[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-3639Date: (C)2018-05-23   (M)2024-03-26


Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score : 4.9
Exploit Score: 1.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
SECTRACK-1040949
SECTRACK-1042004
BID-104232
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
https://seclists.org/bugtraq/2019/Jun/36
EXPLOIT-DB-44695
DSA-4210
DSA-4273
RHSA-2018:1629
RHSA-2018:1630
RHSA-2018:1632
RHSA-2018:1633
RHSA-2018:1635
RHSA-2018:1636
RHSA-2018:1637
RHSA-2018:1638
RHSA-2018:1639
RHSA-2018:1640
RHSA-2018:1641
RHSA-2018:1642
RHSA-2018:1643
RHSA-2018:1644
RHSA-2018:1645
RHSA-2018:1646
RHSA-2018:1647
RHSA-2018:1648
RHSA-2018:1649
RHSA-2018:1650
RHSA-2018:1651
RHSA-2018:1652
RHSA-2018:1653
RHSA-2018:1654
RHSA-2018:1655
RHSA-2018:1656
RHSA-2018:1657
RHSA-2018:1658
RHSA-2018:1659
RHSA-2018:1660
RHSA-2018:1661
RHSA-2018:1662
RHSA-2018:1663
RHSA-2018:1664
RHSA-2018:1665
RHSA-2018:1666
RHSA-2018:1667
RHSA-2018:1668
RHSA-2018:1669
RHSA-2018:1674
RHSA-2018:1675
RHSA-2018:1676
RHSA-2018:1686
RHSA-2018:1688
RHSA-2018:1689
RHSA-2018:1690
RHSA-2018:1696
RHSA-2018:1710
RHSA-2018:1711
RHSA-2018:1737
RHSA-2018:1738
RHSA-2018:1826
RHSA-2018:1854
RHSA-2018:1965
RHSA-2018:1967
RHSA-2018:1997
RHSA-2018:2001
RHSA-2018:2003
RHSA-2018:2006
RHSA-2018:2060
RHSA-2018:2161
RHSA-2018:2162
RHSA-2018:2164
RHSA-2018:2171
RHSA-2018:2172
RHSA-2018:2216
RHSA-2018:2228
RHSA-2018:2246
RHSA-2018:2250
RHSA-2018:2258
RHSA-2018:2289
RHSA-2018:2309
RHSA-2018:2328
RHSA-2018:2363
RHSA-2018:2364
RHSA-2018:2387
RHSA-2018:2394
RHSA-2018:2396
RHSA-2018:2948
RHSA-2018:3396
RHSA-2018:3397
RHSA-2018:3398
RHSA-2018:3399
RHSA-2018:3400
RHSA-2018:3401
RHSA-2018:3402
RHSA-2018:3407
RHSA-2018:3423
RHSA-2018:3424
RHSA-2018:3425
RHSA-2019:0148
RHSA-2019:1046
TA18-141A
USN-3651-1
USN-3652-1
USN-3653-1
USN-3653-2
USN-3654-1
USN-3654-2
USN-3655-1
USN-3655-2
USN-3679-1
USN-3680-1
USN-3756-1
USN-3777-3
VU#180049
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
http://www.openwall.com/lists/oss-security/2020/06/10/5
http://www.openwall.com/lists/oss-security/2020/06/10/1
http://support.lenovo.com/us/en/solutions/LEN-22133
http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
http://xenbits.xen.org/xsa/advisory-263.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
https://nvidia.custhelp.com/app/answers/detail/a_id/4787
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004
https://security.netapp.com/advisory/ntap-20180521-0001/
https://support.citrix.com/article/CTX235225
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.synology.com/support/security/Synology_SA_18_23
openSUSE-SU-2019:1438
openSUSE-SU-2019:1439
openSUSE-SU-2020:1325

CPE    463
cpe:/h:intel:xeon_gold:86138t
cpe:/h:intel:xeon_e7:8850
cpe:/h:intel:xeon_gold:86126t
cpe:/h:intel:xeon_platinum:8168
...
CWE    1
CWE-200
OVAL    188
oval:org.secpod.oval:def:89049280
oval:org.secpod.oval:def:89002178
oval:org.secpod.oval:def:89002296
oval:org.secpod.oval:def:1100524
...

© SecPod Technologies