CVE-2018-3639
published 2018-05-22CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
ITWEXPLOIT
Exploited in the wild
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Affected
435 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_mojave | — | — |
| apple | macos_mojave_10.14.1_security_update_2018-002_high_sierra_security_update_2018-0 | — | — |
| arm | cortex-a | — | — |
| arm | cortex-a | — | — |
| arm | cortex-a | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | intel-microcode | < intel-microcode 3.20180703.1 (bookworm) | intel-microcode 3.20180703.1 (bookworm) |
| debian | linux | < intel-microcode 3.20180703.1 (bookworm) | intel-microcode 3.20180703.1 (bookworm) |
| debian | xen | < intel-microcode 3.20180703.1 (bookworm) | intel-microcode 3.20180703.1 (bookworm) |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
| intel | atom_c | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv8.8HIGH
vulncheck5.5MEDIUM