National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2018-3639 Detail

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Source:  MITRE
Description Last Modified:  05/22/2018

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://support.lenovo.com/us/en/solutions/LEN-22133
http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
http://www.securityfocus.com/bid/104232
http://www.securitytracker.com/id/1040949
http://xenbits.xen.org/xsa/advisory-263.html
https://access.redhat.com/errata/RHSA-2018:1629
https://access.redhat.com/errata/RHSA-2018:1630
https://access.redhat.com/errata/RHSA-2018:1632
https://access.redhat.com/errata/RHSA-2018:1633
https://access.redhat.com/errata/RHSA-2018:1635
https://access.redhat.com/errata/RHSA-2018:1636
https://access.redhat.com/errata/RHSA-2018:1637
https://access.redhat.com/errata/RHSA-2018:1638
https://access.redhat.com/errata/RHSA-2018:1639
https://access.redhat.com/errata/RHSA-2018:1640
https://access.redhat.com/errata/RHSA-2018:1641
https://access.redhat.com/errata/RHSA-2018:1642
https://access.redhat.com/errata/RHSA-2018:1643
https://access.redhat.com/errata/RHSA-2018:1644
https://access.redhat.com/errata/RHSA-2018:1645
https://access.redhat.com/errata/RHSA-2018:1646
https://access.redhat.com/errata/RHSA-2018:1647
https://access.redhat.com/errata/RHSA-2018:1648
https://access.redhat.com/errata/RHSA-2018:1649
https://access.redhat.com/errata/RHSA-2018:1650
https://access.redhat.com/errata/RHSA-2018:1651
https://access.redhat.com/errata/RHSA-2018:1652
https://access.redhat.com/errata/RHSA-2018:1653
https://access.redhat.com/errata/RHSA-2018:1654
https://access.redhat.com/errata/RHSA-2018:1655
https://access.redhat.com/errata/RHSA-2018:1656
https://access.redhat.com/errata/RHSA-2018:1657
https://access.redhat.com/errata/RHSA-2018:1658
https://access.redhat.com/errata/RHSA-2018:1659
https://access.redhat.com/errata/RHSA-2018:1660
https://access.redhat.com/errata/RHSA-2018:1661
https://access.redhat.com/errata/RHSA-2018:1662
https://access.redhat.com/errata/RHSA-2018:1663
https://access.redhat.com/errata/RHSA-2018:1664
https://access.redhat.com/errata/RHSA-2018:1665
https://access.redhat.com/errata/RHSA-2018:1666
https://access.redhat.com/errata/RHSA-2018:1667
https://access.redhat.com/errata/RHSA-2018:1668
https://access.redhat.com/errata/RHSA-2018:1669
https://access.redhat.com/errata/RHSA-2018:1674
https://access.redhat.com/errata/RHSA-2018:1675
https://access.redhat.com/errata/RHSA-2018:1676
https://access.redhat.com/errata/RHSA-2018:1686
https://access.redhat.com/errata/RHSA-2018:1688
https://access.redhat.com/errata/RHSA-2018:1689
https://access.redhat.com/errata/RHSA-2018:1690
https://access.redhat.com/errata/RHSA-2018:1696
https://access.redhat.com/errata/RHSA-2018:1710
https://access.redhat.com/errata/RHSA-2018:1711
https://access.redhat.com/errata/RHSA-2018:1737
https://access.redhat.com/errata/RHSA-2018:1738
https://access.redhat.com/errata/RHSA-2018:1826
https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
https://security.netapp.com/advisory/ntap-20180521-0001/
https://support.citrix.com/article/CTX235225
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
https://usn.ubuntu.com/3651-1/
https://usn.ubuntu.com/3652-1/
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3654-1/
https://usn.ubuntu.com/3654-2/
https://usn.ubuntu.com/3655-1/
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3679-1/
https://usn.ubuntu.com/3680-1/
https://www.debian.org/security/2018/dsa-4210
https://www.exploit-db.com/exploits/44695/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
https://www.kb.cert.org/vuls/id/180049
https://www.synology.com/support/security/Synology_SA_18_23
https://www.us-cert.gov/ncas/alerts/TA18-141A

Technical Details

Vulnerability Type (View All)

Change History

7 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2018-3639
NVD Published Date:
05/22/2018
NVD Last Modified:
06/13/2018