CVE-2018-3639
MEDIUMCVSS 5.5/10EPSS 60.63%
Last modified
CVE-2018-3639 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.. EPSS estimates a 60.63% chance of exploitation in the next 30 days.
Description
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Intel | Atom C | c2308 | — |
| Intel | Atom C | c3308 | — |
| Intel | Atom C | c3338 | — |
| Intel | Atom C | c3508 | — |
| Intel | Atom C | c3538 | — |
| Intel | Atom C | c3558 | — |
| Intel | Atom C | c3708 | — |
| Intel | Atom C | c3750 | — |
| Intel | Atom C | c3758 | — |
| Intel | Atom C | c3808 | — |
| Intel | Atom C | c3830 | — |
| Intel | Atom C | c3850 | — |
| Intel | Atom C | c3858 | — |
| Intel | Atom C | c3950 | — |
| Intel | Atom C | c3955 | — |
| Intel | Atom C | c3958 | — |
| Intel | Atom E | e3805 | — |
| Intel | Atom E | e3815 | — |
| Intel | Atom E | e3825 | — |
| Intel | Atom E | e3826 | — |
| Intel | Atom E | e3827 | — |
| Intel | Atom E | e3845 | — |
| Intel | Atom X5-E3930 | All versions | — |
| Intel | Atom X5-E3940 | All versions | — |
| Intel | Atom X7-E3950 | All versions | — |
| Intel | Atom Z | z2420 | — |
| Intel | Atom Z | z2460 | — |
| Intel | Atom Z | z2480 | — |
| Intel | Atom Z | z2520 | — |
| Intel | Atom Z | z2560 | — |
| Intel | Atom Z | z2580 | — |
| Intel | Atom Z | z2760 | — |
| Intel | Atom Z | z3460 | — |
| Intel | Atom Z | z3480 | — |
| Intel | Atom Z | z3530 | — |
| Intel | Atom Z | z3560 | — |
| Intel | Atom Z | z3570 | — |
| Intel | Atom Z | z3580 | — |
| Intel | Atom Z | z3590 | — |
| Intel | Atom Z | z3735d | — |
| Intel | Atom Z | z3735e | — |
| Intel | Atom Z | z3735f | — |
| Intel | Atom Z | z3735g | — |
| Intel | Atom Z | z3736f | — |
| Intel | Atom Z | z3736g | — |
| Intel | Atom Z | z3740 | — |
| Intel | Atom Z | z3740d | — |
| Intel | Atom Z | z3745 | — |
| Intel | Atom Z | z3745d | — |
| Intel | Atom Z | z3770 | — |
Showing 50 of 626 affected configurations. See NVD for the full list.
References
- http://support.lenovo.com/us/en/solutions/LEN-22133Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/1Mailing List, Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/2Mailing List, Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/5Mailing List, Third Party Advisory
- http://www.securityfocus.com/bid/104232Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1040949Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1042004Third Party Advisory, VDB Entry
- http://xenbits.xen.org/xsa/advisory-263.htmlThird Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1629Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1630Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1632Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1633Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1635Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1636Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1637Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1638Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1639Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1640Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1641Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1642Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1643Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1644Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1645Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1646Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1647Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1648Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1649Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1650Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1652Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1653Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1654Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1655Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1656Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1657Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1658Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1659Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1660Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1661Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1662Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1663Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1664Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1665Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1666Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1667Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1668Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1669Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1674Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1675Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1676Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1686Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1688Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1689Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1690Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1696Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1710Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1711Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1737Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1738Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1826Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1854Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1965Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1967Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1997Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2001Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2003Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2006Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2161Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2162Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2164Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2171Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2172Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2216Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2228Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2246Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2250Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2258Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2289Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2309Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2328Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2363Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2364Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2387Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2394Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2396Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2948Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3396Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3397Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3398Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3399Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3400Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3401Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3402Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3407Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3423Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3424Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3425Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1046Third Party Advisory
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1528Exploit, Issue Tracking, Patch, Third Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdfThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdfThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00038.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/09/msg00017.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/04/msg00004.htmlMailing List, Third Party Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/4787Third Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012Patch, Third Party Advisory, Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004Third Party Advisory
- https://seclists.org/bugtraq/2019/Jun/36Issue Tracking, Mailing List, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20180521-0001/Third Party Advisory
- https://support.citrix.com/article/CTX235225Third Party Advisory
- https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.htmlThird Party Advisory
- https://usn.ubuntu.com/3651-1/Third Party Advisory
- https://usn.ubuntu.com/3652-1/Third Party Advisory
- https://usn.ubuntu.com/3653-1/Third Party Advisory
- https://usn.ubuntu.com/3653-2/Third Party Advisory
- https://usn.ubuntu.com/3654-1/Third Party Advisory
- https://usn.ubuntu.com/3654-2/Third Party Advisory
- https://usn.ubuntu.com/3655-1/Third Party Advisory
- https://usn.ubuntu.com/3655-2/Third Party Advisory
- https://usn.ubuntu.com/3679-1/Third Party Advisory
- https://usn.ubuntu.com/3680-1/Third Party Advisory
- https://usn.ubuntu.com/3756-1/Third Party Advisory
- https://usn.ubuntu.com/3777-3/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4210Third Party Advisory
- https://www.debian.org/security/2018/dsa-4273Third Party Advisory
- https://www.exploit-db.com/exploits/44695/Exploit, Third Party Advisory, VDB Entry
- https://www.kb.cert.org/vuls/id/180049Third Party Advisory, US Government Resource
- https://www.oracle.com/security-alerts/cpujul2020.htmlThird Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlThird Party Advisory
- https://www.synology.com/support/security/Synology_SA_18_23Third Party Advisory
- https://www.us-cert.gov/ncas/alerts/TA18-141AThird Party Advisory, US Government Resource
- http://support.lenovo.com/us/en/solutions/LEN-22133Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/1Mailing List, Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/2Mailing List, Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/06/10/5Mailing List, Third Party Advisory
- http://www.securityfocus.com/bid/104232Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1040949Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1042004Third Party Advisory, VDB Entry
- http://xenbits.xen.org/xsa/advisory-263.htmlThird Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1629Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1630Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1632Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1633Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1635Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1636Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1637Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1638Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1639Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1640Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1641Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1642Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1643Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1644Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1645Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1646Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1647Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1648Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1649Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1650Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1651Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1652Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1653Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1654Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1655Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1656Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1657Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1658Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1659Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1660Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1661Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1662Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1663Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1664Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1665Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1666Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1667Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1668Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1669Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1674Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1675Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1676Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1686Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1688Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1689Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1690Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1696Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1710Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1711Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1737Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1738Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1826Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1854Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1965Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1967Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:1997Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2001Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2003Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2006Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2060Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2161Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2162Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2164Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2171Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2172Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2216Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2228Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2246Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2250Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2258Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2289Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2309Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2328Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2363Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2364Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2387Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2394Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2396Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:2948Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3396Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3397Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3398Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3399Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3400Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3401Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3402Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3407Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3423Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3424Third Party Advisory
- https://access.redhat.com/errata/RHSA-2018:3425Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:1046Third Party Advisory
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1528Exploit, Issue Tracking, Patch, Third Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdfThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdfThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/07/msg00038.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/09/msg00017.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2019/04/msg00004.htmlMailing List, Third Party Advisory
- https://nvidia.custhelp.com/app/answers/detail/a_id/4787Third Party Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012Patch, Third Party Advisory, Vendor Advisory
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004Third Party Advisory
- https://seclists.org/bugtraq/2019/Jun/36Issue Tracking, Mailing List, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20180521-0001/Third Party Advisory
- https://support.citrix.com/article/CTX235225Third Party Advisory
- https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.htmlThird Party Advisory
- https://usn.ubuntu.com/3651-1/Third Party Advisory
- https://usn.ubuntu.com/3652-1/Third Party Advisory
- https://usn.ubuntu.com/3653-1/Third Party Advisory
- https://usn.ubuntu.com/3653-2/Third Party Advisory
- https://usn.ubuntu.com/3654-1/Third Party Advisory
- https://usn.ubuntu.com/3654-2/Third Party Advisory
- https://usn.ubuntu.com/3655-1/Third Party Advisory
- https://usn.ubuntu.com/3655-2/Third Party Advisory
- https://usn.ubuntu.com/3679-1/Third Party Advisory
- https://usn.ubuntu.com/3680-1/Third Party Advisory
- https://usn.ubuntu.com/3756-1/Third Party Advisory
- https://usn.ubuntu.com/3777-3/Third Party Advisory
- https://www.debian.org/security/2018/dsa-4210Third Party Advisory
- https://www.debian.org/security/2018/dsa-4273Third Party Advisory
- https://www.exploit-db.com/exploits/44695/Exploit, Third Party Advisory, VDB Entry
- https://www.kb.cert.org/vuls/id/180049Third Party Advisory, US Government Resource
- https://www.oracle.com/security-alerts/cpujul2020.htmlThird Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlThird Party Advisory
- https://www.synology.com/support/security/Synology_SA_18_23Third Party Advisory
- https://www.us-cert.gov/ncas/alerts/TA18-141AThird Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-3639?
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
How severe is CVE-2018-3639?
CVE-2018-3639 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 60.63% probability of exploitation in the next 30 days.
How do I fix CVE-2018-3639?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-3639?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST