This security bulletin contains one low risk vulnerability.
CWE-200 - Information Exposure
Exploit availability: YesDescription
The vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to improper implementation of the speculative execution of instructions. A local attacker can utilize branch target injection, execute arbitrary code, perform a side-channel attack and read sensitive memory information.Mitigation
Update the affected packages.
SUSE Linux: 12
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?