BDU:2019-01958

Vulnerability from fstec - Published: 06.03.2019
VLAI Severity ?
Title
Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальной информации
Description
Уязвимость порта загрузки MLPDS микропрограммного обеспечения Intel связана с неправильной реализацией сохранения устаревших результатов операций в таблице «порт загрузки». Эксплуатация уязвимости позволяет нарушителю получить доступ к конфиденциальной информации
Severity ?
AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Vendor
Red Hat Inc., Canonical Ltd., ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, Intel Corp., Siemens AG, Fedora Project, Novell Inc., АО "НППКТ"
Software Name
Red Hat Enterprise Linux, Ubuntu, Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, Red Hat Virtualization, Fedora, Red Hat Enterprise MRG, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, OpenSUSE Leap, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU, SIMATIC WinAC RTX 2010 incl. F, SIMATIC IPC647E, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), Linux
Software Version
6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 6.5 Advanced Update Support (Red Hat Enterprise Linux), 6.6 Advanced Update Support (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), 1.5 «Смоленск» (Astra Linux Special Edition), 9 (Debian GNU/Linux), - (Intel Pentium), - (Intel Celeron), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), 4 (Red Hat Virtualization), 29 (Fedora), 2.0 (Red Hat Enterprise MRG), 19.04 (Ubuntu), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), 8 (Red Hat Enterprise Linux), 15.0 (OpenSUSE Leap), 15.1 (OpenSUSE Leap), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), до 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), до 21.01.11 (SIMATIC IPC477E), до 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), до 25.02.04 (SIMATIC IPC847E), до 25.02.04 (SIMATIC IPC677E), до 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU), 10 (Debian GNU/Linux), 7.4 Extended Update Support (Red Hat Enterprise Linux), 7.5 Extended Update Support (Red Hat Enterprise Linux), до SP3 (SIMATIC WinAC RTX 2010 incl. F), 7.2 Advanced Update Support (Red Hat Enterprise Linux), 7.2 Telco Extended Update Support (Red Hat Enterprise Linux), до v25.02.04 (SIMATIC IPC647E), 7.2 Update Services for SAP Solutions (Red Hat Enterprise Linux), 7.3 Advanced Update Support (Red Hat Enterprise Linux), 7.3 Telco Extended Update Support (Red Hat Enterprise Linux), 7.3 Update Services for SAP Solutions (Red Hat Enterprise Linux), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), до 2.5 (ОСОН ОСнова Оnyx), от 4.0 до 4.4.179 включительно (Linux), от 4.5 до 4.9.175 включительно (Linux), от 4.10 до 4.14.118 включительно (Linux), от 4.15 до 4.19.42 включительно (Linux), от 4.20 до 5.0.15 включительно (Linux), от 5.1 до 5.1.1 включительно (Linux)
Possible Mitigations
Использование рекомендаций: Для Linux: https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.119 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.180 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.16 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.2 Для программных продуктов Intel Corp.: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html Обновление BIOS для SIMATIC IPC427E, SIMATIC IPC477E и SIMATIC IPC477E Pro до v21.01.11: https://support.industry.siemens.com/cs/ww/en/view/109742593 Обновление BIOS для SIMATIC IPC627E, SIMATIC IPC647E, SIMATIC IPC677E и SIMATIC IPC847E до v25.02.04: https://support.industry.siemens.com/cs/ww/en/view/XXX Для SINUMERIK Panels with integrated TCU: Следовать рекомендациям SINUMERIK PCU или SINUMERIK TCU Для SIMATIC WinAC RTX (F) 2010 до SIMATIC WinAC RTX 2010 SP3: https://support.industry.siemens.com/cs/ww/en/view/109765109 Для Field PG M6 до V26.01.05: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для Field PG M4 до V18.01.09: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для Field PG M5 до V22.01.07: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SIMATIC IPC427D, SIMATIC IPC477D, SIMOTION P320-4E и SIMOTION P320-4S до V17.0X.16: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SIMATIC IPC627D, SIMATIC IPC677D и SIMATIC IPC827D до V19.02.12: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SIMATIC IPC647D и SIMATIC IPC847D до V19.01.15: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SIMATIC ITP1000 до V23.01.06: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SIMATIC IPC547G до VR1.24.0: https://support.industry.siemens.com/cs/ww/en/view/109763408 Для SINUMERIK Panels with integrated TCU: Следовать рекомендациям SINUMERIK PCU или SINUMERIK TCU Компенсирующие меры: Ограничить возможность запуска ненадежного код применять концепцию "Глубокой защиты" Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2018-12127 Для программных продуктов Novell Inc.: https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html Для Ubuntu: https://usn.ubuntu.com/3977-3/ Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ Для Debian: https://security-tracker.debian.org/tracker/CVE-2018-12127 Для Astra Linux: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 Для Astra Linux: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16 Для ОСОН Основа: Обновление программного обеспечения libvirt до версии 8.1.0-2onyx0 Для ОС ОН «Стрелец»: Обновление программного обеспечения libvirt до версии 3.0.0-4+deb9u5 Обновление программного обеспечения xen до версии 4.8.5.final+shim4.10.4-1+deb9u12
Reference
https://access.redhat.com/security/cve/cve-2018-12127 https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.119 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.180 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.16 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/ https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html https://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html https://nvd.nist.gov/vuln/detail/CVE-2018-12127 https://security-tracker.debian.org/tracker/CVE-2018-12127 https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://support.industry.siemens.com/cs/ww/en/view/109742593 https://support.industry.siemens.com/cs/ww/en/view/XXX https://ubuntu.com/security/notices/USN-3977-1 https://ubuntu.com/security/notices/USN-3977-2 https://ubuntu.com/security/notices/USN-3977-3 https://ubuntu.com/security/notices/USN-3978-1 https://ubuntu.com/security/notices/USN-3979-1 https://ubuntu.com/security/notices/USN-3980-1 https://ubuntu.com/security/notices/USN-3980-2 https://ubuntu.com/security/notices/USN-3981-1 https://ubuntu.com/security/notices/USN-3981-2 https://ubuntu.com/security/notices/USN-3982-1 https://ubuntu.com/security/notices/USN-3982-2 https://ubuntu.com/security/notices/USN-3983-1 https://ubuntu.com/security/notices/USN-3983-2 https://ubuntu.com/security/notices/USN-3984-1 https://ubuntu.com/security/notices/USN-3985-1 https://ubuntu.com/security/notices/USN-3985-2 https://usn.ubuntu.com/3977-3/ https://usn.ubuntu.com/usn/usn-3977-1 https://usn.ubuntu.com/usn/usn-3977-2 https://usn.ubuntu.com/usn/usn-3977-3 https://usn.ubuntu.com/usn/usn-3978-1 https://usn.ubuntu.com/usn/usn-3979-1 https://usn.ubuntu.com/usn/usn-3980-1 https://usn.ubuntu.com/usn/usn-3980-2 https://usn.ubuntu.com/usn/usn-3981-1 https://usn.ubuntu.com/usn/usn-3981-2 https://usn.ubuntu.com/usn/usn-3982-1 https://usn.ubuntu.com/usn/usn-3982-2 https://usn.ubuntu.com/usn/usn-3983-1 https://usn.ubuntu.com/usn/usn-3983-2 https://usn.ubuntu.com/usn/usn-3984-1 https://usn.ubuntu.com/usn/usn-3985-1 https://usn.ubuntu.com/usn/usn-3985-2 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16 https://www.cve.org/CVERecord?id=CVE-2018-12127 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html https://www.vmware.com/security/advisories/VMSA-2019-0008.html https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.5/
CWE
CWE-200, CWE-203, CWE-385
To clipboard 

{
  "CVSS 2.0": "AV:L/AC:M/Au:S/C:C/I:N/A:N",
  "CVSS 3.0": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Intel Corp., Siemens AG, Fedora Project, Novell Inc., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 6.5 Advanced Update Support (Red Hat Enterprise Linux), 6.6 Advanced Update Support (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 9 (Debian GNU/Linux), - (Intel Pentium), - (Intel Celeron), 18.04 LTS (Ubuntu), 18.10 (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), - (SIMATIC IPC427C), - (SIMATIC IPC477C), - (SINUMERIK 840D sl), - (SINUMERIK TCU 30.3), - (SINUMERIK PCU 50.5), 4 (Red Hat Virtualization), 29 (Fedora), 2.0 (Red Hat Enterprise MRG), 19.04 (Ubuntu), - (8th Generation Intel Core), - (8th Generation Intel Core i7), - (5th Generation Intel Core), - (9th Generation Intel Core), - (4th Generation Intel Core), - (3th Generation Intel Core), - (6th Generation Intel Core), - (Legacy Intel Celeron), - (Legacy Intel Core), - (Legacy Intel Pentium), - (Intel Xeon E3), - (Intel Puma), - (Intel Atom C Series), - (Intel Pentium Silver Series), - (Intel Xeon E5 v3), - (Intel Xeon E7 v3), - (Intel Xeon E3 v3), - (Intel Xeon E Series), - (Intel Pentium Gold Series), - (Intel Celeron G Series), - (Intel Pentium J Series), - (Intel Pentium N Series), - (Intel Celeron J Series), - (Intel Celeron N Series), - (Intel Atom A Series), - (Intel Atom E3900 Series), - (Intel Xeon D), - (Intel Core X-series), - (Intel Xeon E5 v4), - (Intel Xeon E7 v4), - (Intel Xeon E3 v4), - (Intel Atom X series), - (Intel Xeon E5 v2), - (Intel Xeon E7 v2), - (Intel Xeon E3 v2), - (Intel Xeon E3 v6), - (Intel Xeon E5), - (Intel Xeon Scalable), - (Intel Xeon E3 v5), - (Intel Celeron W), - (Intel Atom Z series), - (Intel Atom E3800 Series), - (Intel Mobile Communications Platforms), 8 (Red Hat Enterprise Linux), 15.0 (OpenSUSE Leap), 15.1 (OpenSUSE Leap), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), - (SIMATIC Field PG M4), - (SIMATIC Field PG M5), - (SIMATIC Field PG M6), - (SIMATIC IPC377E), - (SIMATIC IPC347E), - (SIMATIC IPC327E), - (SIMATIC IPC427D), \u0434\u043e 21.01.11 (SIMATIC IPC427E), - (SIMATIC IPC477D), \u0434\u043e 21.01.11 (SIMATIC IPC477E), \u0434\u043e 21.01.11 (SIMATIC IPC477E Pro), - (SIMATIC IPC547E), - (SIMATIC IPC547G), - (SIMATIC IPC627C), - (SIMATIC IPC627D), - (SIMATIC IPC647C), - (SIMATIC IPC647D), - (SIMATIC IPC677C), - (SIMATIC IPC677D), - (SIMATIC IPC827C), - (SIMATIC IPC827D), - (SIMATIC IPC847C), - (SIMATIC IPC847D), \u0434\u043e 25.02.04 (SIMATIC IPC847E), \u0434\u043e 25.02.04 (SIMATIC IPC677E), \u0434\u043e 25.02.04 (SIMATIC IPC627E), - (SIMATIC IPC527G), - (SIMATIC IPC127E), - (SIMATIC IPC2X7E), - (SIMATIC IPC3000 SMART V2), - (SIMATIC ITP1000), - (SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP), - (SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP), - (SIMOTION P320-4E), - (SIMOTION P320-4S), - (SINUMERIK Panels with integrated TCU), 10 (Debian GNU/Linux), 7.4 Extended Update Support (Red Hat Enterprise Linux), 7.5 Extended Update Support (Red Hat Enterprise Linux), \u0434\u043e SP3 (SIMATIC WinAC RTX 2010 incl. F), 7.2 Advanced Update Support (Red Hat Enterprise Linux), 7.2 Telco Extended Update Support (Red Hat Enterprise Linux), \u0434\u043e v25.02.04 (SIMATIC IPC647E), 7.2 Update Services for SAP Solutions (Red Hat Enterprise Linux), 7.3 Advanced Update Support (Red Hat Enterprise Linux), 7.3 Telco Extended Update Support (Red Hat Enterprise Linux), 7.3 Update Services for SAP Solutions (Red Hat Enterprise Linux), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), \u0434\u043e 2.5 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u043e\u0442 4.0 \u0434\u043e 4.4.179 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.5 \u0434\u043e 4.9.175 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.118 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.42 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.0.15 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.1 \u0434\u043e 5.1.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.119\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.180\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.16\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.2\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Intel Corp.:\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 BIOS \u0434\u043b\u044f SIMATIC IPC427E, SIMATIC IPC477E \u0438 SIMATIC IPC477E Pro \u0434\u043e v21.01.11:\nhttps://support.industry.siemens.com/cs/ww/en/view/109742593\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 BIOS \u0434\u043b\u044f SIMATIC IPC627E, SIMATIC IPC647E, SIMATIC IPC677E \u0438 SIMATIC IPC847E \u0434\u043e v25.02.04:\nhttps://support.industry.siemens.com/cs/ww/en/view/XXX\n\n\u0414\u043b\u044f SINUMERIK Panels with integrated TCU:\n\u0421\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c SINUMERIK PCU \u0438\u043b\u0438 SINUMERIK TCU\n\n\u0414\u043b\u044f SIMATIC WinAC RTX (F) 2010 \u0434\u043e SIMATIC WinAC RTX 2010 SP3:\nhttps://support.industry.siemens.com/cs/ww/en/view/109765109\n\n\u0414\u043b\u044f Field PG M6 \u0434\u043e V26.01.05:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f Field PG M4 \u0434\u043e V18.01.09:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f Field PG M5 \u0434\u043e V22.01.07:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SIMATIC IPC427D, SIMATIC IPC477D, SIMOTION P320-4E \u0438 SIMOTION P320-4S \u0434\u043e V17.0X.16:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SIMATIC IPC627D, SIMATIC IPC677D \u0438 SIMATIC IPC827D \u0434\u043e V19.02.12:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SIMATIC IPC647D \u0438 SIMATIC IPC847D \u0434\u043e V19.01.15:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SIMATIC ITP1000 \u0434\u043e V23.01.06:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SIMATIC IPC547G \u0434\u043e VR1.24.0:\nhttps://support.industry.siemens.com/cs/ww/en/view/109763408\n\n\u0414\u043b\u044f SINUMERIK Panels with integrated TCU:\n\u0421\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c SINUMERIK PCU \u0438\u043b\u0438 SINUMERIK TCU\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b: \n\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0433\u043e \u043a\u043e\u0434 \n\u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u044e \"\u0413\u043b\u0443\u0431\u043e\u043a\u043e\u0439 \u0437\u0430\u0449\u0438\u0442\u044b\"\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2018-12127\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/3977-3/\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\n\n\u0414\u043b\u044f Debian:\nhttps://security-tracker.debian.org/tracker/CVE-2018-12127\n\n\u0414\u043b\u044f Astra Linux:\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\n\n\u0414\u043b\u044f Astra Linux:\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libvirt \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 8.1.0-2onyx0\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libvirt \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.0.0-4+deb9u5\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f xen \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.8.5.final+shim4.10.4-1+deb9u12",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.03.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "03.12.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.06.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01958",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-12127",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Ubuntu, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Debian GNU/Linux, Intel Pentium, Intel Celeron, SIMATIC IPC427C, SIMATIC IPC477C, SINUMERIK 840D sl, SINUMERIK TCU 30.3, SINUMERIK PCU 50.5, Red Hat Virtualization, Fedora, Red Hat Enterprise MRG, 8th Generation Intel Core, 8th Generation Intel Core i7, 5th Generation Intel Core, 9th Generation Intel Core, 4th Generation Intel Core, 3th Generation Intel Core, 6th Generation Intel Core, Legacy Intel Celeron, Legacy Intel Core, Legacy Intel Pentium, Intel Xeon E3, Intel Puma, Intel Atom C Series, Intel Pentium Silver Series, Intel Xeon E5 v3, Intel Xeon E7 v3, Intel Xeon E3 v3, Intel Xeon E Series, Intel Pentium Gold Series, Intel Celeron G Series, Intel Pentium J Series, Intel Pentium N Series, Intel Celeron J Series, Intel Celeron N Series, Intel Atom A Series, Intel Atom E3900 Series, Intel Xeon D, Intel Core X-series, Intel Xeon E5 v4, Intel Xeon E7 v4, Intel Xeon E3 v4, Intel Atom X series, Intel Xeon E5 v2, Intel Xeon E7 v2, Intel Xeon E3 v2, Intel Xeon E3 v6, Intel Xeon E5, Intel Xeon Scalable, Intel Xeon E3 v5, Intel Celeron W, Intel Atom Z series, Intel Atom E3800 Series, Intel Mobile Communications Platforms, OpenSUSE Leap, SIMATIC Field PG M4, SIMATIC Field PG M5, SIMATIC Field PG M6, SIMATIC IPC377E, SIMATIC IPC347E, SIMATIC IPC327E, SIMATIC IPC427D, SIMATIC IPC427E, SIMATIC IPC477D, SIMATIC IPC477E, SIMATIC IPC477E Pro, SIMATIC IPC547E, SIMATIC IPC547G, SIMATIC IPC627C, SIMATIC IPC627D, SIMATIC IPC647C, SIMATIC IPC647D, SIMATIC IPC677C, SIMATIC IPC677D, SIMATIC IPC827C, SIMATIC IPC827D, SIMATIC IPC847C, SIMATIC IPC847D, SIMATIC IPC847E, SIMATIC IPC677E, SIMATIC IPC627E, SIMATIC IPC527G, SIMATIC IPC127E, SIMATIC IPC2X7E, SIMATIC IPC3000 SMART V2, SIMATIC ITP1000, SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP, SIMOTION P320-4E, SIMOTION P320-4S, SINUMERIK Panels with integrated TCU, SIMATIC WinAC RTX 2010 incl. F, SIMATIC IPC647E, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 6 , Red Hat Inc. Red Hat Enterprise Linux 7 , Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 18.10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Fedora Project Fedora 29 , Canonical Ltd. Ubuntu 19.04 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. OpenSUSE Leap 15.0 , Novell Inc. OpenSUSE Leap 15.1 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , Red Hat Inc. Red Hat Enterprise Linux 7.4 Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.5 Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.2 Advanced Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.2 Telco Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 6.5 Advanced Update Support , Red Hat Inc. Red Hat Enterprise Linux 6.6 Advanced Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions , Red Hat Inc. Red Hat Enterprise Linux 7.3 Advanced Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.3 Telco Extended Update Support , Red Hat Inc. Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions , Red Hat Inc. Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0440\u0442\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 MLPDS \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Intel, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200), \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0440\u0430\u0441\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0439 (CWE-203), \u0421\u043a\u0440\u044b\u0442\u044b\u0439 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043a\u0430\u043d\u0430\u043b (CWE-385)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0440\u0442\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 MLPDS \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Intel \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0432 \u0442\u0430\u0431\u043b\u0438\u0446\u0435 \u00ab\u043f\u043e\u0440\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438\u00bb. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438, \u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2018-12127\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.119\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.43\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.180\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.176\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.16\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.2\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH73SGTJ575OBCPSJFX6LX7KP2KZIEN4/\nhttps://lists.opensuse.org/opensuse-security-announce/2019-06/msg00014.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-07/msg00052.html\nhttps://lists.opensuse.org/opensuse-security-announce/2019-07/msg00053.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-12127\nhttps://security-tracker.debian.org/tracker/CVE-2018-12127\nhttps://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://support.industry.siemens.com/cs/ww/en/view/109742593\nhttps://support.industry.siemens.com/cs/ww/en/view/XXX\nhttps://ubuntu.com/security/notices/USN-3977-1\nhttps://ubuntu.com/security/notices/USN-3977-2\nhttps://ubuntu.com/security/notices/USN-3977-3\nhttps://ubuntu.com/security/notices/USN-3978-1\nhttps://ubuntu.com/security/notices/USN-3979-1\nhttps://ubuntu.com/security/notices/USN-3980-1\nhttps://ubuntu.com/security/notices/USN-3980-2\nhttps://ubuntu.com/security/notices/USN-3981-1\nhttps://ubuntu.com/security/notices/USN-3981-2\nhttps://ubuntu.com/security/notices/USN-3982-1\nhttps://ubuntu.com/security/notices/USN-3982-2\nhttps://ubuntu.com/security/notices/USN-3983-1\nhttps://ubuntu.com/security/notices/USN-3983-2\nhttps://ubuntu.com/security/notices/USN-3984-1\nhttps://ubuntu.com/security/notices/USN-3985-1\nhttps://ubuntu.com/security/notices/USN-3985-2\nhttps://usn.ubuntu.com/3977-3/\nhttps://usn.ubuntu.com/usn/usn-3977-1\nhttps://usn.ubuntu.com/usn/usn-3977-2\nhttps://usn.ubuntu.com/usn/usn-3977-3\nhttps://usn.ubuntu.com/usn/usn-3978-1\nhttps://usn.ubuntu.com/usn/usn-3979-1\nhttps://usn.ubuntu.com/usn/usn-3980-1\nhttps://usn.ubuntu.com/usn/usn-3980-2\nhttps://usn.ubuntu.com/usn/usn-3981-1\nhttps://usn.ubuntu.com/usn/usn-3981-2\nhttps://usn.ubuntu.com/usn/usn-3982-1\nhttps://usn.ubuntu.com/usn/usn-3982-2\nhttps://usn.ubuntu.com/usn/usn-3983-1\nhttps://usn.ubuntu.com/usn/usn-3983-2\nhttps://usn.ubuntu.com/usn/usn-3984-1\nhttps://usn.ubuntu.com/usn/usn-3985-1\nhttps://usn.ubuntu.com/usn/usn-3985-2\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16\nhttps://www.cve.org/CVERecord?id=CVE-2018-12127\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html\nhttps://www.vmware.com/security/advisories/VMSA-2019-0008.html\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.5/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f, \u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200, CWE-203, CWE-385",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,4)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,6)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.