Add CVE-2018-3620 and CVE-2018-3646

2024-12-12 17:44:21 -05:00 · 2018-09-23 17:53:15 +07:00 · 2018-09-23 17:53:15 +07:00 · 4222889cee
commit 4222889cee
parent 6626016ed6
1 changed files with 7 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1469,6 +1469,13 @@ _return-to-libc techniques_
            </ul>
        </td>
    </tr>
+    <tr>
+        <td>CVE-2018-3620, CVE-2018-3646</td>
+        <td>Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis</td>
+        <ul>
+            <li><a href="https://github.com/gregvish/l1tf-poc/">gregvish/l1tf-poc</a></li>
+        </ul>
+    </tr>
    <tr>
        <td>CVE-2018-4878</td>
        <td>A critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.