "name": "CVE-2015-7696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
    },
    {
      "name": "CVE-2022-4285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4285"
    },
    {
      "name": "CVE-2025-38387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
    },
    {
      "name": "CVE-2015-4754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
    },
    {
      "name": "CVE-2025-38362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
    },
    {
      "name": "CVE-2022-27776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
    },
    {
      "name": "CVE-2023-45322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
    },
    {
      "name": "CVE-2025-40173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40173"
    },
    {
      "name": "CVE-2025-37924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37924"
    },
    {
      "name": "CVE-2026-22716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22716"
    },
    {
      "name": "CVE-2024-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
    },
    {
      "name": "CVE-2025-38371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
    },
    {
      "name": "CVE-2023-2731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
    },
    {
      "name": "CVE-2025-58767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
    },
    {
      "name": "CVE-2024-56538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56538"
    },
    {
      "name": "CVE-2025-39923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
    },
    {
      "name": "CVE-2021-35939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
    },
    {
      "name": "CVE-2025-38445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
    },
    {
      "name": "CVE-2025-38456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38456"
    },
    {
      "name": "CVE-2025-38538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38538"
    },
    {
      "name": "CVE-2024-38819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
    },
    {
      "name": "CVE-2023-0803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
    },
    {
      "name": "CVE-2025-37867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
    },
    {
      "name": "CVE-2025-23160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
    },
    {
      "name": "CVE-2025-6176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
    },
    {
      "name": "CVE-2022-47695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47695"
    },
    {
      "name": "CVE-2025-38295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38295"
    },
    {
      "name": "CVE-2025-15367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
    },
    {
      "name": "CVE-2025-38461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
    },
    {
      "name": "CVE-2025-37857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
    },
    {
      "name": "CVE-2023-30774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-37842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37842"
    },
    {
      "name": "CVE-2025-39953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39953"
    },
    {
      "name": "CVE-2022-50458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50458"
    },
    {
      "name": "CVE-2025-15467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2025-38710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38710"
    },
    {
      "name": "CVE-2026-2006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
    },
    {
      "name": "CVE-2023-28322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
    },
    {
      "name": "CVE-2025-39681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39681"
    },
    {
      "name": "CVE-2025-1180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1180"
    },
    {
      "name": "CVE-2025-38060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38060"
    },
    {
      "name": "CVE-2025-40167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40167"
    },
    {
      "name": "CVE-2025-38159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
    },
    {
      "name": "CVE-2021-3421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
    },
    {
      "name": "CVE-2025-38066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
    },
    {
      "name": "CVE-2025-4373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
    },
    {
      "name": "CVE-2025-39770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39770"
    },
    {
      "name": "CVE-2015-4790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
    },
    {
      "name": "CVE-2026-0994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0994"
    },
    {
      "name": "CVE-2025-39969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
    },
    {
      "name": "CVE-2025-37744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2025-38705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38705"
    },
    {
      "name": "CVE-2025-40194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40194"
    },
    {
      "name": "CVE-2025-38706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
    },
    {
      "name": "CVE-2025-38305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
    },
    {
      "name": "CVE-2025-37884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
    },
    {
      "name": "CVE-2025-38067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
    },
    {
      "name": "CVE-2025-39750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39750"
    },
    {
      "name": "CVE-2025-38699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38699"
    },
    {
      "name": "CVE-2025-37927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
    },
    {
      "name": "CVE-2025-38707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38707"
    },
    {
      "name": "CVE-2025-38562",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38562"
    },
    {
      "name": "CVE-2025-37897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37897"
    },
    {
      "name": "CVE-2016-9840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9840"
    },
    {
      "name": "CVE-2025-37911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
    },
    {
      "name": "CVE-2025-40245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40245"
    },
    {
      "name": "CVE-2025-38587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38587"
    },
    {
      "name": "CVE-2023-6779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
    },
    {
      "name": "CVE-2025-37869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37869"
    },
    {
      "name": "CVE-2025-39692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39692"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2023-53107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53107"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2025-55198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
    },
    {
      "name": "CVE-2021-46195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46195"
    },
    {
      "name": "CVE-2015-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
    },
    {
      "name": "CVE-2023-29491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
    },
    {
      "name": "CVE-2025-38068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
    },
    {
      "name": "CVE-2025-38436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38436"
    },
    {
      "name": "CVE-2025-37930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
    },
    {
      "name": "CVE-2025-38401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
    },
    {
      "name": "CVE-2025-38677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38677"
    },
    {
      "name": "CVE-2025-38097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38097"
    },
    {
      "name": "CVE-2021-20266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
    },
    {
      "name": "CVE-2025-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1182"
    },
    {
      "name": "CVE-2025-37810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
    },
    {
      "name": "CVE-2025-38253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38253"
    },
    {
      "name": "CVE-2025-38123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38123"
    },
    {
      "name": "CVE-2025-38338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38338"
    },
    {
      "name": "CVE-2025-38555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38555"
    },
    {
      "name": "CVE-2025-38239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38239"
    },
    {
      "name": "CVE-2025-1371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
    },
    {
      "name": "CVE-2025-40001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40001"
    },
    {
      "name": "CVE-2022-40897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
    },
    {
      "name": "CVE-2026-1485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2022-27782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
    },
    {
      "name": "CVE-2008-0888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0888"
    },
    {
      "name": "CVE-2019-13232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
    },
    {
      "name": "CVE-2025-38590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38590"
    },
    {
      "name": "CVE-2025-38027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38027"
    },
    {
      "name": "CVE-2025-38102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
    },
    {
      "name": "CVE-2024-33600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
    },
    {
      "name": "CVE-2015-2654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
    },
    {
      "name": "CVE-2022-1210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
    },
    {
      "name": "CVE-2025-40035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
    },
    {
      "name": "CVE-2025-38283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38283"
    },
    {
      "name": "CVE-2023-25584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25584"
    },
    {
      "name": "CVE-2025-23159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
    },
    {
      "name": "CVE-2025-39988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
    },
    {
      "name": "CVE-2026-2005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
    },
    {
      "name": "CVE-2025-38455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38455"
    },
    {
      "name": "CVE-2015-4778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
    },
    {
      "name": "CVE-2025-1152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1152"
    },
    {
      "name": "CVE-2025-38584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38584"
    },
    {
      "name": "CVE-2025-38015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38015"
    },
    {
      "name": "CVE-2025-39675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
    },
    {
      "name": "CVE-2025-39679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39679"
    },
    {
      "name": "CVE-2025-11082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11082"
    },
    {
      "name": "CVE-2025-38527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
    },
    {
      "name": "CVE-2025-38449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
    },
    {
      "name": "CVE-2025-40233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40233"
    },
    {
      "name": "CVE-2023-32636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
    },
    {
      "name": "CVE-2025-37853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37853"
    },
    {
      "name": "CVE-2023-6277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
    },
    {
      "name": "CVE-2025-38126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38126"
    },
    {
      "name": "CVE-2025-48060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
    },
    {
      "name": "CVE-2025-38149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38149"
    },
    {
      "name": "CVE-2025-39763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39763"
    },
    {
      "name": "CVE-2025-38399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
    },
    {
      "name": "CVE-2025-40020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
    },
    {
      "name": "CVE-2025-38065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
    },
    {
      "name": "CVE-2025-38693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
    },
    {
      "name": "CVE-2025-38679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38679"
    },
    {
      "name": "CVE-2025-38459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
    },
    {
      "name": "CVE-2025-40188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40188"
    },
    {
      "name": "CVE-2025-38685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
    },
    {
      "name": "CVE-2023-3618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
    },
    {
      "name": "CVE-2025-38412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
    },
    {
      "name": "CVE-2025-38031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
    },
    {
      "name": "CVE-2023-4813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
    },
    {
      "name": "CVE-2017-3617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
    },
    {
      "name": "CVE-2025-14512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
    },
    {
      "name": "CVE-2025-38293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2025-1149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1149"
    },
    {
      "name": "CVE-2025-38648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38648"
    },
    {
      "name": "CVE-2025-38278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38278"
    },
    {
      "name": "CVE-2025-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
    },
    {
      "name": "CVE-2025-37764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37764"
    },
    {
      "name": "CVE-2025-38184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
    },
    {
      "name": "CVE-2017-3615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
    },
    {
      "name": "CVE-2022-44840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
    },
    {
      "name": "CVE-2023-28320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
    },
    {
      "name": "CVE-2025-37741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
    },
    {
      "name": "CVE-2026-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
    },
    {
      "name": "CVE-2025-38053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38053"
    },
    {
      "name": "CVE-2025-27587",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
    },
    {
      "name": "CVE-2026-0988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0988"
    },
    {
      "name": "CVE-2025-8534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
    },
    {
      "name": "CVE-2025-37822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37822"
    },
    {
      "name": "CVE-2025-61727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
    },
    {
      "name": "CVE-2025-37912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
    },
    {
      "name": "CVE-2025-38482",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38482"
    },
    {
      "name": "CVE-2023-39810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39810"
    },
    {
      "name": "CVE-2025-37820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
    },
    {
      "name": "CVE-2025-37985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2024-33599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
    },
    {
      "name": "CVE-2024-0743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
    },
    {
      "name": "CVE-2025-38634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38634"
    },
    {
      "name": "CVE-2025-37787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2025-38008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38008"
    },
    {
      "name": "CVE-2025-38458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
    },
    {
      "name": "CVE-2025-39730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
    },
    {
      "name": "CVE-2025-38011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38011"
    },
    {
      "name": "CVE-2025-64718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
    },
    {
      "name": "CVE-2022-50444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50444"
    },
    {
      "name": "CVE-2025-38034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
    },
    {
      "name": "CVE-2017-3608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
    },
    {
      "name": "CVE-2025-38135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
    },
    {
      "name": "CVE-2023-28484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
    },
    {
      "name": "CVE-2025-38619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38619"
    },
    {
      "name": "CVE-2019-2708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
    },
    {
      "name": "CVE-2025-38312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
    },
    {
      "name": "CVE-2025-38095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38095"
    },
    {
      "name": "CVE-2016-0692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
    },
    {
      "name": "CVE-2025-37878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37878"
    },
    {
      "name": "CVE-2025-39737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39737"
    },
    {
      "name": "CVE-2025-38464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
    },
    {
      "name": "CVE-2021-46174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46174"
    },
    {
      "name": "CVE-2026-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
    },
    {
      "name": "CVE-2025-40049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
    },
    {
      "name": "CVE-2023-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
    },
    {
      "name": "CVE-2023-53164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53164"
    },
    {
      "name": "CVE-2025-47910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
    },
    {
      "name": "CVE-2021-22924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22924"
    },
    {
      "name": "CVE-2023-47038",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
    },
    {
      "name": "CVE-2025-38363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
    },
    {
      "name": "CVE-2025-38702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38702"
    },
    {
      "name": "CVE-2025-38319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2022-0529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
    },
    {
      "name": "CVE-2015-4782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
    },
    {
      "name": "CVE-2025-38724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
    },
    {
      "name": "CVE-2022-2056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
    },
    {
      "name": "CVE-2023-26966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26966"
    },
    {
      "name": "CVE-2025-40070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40070"
    },
    {
      "name": "CVE-2025-38250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
    },
    {
      "name": "CVE-2025-38457",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
    },
    {
      "name": "CVE-2025-38582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38582"
    },
    {
      "name": "CVE-2025-37813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
    },
    {
      "name": "CVE-2025-38543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38543"
    },
    {
      "name": "CVE-2025-38698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
    },
    {
      "name": "CVE-2025-38212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
    },
    {
      "name": "CVE-2025-40106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40106"
    },
    {
      "name": "CVE-2017-3610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
    },
    {
      "name": "CVE-2025-38298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
    },
    {
      "name": "CVE-2022-43552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
    },
    {
      "name": "CVE-2025-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
    },
    {
      "name": "CVE-2025-39739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39739"
    },
    {
      "name": "CVE-2022-48065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48065"
    },
    {
      "name": "CVE-2025-38024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
    },
    {
      "name": "CVE-2025-38496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38496"
    },
    {
      "name": "CVE-2022-49063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
    },
    {
      "name": "CVE-2025-5917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
    },
    {
      "name": "CVE-2025-38078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
    },
    {
      "name": "CVE-2022-47696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47696"
    },
    {
      "name": "CVE-2025-38419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
    },
    {
      "name": "CVE-2024-45490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2025-38533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38533"
    },
    {
      "name": "CVE-2021-22947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
    },
    {
      "name": "CVE-2025-40205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40205"
    },
    {
      "name": "CVE-2015-4788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
    },
    {
      "name": "CVE-2025-38169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38169"
    },
    {
      "name": "CVE-2025-37931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
    },
    {
      "name": "CVE-2025-38511",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38511"
    },
    {
      "name": "CVE-2025-38537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38537"
    },
    {
      "name": "CVE-2025-38546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38546"
    },
    {
      "name": "CVE-2025-38211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2023-28319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
    },
    {
      "name": "CVE-2025-10966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
    },
    {
      "name": "CVE-2021-22922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
    },
    {
      "name": "CVE-2025-38057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38057"
    },
    {
      "name": "CVE-2024-45491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
    },
    {
      "name": "CVE-2025-50182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
    },
    {
      "name": "CVE-2025-47906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
    },
    {
      "name": "CVE-2020-2981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
    },
    {
      "name": "CVE-2025-37887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37887"
    },
    {
      "name": "CVE-2025-38077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
    },
    {
      "name": "CVE-2025-38251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2025-37861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37861"
    },
    {
      "name": "CVE-2025-38120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
    },
    {
      "name": "CVE-2025-38285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
    },
    {
      "name": "CVE-2025-39743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
    },
    {
      "name": "CVE-2025-39718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
    },
    {
      "name": "CVE-2025-37938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
    },
    {
      "name": "CVE-2025-38005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
    },
    {
      "name": "CVE-2025-38368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38368"
    },
    {
      "name": "CVE-2025-59375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
    },
    {
      "name": "CVE-2025-31133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
    },
    {
      "name": "CVE-2022-35205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35205"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2025-38161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
    },
    {
      "name": "CVE-2025-38331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38331"
    },
    {
      "name": "CVE-2025-38354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38354"
    },
    {
      "name": "CVE-2016-3418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
    },
    {
      "name": "CVE-2025-38712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
    },
    {
      "name": "CVE-2025-38732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38732"
    },
    {
      "name": "CVE-2022-29824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
    },
    {
      "name": "CVE-2025-39773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39773"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2025-38696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38696"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2025-38274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38274"
    },
    {
      "name": "CVE-2025-40027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
    },
    {
      "name": "CVE-2025-64505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
    },
    {
      "name": "CVE-2025-39885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39885"
    },
    {
      "name": "CVE-2021-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
    },
    {
      "name": "CVE-2025-50181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
    },
    {
      "name": "CVE-2015-2656",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
    },
    {
      "name": "CVE-2025-37874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37874"
    },
    {
      "name": "CVE-2025-38115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
    },
    {
      "name": "CVE-2025-66382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66382"
    },
    {
      "name": "CVE-2025-38632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38632"
    },
    {
      "name": "CVE-2021-22946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
    },
    {
      "name": "CVE-2023-0767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
    },
    {
      "name": "CVE-2025-37988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37988"
    },
    {
      "name": "CVE-2025-1795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
    },
    {
      "name": "CVE-2025-23158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
    },
    {
      "name": "CVE-2017-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
    },
    {
      "name": "CVE-2025-23144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
    },
    {
      "name": "CVE-2025-38153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
    },
    {
      "name": "CVE-2025-37969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
    },
    {
      "name": "CVE-2025-69421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
    },
    {
      "name": "CVE-2025-38548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38548"
    },
    {
      "name": "CVE-2025-37816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37816"
    },
    {
      "name": "CVE-2025-37742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
    },
    {
      "name": "CVE-2025-4517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
    },
    {
      "name": "CVE-2025-58188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
    },
    {
      "name": "CVE-2025-37765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
    },
    {
      "name": "CVE-2016-9843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9843"
    },
    {
      "name": "CVE-2025-1178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1178"
    },
    {
      "name": "CVE-2025-38395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
    },
    {
      "name": "CVE-2025-37921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37921"
    },
    {
      "name": "CVE-2023-29499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
    },
    {
      "name": "CVE-2025-38507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38507"
    },
    {
      "name": "CVE-2025-39989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39989"
    },
    {
      "name": "CVE-2025-38337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
    },
    {
      "name": "CVE-2025-38014",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38014"
    },
    {
      "name": "CVE-2025-38258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38258"
    },
    {
      "name": "CVE-2024-1013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
    },
    {
      "name": "CVE-2025-37828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37828"
    },
    {
      "name": "CVE-2025-4674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
    },
    {
      "name": "CVE-2025-30258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
    },
    {
      "name": "CVE-2025-1176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1176"
    },
    {
      "name": "CVE-2025-37769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
    },
    {
      "name": "CVE-2025-38465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2025-38513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
    },
    {
      "name": "CVE-2025-39970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
    },
    {
      "name": "CVE-2025-38086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
    },
    {
      "name": "CVE-2025-37935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37935"
    },
    {
      "name": "CVE-2025-38396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38396"
    },
    {
      "name": "CVE-2025-23161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
    },
    {
      "name": "CVE-2025-38407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38407"
    },
    {
      "name": "CVE-2025-39994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
    },
    {
      "name": "CVE-2015-4784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
    },
    {
      "name": "CVE-2025-12119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12119"
    },
    {
      "name": "CVE-2023-4527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
    },
    {
      "name": "CVE-2025-38493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38493"
    },
    {
      "name": "CVE-2025-37803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
    },
    {
      "name": "CVE-2025-38670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38670"
    },
    {
      "name": "CVE-2025-39732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39732"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2025-37824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
    },
    {
      "name": "CVE-2023-34410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-34410"
    },
    {
      "name": "CVE-2025-38602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38602"
    },
    {
      "name": "CVE-2023-4156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4156"
    },
    {
      "name": "CVE-2014-8139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
    },
    {
      "name": "CVE-2025-47911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47911"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2025-38003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
    },
    {
      "name": "CVE-2025-38441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
    },
    {
      "name": "CVE-2025-28162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-28162"
    },
    {
      "name": "CVE-2025-38007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38007"
    },
    {
      "name": "CVE-2025-37923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
    },
    {
      "name": "CVE-2025-40088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
    },
    {
      "name": "CVE-2025-40220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40220"
    },
    {
      "name": "CVE-2022-2519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
    },
    {
      "name": "CVE-2025-38142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38142"
    },
    {
      "name": "CVE-2022-23990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
    },
    {
      "name": "CVE-2022-49920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49920"
    },
    {
      "name": "CVE-2025-37739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
    },
    {
      "name": "CVE-2022-0530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
    },
    {
      "name": "CVE-2025-13151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
    },
    {
      "name": "CVE-2025-38478",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38478"
    },
    {
      "name": "CVE-2025-38568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38568"
    },
    {
      "name": "CVE-2025-38583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38583"
    },
    {
      "name": "CVE-2025-39788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39788"
    },
    {
      "name": "CVE-2025-22058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
    },
    {
      "name": "CVE-2025-37831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37831"
    },
    {
      "name": "CVE-2025-38499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
    },
    {
      "name": "CVE-2025-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
    },
    {
      "name": "CVE-2025-38269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38269"
    },
    {
      "name": "CVE-2025-38079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
    },
    {
      "name": "CVE-2025-37940",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
    },
    {
      "name": "CVE-2022-28391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28391"
    },
    {
      "name": "CVE-2021-46828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
    },
    {
      "name": "CVE-2023-2804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
    },
    {
      "name": "CVE-2025-37945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37945"
    },
    {
      "name": "CVE-2025-6141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
    },
    {
      "name": "CVE-2025-40109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40109"
    },
    {
      "name": "CVE-2024-13978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
    },
    {
      "name": "CVE-2025-38735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38735"
    },
    {
      "name": "CVE-2022-50247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50247"
    },
    {
      "name": "CVE-2025-40006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40006"
    },
    {
      "name": "CVE-2025-12383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12383"
    },
    {
      "name": "CVE-2025-38652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38652"
    },
    {
      "name": "CVE-2025-38110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38110"
    },
    {
      "name": "CVE-2025-38422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38422"
    },
    {
      "name": "CVE-2025-38402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38402"
    },
    {
      "name": "CVE-2021-3520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
    },
    {
      "name": "CVE-2025-39698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39698"
    },
    {
      "name": "CVE-2025-64506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64506"
    },
    {
      "name": "CVE-2025-37915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
    },
    {
      "name": "CVE-2025-6020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
    },
    {
      "name": "CVE-2015-2626",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
    },
    {
      "name": "CVE-2025-23146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
    },
    {
      "name": "CVE-2022-48064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48064"
    },
    {
      "name": "CVE-2025-37903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37903"
    },
    {
      "name": "CVE-2025-52881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
    },
    {
      "name": "CVE-2025-23142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
    },
    {
      "name": "CVE-2020-10029",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
    },
    {
      "name": "CVE-2025-7425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
    },
    {
      "name": "CVE-2022-36227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
    },
    {
      "name": "CVE-2025-37738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
    },
    {
      "name": "CVE-2025-40011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
    },
    {
      "name": "CVE-2025-21883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
    },
    {
      "name": "CVE-2025-38303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38303"
    },
    {
      "name": "CVE-2023-29469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2025-38074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
    },
    {
      "name": "CVE-2023-52355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
    },
    {
      "name": "CVE-2025-40085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
    },
    {
      "name": "CVE-2025-38119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
    },
    {
      "name": "CVE-2025-38232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38232"
    },
    {
      "name": "CVE-2025-38245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
    },
    {
      "name": "CVE-2025-40231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40231"
    },
    {
      "name": "CVE-2021-36770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
    },
    {
      "name": "CVE-2025-38324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2021-36976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
    },
    {
      "name": "CVE-2025-38018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38018"
    },
    {
      "name": "CVE-2023-3164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
    },
    {
      "name": "CVE-2022-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
    },
    {
      "name": "CVE-2023-27535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
    },
    {
      "name": "CVE-2022-27775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
    },
    {
      "name": "CVE-2024-12718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
    },
    {
      "name": "CVE-2025-37830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
    },
    {
      "name": "CVE-2018-25032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
    },
    {
      "name": "CVE-2025-3360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
    },
    {
      "name": "CVE-2025-38614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
    },
    {
      "name": "CVE-2025-37991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
    },
    {
      "name": "CVE-2026-22796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
    },
    {
      "name": "CVE-2025-64720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
    },
    {
      "name": "CVE-2025-38425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38425"
    },
    {
      "name": "CVE-2022-3970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3970"
    },
    {
      "name": "CVE-2025-9165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
    },
    {
      "name": "CVE-2023-30571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
    },
    {
      "name": "CVE-2022-50249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50249"
    },
    {
      "name": "CVE-2025-61724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
    },
    {
      "name": "CVE-2025-37978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37978"
    },
    {
      "name": "CVE-2025-37781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
    },
    {
      "name": "CVE-2024-5642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
    },
    {
      "name": "CVE-2024-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
    },
    {
      "name": "CVE-2015-4781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
    },
    {
      "name": "CVE-2025-38210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38210"
    },
    {
      "name": "CVE-2025-38542",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
    },
    {
      "name": "CVE-2025-38664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38664"
    },
    {
      "name": "CVE-2025-38344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
    },
    {
      "name": "CVE-2025-23145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
    },
    {
      "name": "CVE-2025-23143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
    },
    {
      "name": "CVE-2021-3999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
    },
    {
      "name": "CVE-2023-53182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-53182"
    },
    {
      "name": "CVE-2025-38322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38322"
    },
    {
      "name": "CVE-2025-38088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
    },
    {
      "name": "CVE-2025-23141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
    },
    {
      "name": "CVE-2025-37823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
    },
    {
      "name": "CVE-2022-27774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
    },
    {
      "name": "CVE-2025-38332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
    },
    {
      "name": "CVE-2025-38386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
    },
    {
      "name": "CVE-2025-61732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
    },
    {
      "name": "CVE-2017-3605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
    },
    {
      "name": "CVE-2025-61723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
    },
    {
      "name": "CVE-2025-38385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38385"
    },
    {
      "name": "CVE-2022-40303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
    },
    {
      "name": "CVE-2025-11083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11083"
    },
    {
      "name": "CVE-2025-37952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37952"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2024-6763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
    },
    {
      "name": "CVE-2023-0801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
    },
    {
      "name": "CVE-2025-38694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
    },
    {
      "name": "CVE-2025-37793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37793"
    },
    {
      "name": "CVE-2020-10543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10543"
    },
    {
      "name": "CVE-2025-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
    },
    {
      "name": "CVE-2025-37740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
    },
    {
      "name": "CVE-2025-38676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38676"
    },
    {
      "name": "CVE-2025-38530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38530"
    },
    {
      "name": "CVE-2022-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
    },
    {
      "name": "CVE-2025-38174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
    },
    {
      "name": "CVE-2025-8713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
    },
    {
      "name": "CVE-2025-37826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37826"
    },
    {
      "name": "CVE-2025-37986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37986"
    },
    {
      "name": "CVE-2025-37829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2025-66471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
    },
    {
      "name": "CVE-2025-38409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38409"
    },
    {
      "name": "CVE-2025-6170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
    },
    {
      "name": "CVE-2022-3479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
    },
    {
      "name": "CVE-2021-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
    },
    {
      "name": "CVE-2025-9900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
    },
    {
      "name": "CVE-2025-40183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40183"
    },
    {
      "name": "CVE-2025-38019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38019"
    },
    {
      "name": "CVE-2025-38729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
    },
    {
      "name": "CVE-2025-14017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14017"
    },
    {
      "name": "CVE-2023-40745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2025-23151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
    },
    {
      "name": "CVE-2025-38037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
    },
    {
      "name": "CVE-2017-3609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
    },
    {
      "name": "CVE-2025-39998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39998"
    },
    {
      "name": "CVE-2014-9636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
    },
    {
      "name": "CVE-2025-13836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
    },
    {
      "name": "CVE-2017-3611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
    },
    {
      "name": "CVE-2022-2521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
    },
    {
      "name": "CVE-2023-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
    },
    {
      "name": "CVE-2025-37796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
    },
    {
      "name": "CVE-2025-37962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37962"
    },
    {
      "name": "CVE-2026-1002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
    },
    {
      "name": "CVE-2025-40134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40134"
    },
    {
      "name": "CVE-2025-38681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
    },
    {
      "name": "CVE-2023-25435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
    },
    {
      "name": "CVE-2025-37799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
    },
    {
      "name": "CVE-2022-29155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29155"
    },
    {
      "name": "CVE-2025-61725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
    },
    {
      "name": "CVE-2025-38593",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38593"
    },
    {
      "name": "CVE-2026-25210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2025-39968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
    },
    {
      "name": "CVE-2023-33285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33285"
    },
    {
      "name": "CVE-2024-52533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
    },
    {
      "name": "CVE-2025-38342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
    },
    {
      "name": "CVE-2025-65018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
    },
    {
      "name": "CVE-2025-39795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39795"
    },
    {
      "name": "CVE-2015-4777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
    },
    {
      "name": "CVE-2025-37801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
    },
    {
      "name": "CVE-2025-7039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
    },
    {
      "name": "CVE-2025-38167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
    },
    {
      "name": "CVE-2025-37883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
    },
    {
      "name": "CVE-2025-37863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37863"
    },
    {
      "name": "CVE-2023-0687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
    },
    {
      "name": "CVE-2025-37901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37901"
    },
    {
      "name": "CVE-2025-38687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2025-37811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2025-38257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
    },
    {
      "name": "CVE-2022-29458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
    },
    {
      "name": "CVE-2023-5156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
    },
    {
      "name": "CVE-2025-22104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
    },
    {
      "name": "CVE-2025-37864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37864"
    },
    {
      "name": "CVE-2021-32256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
    },
    {
      "name": "CVE-2025-38307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38307"
    },
    {
      "name": "CVE-2025-11081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11081"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-37916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37916"
    },
    {
      "name": "CVE-2025-38111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
    },
    {
      "name": "CVE-2025-39986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
    },
    {
      "name": "CVE-2026-22184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22184"
    },
    {
      "name": "CVE-2025-37767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
    },
    {
      "name": "CVE-2025-5918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
    },
    {
      "name": "CVE-2025-39955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
    },
    {
      "name": "CVE-2025-66293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
    },
    {
      "name": "CVE-2017-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
    },
    {
      "name": "CVE-2025-37989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
    },
    {
      "name": "CVE-2025-38529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38529"
    },
    {
      "name": "CVE-2025-38326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
    },
    {
      "name": "CVE-2025-38055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38055"
    },
    {
      "name": "CVE-2025-12818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
    },
    {
      "name": "CVE-2025-38129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38129"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2025-38384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
    },
    {
      "name": "CVE-2025-38334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38334"
    },
    {
      "name": "CVE-2025-38728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38728"
    },
    {
      "name": "CVE-2025-38424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
    },
    {
      "name": "CVE-2025-38430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
    },
    {
      "name": "CVE-2025-38715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
    },
    {
      "name": "CVE-2021-22897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22897"
    },
    {
      "name": "CVE-2025-39734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39734"
    },
    {
      "name": "CVE-2025-38089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38089"
    },
    {
      "name": "CVE-2025-40078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
    },
    {
      "name": "CVE-2025-38382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38382"
    },
    {
      "name": "CVE-2025-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
    },
    {
      "name": "CVE-2023-2603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
    },
    {
      "name": "CVE-2025-38608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38608"
    },
    {
      "name": "CVE-2025-38650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38650"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    },
    {
      "name": "CVE-2025-39710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
    },
    {
      "name": "CVE-2025-40116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40116"
    },
    {
      "name": "CVE-2025-68249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68249"
    },
    {
      "name": "CVE-2026-0990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0990"
    },
    {
      "name": "CVE-2025-38124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38124"
    },
    {
      "name": "CVE-2025-39934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
    },
    {
      "name": "CVE-2025-37925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
    },
    {
      "name": "CVE-2026-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2023-0799",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
    },
    {
      "name": "CVE-2020-12723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12723"
    },
    {
      "name": "CVE-2025-39683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39683"
    },
    {
      "name": "CVE-2025-38420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
    },
    {
      "name": "CVE-2025-38071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38071"
    },
    {
      "name": "CVE-2021-3521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
    },
    {
      "name": "CVE-2025-40179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40179"
    },
    {
      "name": "CVE-2025-37972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37972"
    },
    {
      "name": "CVE-2025-38183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38183"
    },
    {
      "name": "CVE-2025-40127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40127"
    },
    {
      "name": "CVE-2025-37768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
    },
    {
      "name": "CVE-2025-39794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39794"
    },
    {
      "name": "CVE-2025-38160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
    },
    {
      "name": "CVE-2024-33601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2022-48063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48063"
    },
    {
      "name": "CVE-2024-53589",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53589"
    },
    {
      "name": "CVE-2025-37984",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37984"
    },
    {
      "name": "CVE-2025-38528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38528"
    },
    {
      "name": "CVE-2025-39996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
    },
    {
      "name": "CVE-2025-37856",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37856"
    },
    {
      "name": "CVE-2025-38107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2023-32181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32181"
    },
    {
      "name": "CVE-2025-38292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38292"
    },
    {
      "name": "CVE-2025-40053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40053"
    },
    {
      "name": "CVE-2025-38085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
    },
    {
      "name": "CVE-2026-24515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
    },
    {
      "name": "CVE-2025-38222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
    },
    {
      "name": "CVE-2025-38010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38010"
    },
    {
      "name": "CVE-2025-38197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
    },
    {
      "name": "CVE-2025-39951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39951"
    },
    {
      "name": "CVE-2025-38468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38468"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2025-40120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40120"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2025-11495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11495"
    },
    {
      "name": "CVE-2025-38688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38688"
    },
    {
      "name": "CVE-2025-38333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38333"
    },
    {
      "name": "CVE-2019-9076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9076"
    },
    {
      "name": "CVE-2025-37970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
    },
    {
      "name": "CVE-2025-55199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
    },
    {
      "name": "CVE-2025-21884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
    },
    {
      "name": "CVE-2025-37905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
    },
    {
      "name": "CVE-2025-38390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38390"
    },
    {
      "name": "CVE-2025-38013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38013"
    },
    {
      "name": "CVE-2021-20205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20205"
    },
    {
      "name": "CVE-2025-38059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38059"
    },
    {
      "name": "CVE-2025-5025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
    },
    {
      "name": "CVE-2025-38713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
    },
    {
      "name": "CVE-2025-37956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37956"
    },
    {
      "name": "CVE-2025-40243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40243"
    },
    {
      "name": "CVE-2025-38148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38148"
    },
    {
      "name": "CVE-2025-38467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
    },
    {
      "name": "CVE-2024-34459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
    },
    {
      "name": "CVE-2025-38117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38117"
    },
    {
      "name": "CVE-2025-38094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
    },
    {
      "name": "CVE-2025-49795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
    },
    {
      "name": "CVE-2025-14104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
    },
    {
      "name": "CVE-2014-9913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
    },
    {
      "name": "CVE-2025-38072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
    },
    {
      "name": "CVE-2024-37407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
    },
    {
      "name": "CVE-2015-4775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
    },
    {
      "name": "CVE-2025-37967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
    },
    {
      "name": "CVE-2025-38300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38300"
    },
    {
      "name": "CVE-2016-0694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
    },
    {
      "name": "CVE-2025-38289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38289"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2025-39782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39782"
    },
    {
      "name": "CVE-2025-38075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
    },
    {
      "name": "CVE-2025-37885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
    },
    {
      "name": "CVE-2025-38697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
    },
    {
      "name": "CVE-2025-1376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
    },
    {
      "name": "CVE-2025-47912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
    },
    {
      "name": "CVE-2025-37949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
    },
    {
      "name": "CVE-2001-1269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
    },
    {
      "name": "CVE-2025-38691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
    },
    {
      "name": "CVE-2025-38373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38373"
    },
    {
      "name": "CVE-2025-11414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11414"
    },
    {
      "name": "CVE-2025-38489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38489"
    },
    {
      "name": "CVE-2025-66861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66861"
    },
    {
      "name": "CVE-2025-37957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37957"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2025-38058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
    },
    {
      "name": "CVE-2025-38483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38483"
    },
    {
      "name": "CVE-2025-38369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38369"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2025-39759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39759"
    },
    {
      "name": "CVE-2025-38639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38639"
    },
    {
      "name": "CVE-2025-38122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
    },
    {
      "name": "CVE-2025-38612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38612"
    },
    {
      "name": "CVE-2022-50250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-50250"
    },
    {
      "name": "CVE-2023-0795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
    },
    {
      "name": "CVE-2025-68160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
    },
    {
      "name": "CVE-2015-2583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
    },
    {
      "name": "CVE-2025-38173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
    },
    {
      "name": "CVE-2021-29390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29390"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2025-38143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
    },
    {
      "name": "CVE-2025-45768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
    },
    {
      "name": "CVE-2025-38098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38098"
    },
    {
      "name": "CVE-2025-38566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38566"
    },
    {
      "name": "CVE-2025-1365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
    },
    {
      "name": "CVE-2025-39721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
    },
    {
      "name": "CVE-2024-25062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
    },
    {
      "name": "CVE-2025-39760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
    },
    {
      "name": "CVE-2025-40118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40118"
    },
    {
      "name": "CVE-2022-32205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
    },
    {
      "name": "CVE-2025-38718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
    },
    {
      "name": "CVE-2023-27534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2025-38392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38392"
    },
    {
      "name": "CVE-2025-60753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60753"
    },
    {
      "name": "CVE-2025-39673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39673"
    },
    {
      "name": "CVE-2023-27536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
    },
    {
      "name": "CVE-2025-52565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
    },
    {
      "name": "CVE-2025-38259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38259"
    },
    {
      "name": "CVE-2025-38663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38663"
    },
    {
      "name": "CVE-2015-4783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
    },
    {
      "name": "CVE-2025-40021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40021"
    },
    {
      "name": "CVE-2025-67735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
    },
    {
      "name": "CVE-2025-38156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38156"
    },
    {
      "name": "CVE-2015-4774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
    },
    {
      "name": "CVE-2025-37951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37951"
    },
    {
      "name": "CVE-2023-50495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
    },
    {
      "name": "CVE-2025-37840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
    },
    {
      "name": "CVE-2017-11164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
    },
    {
      "name": "CVE-2025-37947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37947"
    },
    {
      "name": "CVE-2025-61728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
    },
    {
      "name": "CVE-2022-43551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
    },
    {
      "name": "CVE-2025-68972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68972"
    },
    {
      "name": "CVE-2025-26519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-26519"
    },
    {
      "name": "CVE-2025-38416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
    },
    {
      "name": "CVE-2025-58186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
    },
    {
      "name": "CVE-2025-37846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37846"
    },
    {
      "name": "CVE-2025-38722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38722"
    },
    {
      "name": "CVE-2025-38192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38192"
    },
    {
      "name": "CVE-2025-39800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39800"
    },
    {
      "name": "CVE-2025-40044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
    },
    {
      "name": "CVE-2025-13034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13034"
    },
    {
      "name": "CVE-2021-20284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20284"
    },
    {
      "name": "CVE-2025-8714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
    },
    {
      "name": "CVE-2025-38343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38343"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2025-40105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40105"
    },
    {
      "name": "CVE-2025-38202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38202"
    },
    {
      "name": "CVE-2017-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2025-40112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40112"
    },
    {
      "name": "CVE-2025-22101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22101"
    },
    {
      "name": "CVE-2021-32292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
    },
    {
      "name": "CVE-2025-38374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38374"
    },
    {
      "name": "CVE-2025-39703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39703"
    },
    {
      "name": "CVE-2025-38194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
    },
    {
      "name": "CVE-2025-38549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38549"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2023-1972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
    },
    {
      "name": "CVE-2025-8869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8869"
    },
    {
      "name": "CVE-2025-58187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
    },
    {
      "name": "CVE-2022-34903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
    },
    {
      "name": "CVE-2022-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
    },
    {
      "name": "CVE-2025-38665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38665"
    },
    {
      "name": "CVE-2024-20696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
    },
    {
      "name": "CVE-2025-38101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38101"
    },
    {
      "name": "CVE-2023-32573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32573"
    },
    {
      "name": "CVE-2025-37982",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
    },
    {
      "name": "CVE-2025-37992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
    },
    {
      "name": "CVE-2025-38577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38577"
    },
    {
      "name": "CVE-2025-38671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38671"
    },
    {
      "name": "CVE-2020-19726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-19726"
    },
    {
      "name": "CVE-2022-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
    },
    {
      "name": "CVE-2025-39971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
    },
    {
      "name": "CVE-2025-38299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38299"
    },
    {
      "name": "CVE-2025-40154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
    },
    {
      "name": "CVE-2025-13601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
    },
    {
      "name": "CVE-2025-12817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
    },
    {
      "name": "CVE-2025-38635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38635"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2022-47010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47010"
    },
    {
      "name": "CVE-2025-38704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38704"
    },
    {
      "name": "CVE-2025-38348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
    },
    {
      "name": "CVE-2020-22916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
    },
    {
      "name": "CVE-2025-38488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38488"
    },
    {
      "name": "CVE-2025-38540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
    },
    {
      "name": "CVE-2025-5916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
    },
    {
      "name": "CVE-2025-38040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38040"
    },
    {
      "name": "CVE-2025-38265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38265"
    },
    {
      "name": "CVE-2025-23149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23149"
    },
    {
      "name": "CVE-2022-33070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-33070"
    },
    {
      "name": "CVE-2025-38403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
    },
    {
      "name": "CVE-2022-23308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
    },
    {
      "name": "CVE-2025-38552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38552"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-37914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-10911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2022-28805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
    },
    {
      "name": "CVE-2025-37873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37873"
    },
    {
      "name": "CVE-2024-57360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57360"
    },
    {
      "name": "CVE-2025-37928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37928"
    },
    {
      "name": "CVE-2017-3604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
    },
    {
      "name": "CVE-2023-0804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
    },
    {
      "name": "CVE-2025-39766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39766"
    },
    {
      "name": "CVE-2025-39801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
    },
    {
      "name": "CVE-2025-37922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37922"
    },
    {
      "name": "CVE-2025-38146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
    },
    {
      "name": "CVE-2024-38828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
    },
    {
      "name": "CVE-2025-39724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
    },
    {
      "name": "CVE-2023-27538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
    },
    {
      "name": "CVE-2025-39687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39687"
    },
    {
      "name": "CVE-2025-37794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2025-14524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14524"
    },
    {
      "name": "CVE-2025-38510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38510"
    },
    {
      "name": "CVE-2025-27113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
    },
    {
      "name": "CVE-2025-38246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38246"
    },
    {
      "name": "CVE-2025-39758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39758"
    },
    {
      "name": "CVE-2025-39694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39694"
    },
    {
      "name": "CVE-2025-38220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38220"
    },
    {
      "name": "CVE-2025-38405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38405"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2025-38418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
    },
    {
      "name": "CVE-2025-38090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
    },
    {
      "name": "CVE-2022-23218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
    },
    {
      "name": "CVE-2025-38429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38429"
    },
    {
      "name": "CVE-2022-25236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
    },
    {
      "name": "CVE-2023-30775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
    },
    {
      "name": "CVE-2025-38225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38225"
    },
    {
      "name": "CVE-2025-47913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
    },
    {
      "name": "CVE-2025-38155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38155"
    },
    {
      "name": "CVE-2023-0797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
    },
    {
      "name": "CVE-2025-37977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37977"
    },
    {
      "name": "CVE-2023-37369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37369"
    },
    {
      "name": "CVE-2024-48615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48615"
    },
    {
      "name": "CVE-2025-38365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38365"
    },
    {
      "name": "CVE-2025-38415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2025-38668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38668"
    },
    {
      "name": "CVE-2025-37973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37973"
    },
    {
      "name": "CVE-2025-68750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68750"
    },
    {
      "name": "CVE-2025-38260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38260"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2025-37827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37827"
    },
    {
      "name": "CVE-2025-38721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38721"
    },
    {
      "name": "CVE-2025-38244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38244"
    },
    {
      "name": "CVE-2023-1916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
    },
    {
      "name": "CVE-2025-38080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38080"
    },
    {
      "name": "CVE-2025-40126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40126"
    },
    {
      "name": "CVE-2025-39972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
    },
    {
      "name": "CVE-2025-37748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
    },
    {
      "name": "CVE-2025-38364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38364"
    },
    {
      "name": "CVE-2025-38615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38615"
    },
    {
      "name": "CVE-2025-58181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
    },
    {
      "name": "CVE-2025-40909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
    },
    {
      "name": "CVE-2023-25588",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
    },
    {
      "name": "CVE-2025-39684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
    },
    {
      "name": "CVE-2025-37836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
    },
    {
      "name": "CVE-2025-38526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38526"
    },
    {
      "name": "CVE-2017-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
    },
    {
      "name": "CVE-2025-38472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38472"
    },
    {
      "name": "CVE-2022-2520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
    },
    {
      "name": "CVE-2025-8959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8959"
    },
    {
      "name": "CVE-2025-37944",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37944"
    },
    {
      "name": "CVE-2025-47914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
    },
    {
      "name": "CVE-2025-38506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38506"
    },
    {
      "name": "CVE-2025-38703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38703"
    },
    {
      "name": "CVE-2025-38494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
    },
    {
      "name": "CVE-2025-39753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39753"
    },
    {
      "name": "CVE-2025-69418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
    },
    {
      "name": "CVE-2025-38604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38604"
    },
    {
      "name": "CVE-2025-38623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38623"
    },
    {
      "name": "CVE-2025-38193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38193"
    },
    {
      "name": "CVE-2025-38400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
    },
    {
      "name": "CVE-2025-4516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
    },
    {
      "name": "CVE-2025-38136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
    },
    {
      "name": "CVE-2025-66864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66864"
    },
    {
      "name": "CVE-2025-58058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-38544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38544"
    },
    {
      "name": "CVE-2025-37771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
    },
    {
      "name": "CVE-2025-39797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39797"
    },
    {
      "name": "CVE-2025-40200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40200"
    },
    {
      "name": "CVE-2025-38236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38236"
    },
    {
      "name": "CVE-2025-38725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
    },
    {
      "name": "CVE-2025-37975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37975"
    },
    {
      "name": "CVE-2023-41175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
    },
    {
      "name": "CVE-2025-40124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40124"
    },
    {
      "name": "CVE-2025-38347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38347"
    },
    {
      "name": "CVE-2025-39776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39776"
    },
    {
      "name": "CVE-2025-1150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1150"
    },
    {
      "name": "CVE-2025-39880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39880"
    },
    {
      "name": "CVE-2025-37998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
    },
    {
      "name": "CVE-2025-38198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38198"
    },
    {
      "name": "CVE-2025-58189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
    },
    {
      "name": "CVE-2025-6021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
    },
    {
      "name": "CVE-2025-23163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
    },
    {
      "name": "CVE-2025-40094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40094"
    },
    {
      "name": "CVE-2025-37968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37968"
    },
    {
      "name": "CVE-2025-38376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38376"
    },
    {
      "name": "CVE-2025-38006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38006"
    },
    {
      "name": "CVE-2022-26280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
    },
    {
      "name": "CVE-2025-0665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0665"
    },
    {
      "name": "CVE-2025-38437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38437"
    },
    {
      "name": "CVE-2025-38125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38125"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2025-38351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
    },
    {
      "name": "CVE-2025-38048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2012-0880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
    },
    {
      "name": "CVE-2023-3576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
    },
    {
      "name": "CVE-2023-4806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
    },
    {
      "name": "CVE-2025-38683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2023-47039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
    },
    {
      "name": "CVE-2025-39736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39736"
    },
    {
      "name": "CVE-2025-37757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
    },
    {
      "name": "CVE-2018-9996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9996"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2025-8225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8225"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2022-32206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
    },
    {
      "name": "CVE-2025-8224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8224"
    },
    {
      "name": "CVE-2024-50602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
    },
    {
      "name": "CVE-2015-7697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
    },
    {
      "name": "CVE-2025-38009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-40215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40215"
    },
    {
      "name": "CVE-2025-40111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40111"
    },
    {
      "name": "CVE-2025-38081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38081"
    },
    {
      "name": "CVE-2025-37809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37809"
    },
    {
      "name": "CVE-2025-40068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40068"
    },
    {
      "name": "CVE-2025-5245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5245"
    },
    {
      "name": "CVE-2025-38185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38185"
    },
    {
      "name": "CVE-2025-39691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39691"
    },
    {
      "name": "CVE-2025-38406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
    },
    {
      "name": "CVE-2021-35942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
    },
    {
      "name": "CVE-2025-40042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40042"
    },
    {
      "name": "CVE-2025-32415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
    },
    {
      "name": "CVE-2025-24855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
    },
    {
      "name": "CVE-2025-37817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
    },
    {
      "name": "CVE-2025-39890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39890"
    },
    {
      "name": "CVE-2025-39742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
    },
    {
      "name": "CVE-2025-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
    },
    {
      "name": "CVE-2025-22102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
    },
    {
      "name": "CVE-2025-37987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37987"
    },
    {
      "name": "CVE-2024-23337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
    },
    {
      "name": "CVE-2016-0689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
    },
    {
      "name": "CVE-2025-37749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
    },
    {
      "name": "CVE-2026-22695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
    },
    {
      "name": "CVE-2026-23490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
    },
    {
      "name": "CVE-2025-11966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11966"
    },
    {
      "name": "CVE-2024-36331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36331"
    },
    {
      "name": "CVE-2025-39748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39748"
    },
    {
      "name": "CVE-2014-8140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
    },
    {
      "name": "CVE-2026-0992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0992"
    },
    {
      "name": "CVE-2025-38263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
    },
    {
      "name": "CVE-2022-47011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47011"
    },
    {
      "name": "CVE-2025-38610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38610"
    },
    {
      "name": "CVE-2025-37772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
    },
    {
      "name": "CVE-2025-9230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
    },
    {
      "name": "CVE-2025-38214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38214"
    },
    {
      "name": "CVE-2025-12194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12194"
    },
    {
      "name": "CVE-2021-3549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3549"
    },
    {
      "name": "CVE-2025-38560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38560"
    },
    {
      "name": "CVE-2025-37994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
    },
    {
      "name": "CVE-2025-38551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38551"
    },
    {
      "name": "CVE-2025-38701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38701"
    },
    {
      "name": "CVE-2025-38218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
    },
    {
      "name": "CVE-2025-66564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
    },
    {
      "name": "CVE-2025-38349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38349"
    },
    {
      "name": "CVE-2025-5244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5244"
    },
    {
      "name": "CVE-2021-37972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37972"
    },
    {
      "name": "CVE-2025-1352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2021-33574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
    },
    {
      "name": "CVE-2018-1000035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
    },
    {
      "name": "CVE-2025-39726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39726"
    },
    {
      "name": "CVE-2023-4863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2025-38393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
    },
    {
      "name": "CVE-2024-26256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
    },
    {
      "name": "CVE-2021-3326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
    },
    {
      "name": "CVE-2021-22926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
    },
    {
      "name": "CVE-2025-32414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
    },
    {
      "name": "CVE-2025-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37891"
    },
    {
      "name": "CVE-2025-38249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
    },
    {
      "name": "CVE-2025-38716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38716"
    },
    {
      "name": "CVE-2025-39937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
    },
    {
      "name": "CVE-2025-37858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
    },
    {
      "name": "CVE-2023-40403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
    },
    {
      "name": "CVE-2025-22013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
    },
    {
      "name": "CVE-2025-38154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
    },
    {
      "name": "CVE-2025-38469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38469"
    },
    {
      "name": "CVE-2025-38581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38581"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2025-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1153"
    },
    {
      "name": "CVE-2025-62408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62408"
    },
    {
      "name": "CVE-2025-40060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
    },
    {
      "name": "CVE-2026-2003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
    },
    {
      "name": "CVE-2025-39790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
    },
    {
      "name": "CVE-2025-38389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
    },
    {
      "name": "CVE-2025-38448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
    },
    {
      "name": "CVE-2022-48281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
    },
    {
      "name": "CVE-2021-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
    },
    {
      "name": "CVE-2025-15079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15079"
    },
    {
      "name": "CVE-2025-37780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
    },
    {
      "name": "CVE-2025-37995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
    },
    {
      "name": "CVE-2025-38680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
    },
    {
      "name": "CVE-2025-37754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37754"
    },
    {
      "name": "CVE-2025-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
    },
    {
      "name": "CVE-2025-11412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11412"
    },
    {
      "name": "CVE-2025-38497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38497"
    },
    {
      "name": "CVE-2025-23156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
    },
    {
      "name": "CVE-2025-23157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
    },
    {
      "name": "CVE-2025-38684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
    },
    {
      "name": "CVE-2025-38165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38165"
    },
    {
      "name": "CVE-2022-28321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
    },
    {
      "name": "CVE-2025-39686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
    },
    {
      "name": "CVE-2025-39798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
    },
    {
      "name": "CVE-2025-38495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
    },
    {
      "name": "CVE-2025-37808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
    },
    {
      "name": "CVE-2017-3606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
    },
    {
      "name": "CVE-2025-38730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38730"
    },
    {
      "name": "CVE-2025-38052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
    },
    {
      "name": "CVE-2025-38377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2025-39747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39747"
    },
    {
      "name": "CVE-2022-40090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
    },
    {
      "name": "CVE-2025-68121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
    },
    {
      "name": "CVE-2023-25434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2025-38516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
    },
    {
      "name": "CVE-2025-38462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
    },
    {
      "name": "CVE-2025-38428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
    },
    {
      "name": "CVE-2018-13410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
    },
    {
      "name": "CVE-2025-39714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
    },
    {
      "name": "CVE-2025-38262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
    },
    {
      "name": "CVE-2025-60876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60876"
    },
    {
      "name": "CVE-2025-38138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
    },
    {
      "name": "CVE-2025-38035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
    },
    {
      "name": "CVE-2025-14819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
    },
    {
      "name": "CVE-2025-37759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37759"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-38414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38414"
    },
    {
      "name": "CVE-2022-35206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35206"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-11065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11065"
    },
    {
      "name": "CVE-2025-37933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37933"
    },
    {
      "name": "CVE-2025-38310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
    },
    {
      "name": "CVE-2015-4786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
    },
    {
      "name": "CVE-2025-37886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37886"
    },
    {
      "name": "CVE-2022-38533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38533"
    },
    {
      "name": "CVE-2025-37963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
    },
    {
      "name": "CVE-2025-40297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40297"
    },
    {
      "name": "CVE-2026-1484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
    },
    {
      "name": "CVE-2022-40304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
    },
    {
      "name": "CVE-2025-38226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
    },
    {
      "name": "CVE-2025-4947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
    },
    {
      "name": "CVE-2025-39706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39706"
    },
    {
      "name": "CVE-2025-40178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40178"
    },
    {
      "name": "CVE-2023-4911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
    },
    {
      "name": "CVE-2025-38443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
    },
    {
      "name": "CVE-2025-38576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38576"
    },
    {
      "name": "CVE-2025-39869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2025-37800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37800"
    },
    {
      "name": "CVE-2025-39985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
    },
    {
      "name": "CVE-2025-61726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
    },
    {
      "name": "CVE-2023-36660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36660"
    },
    {
      "name": "CVE-2025-37900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37900"
    },
    {
      "name": "CVE-2025-7424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
    },
    {
      "name": "CVE-2025-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
    },
    {
      "name": "CVE-2023-25585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25585"
    },
    {
      "name": "CVE-2025-38439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
    },
    {
      "name": "CVE-2025-37805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
    },
    {
      "name": "CVE-2021-22923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
    },
    {
      "name": "CVE-2025-41254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
    },
    {
      "name": "CVE-2025-39719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39719"
    },
    {
      "name": "CVE-2025-37990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
    },
    {
      "name": "CVE-2020-12762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
    },
    {
      "name": "CVE-2025-38553",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38553"
    },
    {
      "name": "CVE-2025-38190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38190"
    },
    {
      "name": "CVE-2025-3198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3198"
    },
    {
      "name": "CVE-2025-38180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
    },
    {
      "name": "CVE-2025-53864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
    },
    {
      "name": "CVE-2025-39738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39738"
    },
    {
      "name": "CVE-2026-2007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2007"
    },
    {
      "name": "CVE-2025-38145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
    },
    {
      "name": "CVE-2023-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2953"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2025-37948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
    },
    {
      "name": "CVE-2021-27645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
    },
    {
      "name": "CVE-2025-38166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38166"
    },
    {
      "name": "CVE-2025-37862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
    },
    {
      "name": "CVE-2025-38321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38321"
    },
    {
      "name": "CVE-2024-28835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
    },
    {
      "name": "CVE-2025-39705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39705"
    },
    {
      "name": "CVE-2025-37960",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37960"
    },
    {
      "name": "CVE-2025-38045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38045"
    },
    {
      "name": "CVE-2025-38051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
    },
    {
      "name": "CVE-2025-59419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
    },
    {
      "name": "CVE-2025-49796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
    },
    {
      "name": "CVE-2022-34526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
    },
    {
      "name": "CVE-2025-8058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
    },
    {
      "name": "CVE-2025-39713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
    },
    {
      "name": "CVE-2025-37763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37763"
    },
    {
      "name": "CVE-2025-11839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11839"
    },
    {
      "name": "CVE-2025-37954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37954"
    },
    {
      "name": "CVE-2024-8244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
    },
    {
      "name": "CVE-2025-22128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
    },
    {
      "name": "CVE-2026-1489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
    },
    {
      "name": "CVE-2025-37839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
    },
    {
      "name": "CVE-2025-39744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39744"
    },
    {
      "name": "CVE-2025-38277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38277"
    },
    {
      "name": "CVE-2025-37913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
    },
    {
      "name": "CVE-2025-39756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39756"
    },
    {
      "name": "CVE-2025-38539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
    },
    {
      "name": "CVE-2026-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
    },
    {
      "name": "CVE-2026-0672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
    },
    {
      "name": "CVE-2025-8732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
    },
    {
      "name": "CVE-2025-38044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
    },
    {
      "name": "CVE-2022-1586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
    },
    {
      "name": "CVE-2025-37786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37786"
    },
    {
      "name": "CVE-2026-0900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0900"
    },
    {
      "name": "CVE-2020-16599",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-16599"
    },
    {
      "name": "CVE-2021-46822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46822"
    },
    {
      "name": "CVE-2022-45703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45703"
    },
    {
      "name": "CVE-2025-38200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
    },
    {
      "name": "CVE-2025-38480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38480"
    },
    {
      "name": "CVE-2025-38346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-37959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37959"
    },
    {
      "name": "CVE-2025-38191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38191"
    },
    {
      "name": "CVE-2025-39946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39946"
    },
    {
      "name": "CVE-2025-38062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38062"
    },
    {
      "name": "CVE-2025-38531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38531"
    },
    {
      "name": "CVE-2025-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
    },
    {
      "name": "CVE-2023-39804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
    },
    {
      "name": "CVE-2025-21919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
    },
    {
      "name": "CVE-2025-39693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
    },
    {
      "name": "CVE-2025-38503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38503"
    },
    {
      "name": "CVE-2025-38630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38630"
    },
    {
      "name": "CVE-2025-38131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38131"
    },
    {
      "name": "CVE-2023-2908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
    },
    {
      "name": "CVE-2023-39615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
    },
    {
      "name": "CVE-2017-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
    },
    {
      "name": "CVE-2022-47673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47673"
    },
    {
      "name": "CVE-2023-31486",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
    },
    {
      "name": "CVE-2025-39980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39980"
    },
    {
      "name": "CVE-2021-20197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20197"
    },
    {
      "name": "CVE-2023-24056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24056"
    },
    {
      "name": "CVE-2026-0902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0902"
    },
    {
      "name": "CVE-2013-0340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
    },
    {
      "name": "CVE-2025-37851",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
    },
    {
      "name": "CVE-2025-38481",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38481"
    },
    {
      "name": "CVE-2025-38585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38585"
    },
    {
      "name": "CVE-2023-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
    },
    {
      "name": "CVE-2024-38816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
    },
    {
      "name": "CVE-2026-22717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22717"
    },
    {
      "name": "CVE-2024-34397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
    },
    {
      "name": "CVE-2025-38320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
    },
    {
      "name": "CVE-2025-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
    },
    {
      "name": "CVE-2025-1151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1151"
    },
    {
      "name": "CVE-2025-38625",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38625"
    },
    {
      "name": "CVE-2025-38164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38164"
    },
    {
      "name": "CVE-2025-8177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
    },
    {
      "name": "CVE-2025-29480",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-29480"
    },
    {
      "name": "CVE-2025-40346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40346"
    },
    {
      "name": "CVE-2025-38264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38264"
    },
    {
      "name": "CVE-2023-1999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1999"
    },
    {
      "name": "CVE-2020-27618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
    },
    {
      "name": "CVE-2025-39676",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39676"
    },
    {
      "name": "CVE-2025-37980",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37980"
    },
    {
      "name": "CVE-2023-0800",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
    },
    {
      "name": "CVE-2025-7546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-7546"
    },
    {
      "name": "CVE-2025-38280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
    },
    {
      "name": "CVE-2023-5388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
    },
    {
      "name": "CVE-2025-1148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1148"
    },
    {
      "name": "CVE-2025-37788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
    },
    {
      "name": "CVE-2025-38427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38427"
    },
    {
      "name": "CVE-2025-38084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
    },
    {
      "name": "CVE-2022-23219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
    },
    {
      "name": "CVE-2015-2640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
    },
    {
      "name": "CVE-2025-37879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
    },
    {
      "name": "CVE-2025-38217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38217"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2025-40030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40030"
    },
    {
      "name": "CVE-2025-40244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40244"
    },
    {
      "name": "CVE-2025-66862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66862"
    },
    {
      "name": "CVE-2025-37881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
    },
    {
      "name": "CVE-2025-39995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
    },
    {
      "name": "CVE-2025-38103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
    },
    {
      "name": "CVE-2025-38514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
    },
    {
      "name": "CVE-2025-39783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
    },
    {
      "name": "CVE-2025-39715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39715"
    },
    {
      "name": "CVE-2025-38569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
    },
    {
      "name": "CVE-2025-38255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38255"
    },
    {
      "name": "CVE-2025-38512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38512"
    },
    {
      "name": "CVE-2023-1579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1579"
    },
    {
      "name": "CVE-2025-68119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
    },
    {
      "name": "CVE-2025-38622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38622"
    },
    {
      "name": "CVE-2021-4217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
    },
    {
      "name": "CVE-2023-32643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
    },
    {
      "name": "CVE-2025-37909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
    },
    {
      "name": "CVE-2025-38700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38700"
    },
    {
      "name": "CVE-2021-43396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43396"
    },
    {
      "name": "CVE-2025-37849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
    },
    {
      "name": "CVE-2025-38162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38162"
    },
    {
      "name": "CVE-2025-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
    },
    {
      "name": "CVE-2025-22873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22873"
    },
    {
      "name": "CVE-2025-38532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38532"
    },
    {
      "name": "CVE-2024-2961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
    },
    {
      "name": "CVE-2025-39712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39712"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2025-37812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
    },
    {
      "name": "CVE-2025-39707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39707"
    },
    {
      "name": "CVE-2021-22945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22945"
    },
    {
      "name": "CVE-2025-37875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
    },
    {
      "name": "CVE-2025-38410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
    },
    {
      "name": "CVE-2025-39907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
    },
    {
      "name": "CVE-2023-42366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-42366"
    },
    {
      "name": "CVE-2025-39781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39781"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2026-25547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
    },
    {
      "name": "CVE-2025-38640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38640"
    },
    {
      "name": "CVE-2023-38197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38197"
    },
    {
      "name": "CVE-2025-38476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
    },
    {
      "name": "CVE-2025-69420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
    },
    {
      "name": "CVE-2025-38659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38659"
    },
    {
      "name": "CVE-2025-64702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64702"
    },
    {
      "name": "CVE-2025-47273",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
    },
    {
      "name": "CVE-2025-40140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40140"
    },
    {
      "name": "CVE-2025-38020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38020"
    },
    {
      "name": "CVE-2025-15224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15224"
    },
    {
      "name": "CVE-2025-40223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40223"
    },
    {
      "name": "CVE-2025-38572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38572"
    },
    {
      "name": "CVE-2025-23140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
    },
    {
      "name": "CVE-2025-23150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
    },
    {
      "name": "CVE-2025-38460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
    },
    {
      "name": "CVE-2025-38182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38182"
    },
    {
      "name": "CVE-2025-38550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38550"
    },
    {
      "name": "CVE-2024-53114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53114"
    },
    {
      "name": "CVE-2025-38275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38275"
    },
    {
      "name": "CVE-2022-48303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
    },
    {
      "name": "CVE-2025-38345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
    },
    {
      "name": "CVE-2024-37371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
    },
    {
      "name": "CVE-2023-38545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
    },
    {
      "name": "CVE-2021-43618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
    },
    {
      "name": "CVE-2026-0989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0989"
    },
    {
      "name": "CVE-2025-38170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38170"
    },
    {
      "name": "CVE-2025-39711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39711"
    },
    {
      "name": "CVE-2025-22115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
    },
    {
      "name": "CVE-2025-22120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22120"
    },
    {
      "name": "CVE-2025-61729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
    },
    {
      "name": "CVE-2025-38535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38535"
    },
    {
      "name": "CVE-2025-38231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
    },
    {
      "name": "CVE-2022-26488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
    },
    {
      "name": "CVE-2025-37854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
    },
    {
      "name": "CVE-2025-11494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11494"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    },
    {
      "name": "CVE-2025-39873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
    },
    {
      "name": "CVE-2018-18384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
    },
    {
      "name": "CVE-2025-38473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38473"
    },
    {
      "name": "CVE-2025-38113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38113"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2025-38714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
    },
    {
      "name": "CVE-2023-32665",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
    },
    {
      "name": "CVE-2025-23148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
    },
    {
      "name": "CVE-2025-38361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38361"
    },
    {
      "name": "CVE-2025-38470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38470"
    },
    {
      "name": "CVE-2023-23916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
    },
    {
      "name": "CVE-2025-38181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
    },
    {
      "name": "CVE-2025-38391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
    },
    {
      "name": "CVE-2025-38248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
    },
    {
      "name": "CVE-2025-66418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
    },
    {
      "name": "CVE-2025-40351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40351"
    },
    {
      "name": "CVE-2022-3570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
    },
    {
      "name": "CVE-2016-9844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
    },
    {
      "name": "CVE-2025-40087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
    },
    {
      "name": "CVE-2025-23147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    },
    {
      "name": "CVE-2025-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
    },
    {
      "name": "CVE-2025-39752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-39752"
    },
    {
      "name": "CVE-2026-25646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25646"
    }
  ],
  "initial_release_date": "2026-02-26T00:00:00",
  "last_revision_date": "2026-02-26T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0218",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-02-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37096",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37096"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37092",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37092"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37102",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37102"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37078",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37078"
    },
    {
      "published_at": "2026-02-26",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37109",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37109"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37087",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37087"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37090",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37090"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37077",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37077"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37098",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37098"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37079",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37079"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37101",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37101"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37104",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37104"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37080",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37080"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37097",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37097"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37083",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37083"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37086",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37086"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37082",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37082"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37100",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37100"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37099",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37099"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37081",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37081"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37089",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37089"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37076",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37076"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37088",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37088"
    },
    {
      "published_at": "2026-02-26",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36986",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36986"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-27",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37103"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37084",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37084"
    },
    {
      "published_at": "2026-02-26",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37110",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37110"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37093",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37093"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37085",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37085"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37095",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37095"
    },
    {
      "published_at": "2026-02-25",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37094",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37094"
    }
  ]
}

CERTFR-2025-AVI-0592

Vulnerability from certfr_avis - Published: 2025-07-16 - Updated: 2025-07-16

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
VMware Telco Cloud Infrastructure Telco Cloud Infrastructure versions 3.x et 2.x sans le correctif ESXi70U3w-24784741
VMware Cloud Foundation Cloud Foundation et vSphere Foundation versions 9.0.0.0 sans le correctif ESXi-9.0.0.0100-24813472
VMware Fusion Fusion versions 13.x antérieures à 13.6.4
VMware Telco Cloud Platform Telco Cloud Platform versions 3.x et 2.x sans le correctif ESXi70U3w-24784741
VMware Cloud Foundation Cloud Foundation versions 5.x sans le correctif ESXi80U3f-24784735
VMware Workstation Worstation versions 17.x antérieures à 17.6.4
VMware VMware Tools VMware Tools versions 13.x.x antérieures à 13.0.1.0 pour Windows
VMware ESXi ESXI versions 7.0 sans le correctif ESXi70U3w-24784741
VMware VMware Tools VMware Tools versions antérieures à 12.5.3 pour Windows
VMware Cloud Foundation Cloud Foundation versions 4.5.x sans le correctif ESXi70U3w-24784741
VMware ESXi ESXI versions 8.0 sans les correctifs ESXi80U3f-24784735 et ESXi80U2e-24789317
References
Bulletin de sécurité VMware 35877 2025-07-15 vendor-advisory

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Telco Cloud Infrastructure versions 3.x et 2.x sans le correctif ESXi70U3w-24784741",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation et vSphere Foundation versions 9.0.0.0 sans le correctif ESXi-9.0.0.0100-24813472",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Fusion versions 13.x ant\u00e9rieures \u00e0 13.6.4",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Platform versions  3.x et 2.x sans le correctif ESXi70U3w-24784741",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 5.x sans le correctif ESXi80U3f-24784735",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Worstation versions 17.x ant\u00e9rieures \u00e0 17.6.4",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tools versions 13.x.x ant\u00e9rieures \u00e0 13.0.1.0 pour Windows",
      "product": {
        "name": "VMware Tools",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXI versions 7.0 sans le correctif ESXi70U3w-24784741",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tools versions ant\u00e9rieures \u00e0 12.5.3 pour Windows",
      "product": {
        "name": "VMware Tools",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 4.5.x sans le correctif ESXi70U3w-24784741",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXI versions 8.0 sans les correctifs ESXi80U3f-24784735 et  ESXi80U2e-24789317",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-41236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41236"
    },
    {
      "name": "CVE-2025-41237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41237"
    },
    {
      "name": "CVE-2025-41238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41238"
    },
    {
      "name": "CVE-2025-41239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41239"
    }
  ],
  "initial_release_date": "2025-07-16T00:00:00",
  "last_revision_date": "2025-07-16T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0592",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-07-15",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35877",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
    }
  ]
}

CERTFR-2025-AVI-0430

Vulnerability from certfr_avis - Published: 2025-05-21 - Updated: 2025-05-21

De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
VMware Telco Cloud Platform Telco Cloud Platform sans le correctif de sécurité 8.0 U3e pour vCenter
VMware Telco Cloud Infrastructure Telco Cloud Infrastructure versions 3.x sans le correctif de sécurité ESXi80U3se-24659227 pour ESXi
VMware ESXi ESXi versions 8.0 sans le correctif de sécurité ESXi80U3se-24659227
VMware Cloud Foundation Cloud Foundation versions 5.x sans le correctif de sécurité ESXi80U3se-24659227 pour ESXi
VMware Telco Cloud Platform Telco Cloud Platform sans le correctif de sécurité ESXi80U3se-24659227 pour ESXi
VMware Telco Cloud Infrastructure Telco Cloud Infrastructure versions 3.x sans le correctif de sécurité 8.0 U3e pour vCenter
VMware Fusion Fusion versions 13.x antérieures à 13.6.3 sur macOS
VMware vCenter Server vCenter Server versions 7.0 sans le correctif de sécurité 7.0 U3v
VMware Cloud Foundation Cloud Foundation versions 4.5.x sans le correctif de sécurité 7.0 U3v pour vCenter
VMware Workstation Workstation versions 17.x antérieures à 17.6.3
VMware Telco Cloud Infrastructure Telco Cloud Infrastructure versions 2.x sans le correctif de sécurité 7.0 U3v pour vCenter
VMware vCenter Server vCenter Server versions 8.0 sans le correctif de sécurité 8.0 U3e
VMware Cloud Foundation Cloud Foundation versions 5.x sans le correctif de sécurité 8.0 U3e pour vCenter
VMware Cloud Foundation Cloud Foundation versions 4.5.x sans le correctif de sécurité ESXi70U3sv-24723868 pour ESXi
VMware Telco Cloud Infrastructure Telco Cloud Infrastructure versions 2.x sans le correctif de sécurité ESXi70U3sv-24723868 pour ESXi
VMware ESXi ESXi versions 7.0 sans le correctif de sécurité ESXi70U3sv-24723868
References
Bulletin de sécurité VMware 25717 2025-05-20 vendor-advisory

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Telco Cloud Platform sans le correctif de s\u00e9curit\u00e9 8.0 U3e pour vCenter",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 3.x sans le correctif de s\u00e9curit\u00e9 ESXi80U3se-24659227 pour ESXi",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions 8.0 sans le correctif de s\u00e9curit\u00e9 ESXi80U3se-24659227",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 5.x sans le correctif de s\u00e9curit\u00e9 ESXi80U3se-24659227 pour ESXi",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Platform sans le correctif de s\u00e9curit\u00e9 ESXi80U3se-24659227 pour ESXi",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 3.x sans le correctif de s\u00e9curit\u00e9 8.0 U3e pour vCenter",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Fusion versions 13.x ant\u00e9rieures \u00e0 13.6.3 sur macOS",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 7.0 sans le correctif de s\u00e9curit\u00e9 7.0 U3v",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 4.5.x sans le correctif de s\u00e9curit\u00e9 7.0 U3v pour vCenter",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Workstation versions 17.x ant\u00e9rieures \u00e0 17.6.3",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 2.x sans le correctif de s\u00e9curit\u00e9 7.0 U3v pour vCenter",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "vCenter Server versions 8.0 sans le correctif de s\u00e9curit\u00e9 8.0 U3e",
      "product": {
        "name": "vCenter Server",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 5.x sans le correctif de s\u00e9curit\u00e9 8.0 U3e pour vCenter",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Foundation versions 4.5.x sans le correctif de s\u00e9curit\u00e9 ESXi70U3sv-24723868 pour ESXi",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Telco Cloud Infrastructure versions 2.x sans le correctif de s\u00e9curit\u00e9 ESXi70U3sv-24723868 pour ESXi",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "ESXi versions 7.0 sans le correctif de s\u00e9curit\u00e9 ESXi70U3sv-24723868",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-41227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41227"
    },
    {
      "name": "CVE-2025-41225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41225"
    },
    {
      "name": "CVE-2025-41228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41228"
    },
    {
      "name": "CVE-2025-41226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41226"
    }
  ],
  "initial_release_date": "2025-05-21T00:00:00",
  "last_revision_date": "2025-05-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0430",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-05-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25717",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
    }
  ]
}

CERTFR-2025-AVI-0177

Vulnerability from certfr_avis - Published: 2025-03-05 - Updated: 2025-03-05

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

VMware indique que les vulnérabilités CVE-2025-222234, CVE-2025-22225 et CVE-2025-22226 sont activement exploitées.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products
Vendor Product Description
VMware Cloud Foundation VMware Cloud Foundation versions 4.5.x sans le correctif de sécurité ESXi70U3s-24585291
VMware Telco Cloud Platform VMware Telco Cloud Platorm sans le correctif de sécurité KB389385
VMware ESXi VMware ESXi versions 7.0 sans le correctif de sécurité ESXi70U3s-24585291
VMware Cloud Foundation VMware Cloud Foundation versions 5.x sans le correctif de sécurité ESXi80U3d-24585383
VMware Fusion VMware Fusion 13.x versions antérieures à 13.6.3
VMware ESXi VMware ESXi versions 8.0 sans le correctif de sécurité ESXi80U2d-24585300 ou ESXi80U3d-24585383
VMware Telco Cloud Infrastructure VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de sécurité KB389385
VMware Workstation VMware Workstation versions 17.x antérieures à 17.6.3
References
Bulletin de sécurité VMware 25466 2025-03-04 vendor-advisory
Bulletin de sécurité VMware 25390 2025-03-04 vendor-advisory

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware Cloud Foundation versions 4.5.x sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Platorm sans le correctif de s\u00e9curit\u00e9 KB389385",
      "product": {
        "name": "Telco Cloud Platform",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 7.0 sans le correctif de s\u00e9curit\u00e9 ESXi70U3s-24585291",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Cloud Foundation versions 5.x sans le correctif de s\u00e9curit\u00e9 ESXi80U3d-24585383",
      "product": {
        "name": "Cloud Foundation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Fusion 13.x versions ant\u00e9rieures \u00e0 13.6.3",
      "product": {
        "name": "Fusion",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESXi versions 8.0  sans le correctif de s\u00e9curit\u00e9 ESXi80U2d-24585300 ou ESXi80U3d-24585383",
      "product": {
        "name": "ESXi",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Telco Cloud Infrastructure versions 2.x et 3.x sans le correctif de s\u00e9curit\u00e9  KB389385",
      "product": {
        "name": "Telco Cloud Infrastructure",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Workstation versions 17.x ant\u00e9rieures \u00e0 17.6.3",
      "product": {
        "name": "Workstation",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-22224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22224"
    },
    {
      "name": "CVE-2024-38814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38814"
    },
    {
      "name": "CVE-2025-22226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22226"
    },
    {
      "name": "CVE-2025-22225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22225"
    }
  ],
  "initial_release_date": "2025-03-05T00:00:00",
  "last_revision_date": "2025-03-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0177",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-03-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.\n\nVMware indique que les vuln\u00e9rabilit\u00e9s CVE-2025-222234, CVE-2025-22225 et  CVE-2025-22226 sont activement exploit\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25466",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25466"
    },
    {
      "published_at": "2025-03-04",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 25390",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
    }
  ]
}