CVE-2017-5753
Description
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
- CVSS Version 3.1
- CVSS Version 2.0
CVE ID: CVE-2017-5753
Base Score: 5.6
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Impact Score: 4.0
Exploitability Score: 1.1
CVE ID: CVE-2017-5753
Base Score: 4.7
Base Severity: MEDIUM
Vector String:AV:L/AC:M/Au:N/C:C/I:N/A:N
Proof Of Concept
Eugnis
Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
Refrence: GitHub
EdwardOwusuAdjei
Spectre (CVE-2017-5753) (CVE-2017-5715). Not By Me. Collected from Book.
Refrence: GitHub
00052
2018年1月2日 (CVE-2017-5753 和 CVE-2017-5715) "幽灵" Spectre 漏洞利用
Refrence: GitHub
pedrolucasoliva
Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)
Refrence: GitHub
ixtal23
The demo of the speculative execution attack Spectre (CVE-2017-5753, CVE-2017-5715).
Refrence: GitHub
albertleecn
OSX 10.13.2, CVE-2017-5753, Spectre, PoC, C, ASM for OSX, MAC, Intel Arch, Proof of Concept, Hopper.App Output
Refrence: GitHub
sachinthaBS
Refrence: GitHub
Content on GitHub
mathse | watchers:16
meltdown-spectre-bios-list
a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Refrence: GitHub
GarnetSunset | watchers:6
CiscoSpectreTakeover
A POC chain exploit using the recent Cisco SMP exploit (CVE-2017-6736) to chain into Spectre (CVE-2017-5753 and CVE-2017-5715)
Refrence: GitHub
speed47 | watchers:3859
spectre-meltdown-checker
Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
Refrence: GitHub
nsacyber | watchers:769
Hardware-and-Firmware-Security-Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Refrence: GitHub
GregAskew | watchers:0
SpeculativeExecutionAssessment
Assesses a system for the "speculative execution" vulnerabilities described in CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Refrence: GitHub
gonoph | watchers:4
ansible-meltdown-spectre
Ansible Playbook to run the Red Hat spectre-meltdown check script
Refrence: GitHub
neuhalje | watchers:10
presentation_meltdown_spectre
Meltdown and spectre explained -- for normal people
Refrence: GitHub
miglen | watchers:2
Awesome-Meltdown-Spectre
A curated list of awesome Meltdown & Spectre repos, guides, pocs, blogs, and other resources. Featuring the Fiery Meter of AWSome.
Refrence: GitHub
Refrence: NVD