Hany Ragab

**Name of the Vulnerable Software and Affected Versions** Modern CPU architectures supporting speculative execution (affected versions not specified) **Description** A Speculative Race Condition (SRC) vulnerability, known as GhostRace, has been disclosed. This vulnerability impacts modern CPU architectures supporting speculative execution and is related to Spectre V1. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. The attack exploits a technique called speculative execution, which is used to make processors run faster. The vulnerability affects CPUs from major vendors such as Intel, AMD, ARM, and IBM. Researchers have demonstrated the attack by publishing a proof-of-concept exploit that can extract data from the Linux kernel memory with a performance of 12 KB per second. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. However, AMD and Linux have proposed methods to mitigate this threat, focusing on minimizing risks without significantly impacting performance. These recommendations include serializing the speculative execution process, which increases the processor load by only 5%, thus providing protection against speculative attacks with minimal performance degradation. As a temporary workaround, consider disabling speculative execution or restricting access to sensitive data until a patch is available.

Name of the Vulnerable Software and Affected Versions: Intel(R) Processors (affected versions not specified) Intel(R) Brand Verification Tool versions prior to 11.0.0.1225 Description: The issue concerns an observable response discrepancy in floating-point operations for some Intel(R) Processors, which may allow an authorized user to potentially enable information disclosure via local access. Additionally, improper permissions in the installer for the Intel(R) Brand Verification Tool may allow an authenticated user to potentially enable escalation of privilege via local access. Recommendations: For Intel(R) Processors, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Intel(R) Brand Verification Tool versions prior to 11.0.0.1225, update to version 11.0.0.1225 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** All supported CPU products (affected versions not specified) **Description** The issue concerns potential floating point value injection in CPU products, which, when combined with software vulnerabilities related to speculative execution, can lead to the use of incorrect floating point results. This may cause data leakage due to the incorrect use of data from FPVI. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intel(R) Processors (affected versions not specified) Xen (affected versions not specified) **Description** The issue is related to an observable response discrepancy that may allow an authorized user to potentially enable information disclosure via local access. This discrepancy can be exploited to gain access to confidential data. **Recommendations** For Intel(R) Processors, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Xen, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xen (affected versions not specified) CPU products (affected versions not specified) **Description** The issue is related to a potential speculative code store bypass in CPU products, which, in conjunction with software vulnerabilities related to speculative execution of overwritten instructions, may cause incorrect speculation and could result in data leakage. Additionally, there is a vulnerability in the Xen hypervisor related to insufficient access control to ports, which could allow an attacker to access confidential data. **Recommendations** For Xen, restrict access to sensitive ports to minimize the risk of exploitation. For CPU products, consider disabling speculative execution of overwritten instructions as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox ESR versions prior to 78.9 Firefox versions prior to 87 **Description** The issue is related to insufficient neutralization of special elements in a request, which may allow a remote attacker to access confidential data. It is also described as a transient execution vulnerability, specifically Floating Point Value Injection (FPVI), allowing an attacker to leak arbitrary memory addresses and potentially enabling JIT type confusion attacks. **Recommendations** For Firefox ESR versions prior to 78.9, update to version 78.9 or later. For Firefox versions prior to 87, update to version 87 or later.