[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

114411

 
 

909

 
 

88812

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-3639Date: (C)2018-05-23   (M)2018-10-12


Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 4.9
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
SECTRACK-1040949
BID-104232
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
EXPLOIT-DB-44695
DSA-4210
RHSA-2018:1629
RHSA-2018:1630
RHSA-2018:1632
RHSA-2018:1633
RHSA-2018:1635
RHSA-2018:1636
RHSA-2018:1637
RHSA-2018:1638
RHSA-2018:1639
RHSA-2018:1640
RHSA-2018:1641
RHSA-2018:1642
RHSA-2018:1643
RHSA-2018:1644
RHSA-2018:1645
RHSA-2018:1646
RHSA-2018:1647
RHSA-2018:1648
RHSA-2018:1649
RHSA-2018:1650
RHSA-2018:1651
RHSA-2018:1652
RHSA-2018:1653
RHSA-2018:1654
RHSA-2018:1655
RHSA-2018:1656
RHSA-2018:1657
RHSA-2018:1658
RHSA-2018:1659
RHSA-2018:1660
RHSA-2018:1661
RHSA-2018:1662
RHSA-2018:1663
RHSA-2018:1664
RHSA-2018:1665
RHSA-2018:1666
RHSA-2018:1667
RHSA-2018:1668
RHSA-2018:1669
RHSA-2018:1674
RHSA-2018:1675
RHSA-2018:1676
RHSA-2018:1686
RHSA-2018:1688
RHSA-2018:1689
RHSA-2018:1690
RHSA-2018:1696
RHSA-2018:1710
RHSA-2018:1711
RHSA-2018:1737
RHSA-2018:1738
RHSA-2018:1826
RHSA-2018:1854
RHSA-2018:1965
RHSA-2018:1967
RHSA-2018:1997
RHSA-2018:2001
RHSA-2018:2003
RHSA-2018:2006
RHSA-2018:2060
RHSA-2018:2161
RHSA-2018:2162
RHSA-2018:2164
RHSA-2018:2171
RHSA-2018:2172
RHSA-2018:2216
RHSA-2018:2228
RHSA-2018:2246
RHSA-2018:2250
RHSA-2018:2258
TA18-141A
USN-3651-1
USN-3652-1
USN-3653-1
USN-3653-2
USN-3654-1
USN-3654-2
USN-3655-1
USN-3655-2
USN-3679-1
USN-3680-1
VU#180049
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
http://support.lenovo.com/us/en/solutions/LEN-22133
http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
http://xenbits.xen.org/xsa/advisory-263.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://security.netapp.com/advisory/ntap-20180521-0001/
https://support.citrix.com/article/CTX235225
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.synology.com/support/security/Synology_SA_18_23

CPE    419
cpe:/h:intel:xeon_e7:8850
cpe:/h:intel:xeon_platinum:8168
cpe:/h:arm:cortex-a:15
cpe:/h:intel:xeon_e3:1220l_v2
...
CWE    1
CWE-200
OVAL    115
oval:org.secpod.oval:def:1502256
oval:org.secpod.oval:def:502296
oval:org.secpod.oval:def:502297
oval:org.secpod.oval:def:502299
...

© SecPod Technologies