CVE - CVE-2018-3639

CVE-ID
CVE-2018-3639	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:104232 URL:http://www.securityfocus.com/bid/104232 BUGTRAQ:20190624 [SECURITY] [DSA 4469-1] libvirt security update URL:https://seclists.org/bugtraq/2019/Jun/36 CERT:TA18-141A URL:https://www.us-cert.gov/ncas/alerts/TA18-141A CERT-VN:VU#180049 URL:https://www.kb.cert.org/vuls/id/180049 CISCO:20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 URL:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel CONFIRM:http://support.lenovo.com/us/en/solutions/LEN-22133 URL:http://support.lenovo.com/us/en/solutions/LEN-22133 CONFIRM:http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html URL:http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html CONFIRM:http://xenbits.xen.org/xsa/advisory-263.html URL:http://xenbits.xen.org/xsa/advisory-263.html CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf URL:https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf URL:https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf URL:https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf CONFIRM:https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability URL:https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability CONFIRM:https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 URL:https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 CONFIRM:https://nvidia.custhelp.com/app/answers/detail/a_id/4787 URL:https://nvidia.custhelp.com/app/answers/detail/a_id/4787 CONFIRM:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 URL:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 CONFIRM:https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004 URL:https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004 CONFIRM:https://security.netapp.com/advisory/ntap-20180521-0001/ URL:https://security.netapp.com/advisory/ntap-20180521-0001/ CONFIRM:https://support.citrix.com/article/CTX235225 URL:https://support.citrix.com/article/CTX235225 CONFIRM:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us URL:https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us CONFIRM:https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html URL:https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html CONFIRM:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html URL:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html CONFIRM:https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006 URL:https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006 CONFIRM:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html URL:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html CONFIRM:https://www.synology.com/support/security/Synology_SA_18_23 URL:https://www.synology.com/support/security/Synology_SA_18_23 DEBIAN:DSA-4210 URL:https://www.debian.org/security/2018/dsa-4210 DEBIAN:DSA-4273 URL:https://www.debian.org/security/2018/dsa-4273 EXPLOIT-DB:44695 URL:https://www.exploit-db.com/exploits/44695/ MISC:https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 URL:https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 MISC:https://www.oracle.com/security-alerts/cpujul2020.html URL:https://www.oracle.com/security-alerts/cpujul2020.html MLIST:[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package URL:https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html MLIST:[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update URL:https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html MLIST:[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update URL:https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html MLIST:[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update URL:https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html MLIST:[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html MLIST:[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update URL:https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html MLIST:[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 URL:http://www.openwall.com/lists/oss-security/2020/06/10/2 MLIST:[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 URL:http://www.openwall.com/lists/oss-security/2020/06/10/5 MLIST:[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768 URL:http://www.openwall.com/lists/oss-security/2020/06/10/1 REDHAT:RHSA-2018:1629 URL:https://access.redhat.com/errata/RHSA-2018:1629 REDHAT:RHSA-2018:1630 URL:https://access.redhat.com/errata/RHSA-2018:1630 REDHAT:RHSA-2018:1632 URL:https://access.redhat.com/errata/RHSA-2018:1632 REDHAT:RHSA-2018:1633 URL:https://access.redhat.com/errata/RHSA-2018:1633 REDHAT:RHSA-2018:1635 URL:https://access.redhat.com/errata/RHSA-2018:1635 REDHAT:RHSA-2018:1636 URL:https://access.redhat.com/errata/RHSA-2018:1636 REDHAT:RHSA-2018:1637 URL:https://access.redhat.com/errata/RHSA-2018:1637 REDHAT:RHSA-2018:1638 URL:https://access.redhat.com/errata/RHSA-2018:1638 REDHAT:RHSA-2018:1639 URL:https://access.redhat.com/errata/RHSA-2018:1639 REDHAT:RHSA-2018:1640 URL:https://access.redhat.com/errata/RHSA-2018:1640 REDHAT:RHSA-2018:1641 URL:https://access.redhat.com/errata/RHSA-2018:1641 REDHAT:RHSA-2018:1642 URL:https://access.redhat.com/errata/RHSA-2018:1642 REDHAT:RHSA-2018:1643 URL:https://access.redhat.com/errata/RHSA-2018:1643 REDHAT:RHSA-2018:1644 URL:https://access.redhat.com/errata/RHSA-2018:1644 REDHAT:RHSA-2018:1645 URL:https://access.redhat.com/errata/RHSA-2018:1645 REDHAT:RHSA-2018:1646 URL:https://access.redhat.com/errata/RHSA-2018:1646 REDHAT:RHSA-2018:1647 URL:https://access.redhat.com/errata/RHSA-2018:1647 REDHAT:RHSA-2018:1648 URL:https://access.redhat.com/errata/RHSA-2018:1648 REDHAT:RHSA-2018:1649 URL:https://access.redhat.com/errata/RHSA-2018:1649 REDHAT:RHSA-2018:1650 URL:https://access.redhat.com/errata/RHSA-2018:1650 REDHAT:RHSA-2018:1651 URL:https://access.redhat.com/errata/RHSA-2018:1651 REDHAT:RHSA-2018:1652 URL:https://access.redhat.com/errata/RHSA-2018:1652 REDHAT:RHSA-2018:1653 URL:https://access.redhat.com/errata/RHSA-2018:1653 REDHAT:RHSA-2018:1654 URL:https://access.redhat.com/errata/RHSA-2018:1654 REDHAT:RHSA-2018:1655 URL:https://access.redhat.com/errata/RHSA-2018:1655 REDHAT:RHSA-2018:1656 URL:https://access.redhat.com/errata/RHSA-2018:1656 REDHAT:RHSA-2018:1657 URL:https://access.redhat.com/errata/RHSA-2018:1657 REDHAT:RHSA-2018:1658 URL:https://access.redhat.com/errata/RHSA-2018:1658 REDHAT:RHSA-2018:1659 URL:https://access.redhat.com/errata/RHSA-2018:1659 REDHAT:RHSA-2018:1660 URL:https://access.redhat.com/errata/RHSA-2018:1660 REDHAT:RHSA-2018:1661 URL:https://access.redhat.com/errata/RHSA-2018:1661 REDHAT:RHSA-2018:1662 URL:https://access.redhat.com/errata/RHSA-2018:1662 REDHAT:RHSA-2018:1663 URL:https://access.redhat.com/errata/RHSA-2018:1663 REDHAT:RHSA-2018:1664 URL:https://access.redhat.com/errata/RHSA-2018:1664 REDHAT:RHSA-2018:1665 URL:https://access.redhat.com/errata/RHSA-2018:1665 REDHAT:RHSA-2018:1666 URL:https://access.redhat.com/errata/RHSA-2018:1666 REDHAT:RHSA-2018:1667 URL:https://access.redhat.com/errata/RHSA-2018:1667 REDHAT:RHSA-2018:1668 URL:https://access.redhat.com/errata/RHSA-2018:1668 REDHAT:RHSA-2018:1669 URL:https://access.redhat.com/errata/RHSA-2018:1669 REDHAT:RHSA-2018:1674 URL:https://access.redhat.com/errata/RHSA-2018:1674 REDHAT:RHSA-2018:1675 URL:https://access.redhat.com/errata/RHSA-2018:1675 REDHAT:RHSA-2018:1676 URL:https://access.redhat.com/errata/RHSA-2018:1676 REDHAT:RHSA-2018:1686 URL:https://access.redhat.com/errata/RHSA-2018:1686 REDHAT:RHSA-2018:1688 URL:https://access.redhat.com/errata/RHSA-2018:1688 REDHAT:RHSA-2018:1689 URL:https://access.redhat.com/errata/RHSA-2018:1689 REDHAT:RHSA-2018:1690 URL:https://access.redhat.com/errata/RHSA-2018:1690 REDHAT:RHSA-2018:1696 URL:https://access.redhat.com/errata/RHSA-2018:1696 REDHAT:RHSA-2018:1710 URL:https://access.redhat.com/errata/RHSA-2018:1710 REDHAT:RHSA-2018:1711 URL:https://access.redhat.com/errata/RHSA-2018:1711 REDHAT:RHSA-2018:1737 URL:https://access.redhat.com/errata/RHSA-2018:1737 REDHAT:RHSA-2018:1738 URL:https://access.redhat.com/errata/RHSA-2018:1738 REDHAT:RHSA-2018:1826 URL:https://access.redhat.com/errata/RHSA-2018:1826 REDHAT:RHSA-2018:1854 URL:https://access.redhat.com/errata/RHSA-2018:1854 REDHAT:RHSA-2018:1965 URL:https://access.redhat.com/errata/RHSA-2018:1965 REDHAT:RHSA-2018:1967 URL:https://access.redhat.com/errata/RHSA-2018:1967 REDHAT:RHSA-2018:1997 URL:https://access.redhat.com/errata/RHSA-2018:1997 REDHAT:RHSA-2018:2001 URL:https://access.redhat.com/errata/RHSA-2018:2001 REDHAT:RHSA-2018:2003 URL:https://access.redhat.com/errata/RHSA-2018:2003 REDHAT:RHSA-2018:2006 URL:https://access.redhat.com/errata/RHSA-2018:2006 REDHAT:RHSA-2018:2060 URL:https://access.redhat.com/errata/RHSA-2018:2060 REDHAT:RHSA-2018:2161 URL:https://access.redhat.com/errata/RHSA-2018:2161 REDHAT:RHSA-2018:2162 URL:https://access.redhat.com/errata/RHSA-2018:2162 REDHAT:RHSA-2018:2164 URL:https://access.redhat.com/errata/RHSA-2018:2164 REDHAT:RHSA-2018:2171 URL:https://access.redhat.com/errata/RHSA-2018:2171 REDHAT:RHSA-2018:2172 URL:https://access.redhat.com/errata/RHSA-2018:2172 REDHAT:RHSA-2018:2216 URL:https://access.redhat.com/errata/RHSA-2018:2216 REDHAT:RHSA-2018:2228 URL:https://access.redhat.com/errata/RHSA-2018:2228 REDHAT:RHSA-2018:2246 URL:https://access.redhat.com/errata/RHSA-2018:2246 REDHAT:RHSA-2018:2250 URL:https://access.redhat.com/errata/RHSA-2018:2250 REDHAT:RHSA-2018:2258 URL:https://access.redhat.com/errata/RHSA-2018:2258 REDHAT:RHSA-2018:2289 URL:https://access.redhat.com/errata/RHSA-2018:2289 REDHAT:RHSA-2018:2309 URL:https://access.redhat.com/errata/RHSA-2018:2309 REDHAT:RHSA-2018:2328 URL:https://access.redhat.com/errata/RHSA-2018:2328 REDHAT:RHSA-2018:2363 URL:https://access.redhat.com/errata/RHSA-2018:2363 REDHAT:RHSA-2018:2364 URL:https://access.redhat.com/errata/RHSA-2018:2364 REDHAT:RHSA-2018:2387 URL:https://access.redhat.com/errata/RHSA-2018:2387 REDHAT:RHSA-2018:2394 URL:https://access.redhat.com/errata/RHSA-2018:2394 REDHAT:RHSA-2018:2396 URL:https://access.redhat.com/errata/RHSA-2018:2396 REDHAT:RHSA-2018:2948 URL:https://access.redhat.com/errata/RHSA-2018:2948 REDHAT:RHSA-2018:3396 URL:https://access.redhat.com/errata/RHSA-2018:3396 REDHAT:RHSA-2018:3397 URL:https://access.redhat.com/errata/RHSA-2018:3397 REDHAT:RHSA-2018:3398 URL:https://access.redhat.com/errata/RHSA-2018:3398 REDHAT:RHSA-2018:3399 URL:https://access.redhat.com/errata/RHSA-2018:3399 REDHAT:RHSA-2018:3400 URL:https://access.redhat.com/errata/RHSA-2018:3400 REDHAT:RHSA-2018:3401 URL:https://access.redhat.com/errata/RHSA-2018:3401 REDHAT:RHSA-2018:3402 URL:https://access.redhat.com/errata/RHSA-2018:3402 REDHAT:RHSA-2018:3407 URL:https://access.redhat.com/errata/RHSA-2018:3407 REDHAT:RHSA-2018:3423 URL:https://access.redhat.com/errata/RHSA-2018:3423 REDHAT:RHSA-2018:3424 URL:https://access.redhat.com/errata/RHSA-2018:3424 REDHAT:RHSA-2018:3425 URL:https://access.redhat.com/errata/RHSA-2018:3425 REDHAT:RHSA-2019:0148 URL:https://access.redhat.com/errata/RHSA-2019:0148 REDHAT:RHSA-2019:1046 URL:https://access.redhat.com/errata/RHSA-2019:1046 SECTRACK:1040949 URL:http://www.securitytracker.com/id/1040949 SECTRACK:1042004 URL:http://www.securitytracker.com/id/1042004 SUSE:openSUSE-SU-2019:1438 URL:http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html SUSE:openSUSE-SU-2019:1439 URL:http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html SUSE:openSUSE-SU-2020:1325 URL:http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html UBUNTU:USN-3651-1 URL:https://usn.ubuntu.com/3651-1/ UBUNTU:USN-3652-1 URL:https://usn.ubuntu.com/3652-1/ UBUNTU:USN-3653-1 URL:https://usn.ubuntu.com/3653-1/ UBUNTU:USN-3653-2 URL:https://usn.ubuntu.com/3653-2/ UBUNTU:USN-3654-1 URL:https://usn.ubuntu.com/3654-1/ UBUNTU:USN-3654-2 URL:https://usn.ubuntu.com/3654-2/ UBUNTU:USN-3655-1 URL:https://usn.ubuntu.com/3655-1/ UBUNTU:USN-3655-2 URL:https://usn.ubuntu.com/3655-2/ UBUNTU:USN-3679-1 URL:https://usn.ubuntu.com/3679-1/ UBUNTU:USN-3680-1 URL:https://usn.ubuntu.com/3680-1/ UBUNTU:USN-3756-1 URL:https://usn.ubuntu.com/3756-1/ UBUNTU:USN-3777-3 URL:https://usn.ubuntu.com/3777-3/
Assigning CNA
Intel Corporation
Date Record Created
20171228	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20171228)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)