Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-3640

Опубликовано: 22 мая 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.7
CVSS3: 5.6

Описание

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

3.20180807a.0ubuntu0.18.04.1
devel

not-affected

3.20180807a.1
esm-infra-legacy/trusty

released

3.20180807a.0ubuntu0.14.04.1
esm-infra/bionic

released

3.20180807a.0ubuntu0.18.04.1
esm-infra/xenial

released

3.20180807a.0ubuntu0.16.04.1
precise/esm

DNE

trusty

released

3.20180807a.0ubuntu0.14.04.1
trusty/esm

released

3.20180807a.0ubuntu0.14.04.1
upstream

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%
0.00895
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-3640

CVSS3: 2.8
redhat
больше 7 лет назад

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

nvd логотип

CVE-2018-3640

CVSS3: 5.6
nvd
больше 7 лет назад

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

debian логотип

CVE-2018-3640

CVSS3: 5.6
debian
больше 7 лет назад

Systems with microprocessors utilizing speculative execution and that ...

github логотип

GHSA-wm4v-x65g-m25r

CVSS3: 5.6
github
больше 3 лет назад

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

fstec логотип

BDU:2019-01065

CVSS3: 4.3
fstec
больше 7 лет назад

Уязвимость процессоров Intel и ARM, связанная с использованием спекулятивного считывания системных регистров, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 75%
0.00895
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3