CVE-2017-5753

Published: Jan 4, 2018

Modified: May 28, 2026

PUBLISHED

Description

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Vendor	Product	Versions
Intel Corporation	Most Modern Operating Systems	affected `All`

References

http://nvidia.custhelp.com/app/answers/detail/a_id/4609

x_refsource_CONFIRM

[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update

mailing-list

x_refsource_MLIST

DSA-4187

vendor-advisory

x_refsource_DEBIAN

USN-3542-2

vendor-advisory

x_refsource_UBUNTU

GLSA-201810-06

vendor-advisory

x_refsource_GENTOO

USN-3540-2

vendor-advisory

x_refsource_UBUNTU

https://access.redhat.com/security/vulnerabilities/speculativeexecution

x_refsource_CONFIRM

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

x_refsource_CONFIRM

USN-3597-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update

mailing-list

x_refsource_MLIST

SUSE-SU-2018:0012

vendor-advisory

x_refsource_SUSE

SUSE-SU-2018:0011

vendor-advisory

x_refsource_SUSE

http://nvidia.custhelp.com/app/answers/detail/a_id/4611

x_refsource_CONFIRM

https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

x_refsource_MISC

https://cert.vde.com/en-us/advisories/vde-2018-002

x_refsource_CONFIRM

USN-3580-1

vendor-advisory

x_refsource_UBUNTU

https://support.f5.com/csp/article/K91229003

x_refsource_CONFIRM

openSUSE-SU-2018:0022

vendor-advisory

x_refsource_SUSE

DSA-4188

vendor-advisory

x_refsource_DEBIAN

RHSA-2018:0292

vendor-advisory

x_refsource_REDHAT

http://xenbits.xen.org/xsa/advisory-254.html

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20180104-0001/

x_refsource_CONFIRM

https://www.synology.com/support/security/Synology_SA_18_01

x_refsource_CONFIRM

http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html

x_refsource_MISC

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt

x_refsource_CONFIRM

[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package

mailing-list

x_refsource_MLIST

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

x_refsource_CONFIRM

VU#584653

third-party-advisory

x_refsource_CERT-VN

VU#180049

third-party-advisory

x_refsource_CERT-VN

https://cert.vde.com/en-us/advisories/vde-2018-003

x_refsource_CONFIRM

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

x_refsource_CONFIRM

https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us

x_refsource_CONFIRM

https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf

x_refsource_CONFIRM

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us

x_refsource_CONFIRM

USN-3549-1

vendor-advisory

x_refsource_UBUNTU

https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/

x_refsource_CONFIRM

https://support.citrix.com/article/CTX231399

x_refsource_CONFIRM

https://spectreattack.com/

x_refsource_MISC

https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/

x_refsource_CONFIRM

https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

x_refsource_CONFIRM

1040071

vdb-entry

x_refsource_SECTRACK

102371

vdb-entry

x_refsource_BID

USN-3597-2

vendor-advisory

x_refsource_UBUNTU

http://nvidia.custhelp.com/app/answers/detail/a_id/4614

x_refsource_CONFIRM

SUSE-SU-2018:0010

vendor-advisory

x_refsource_SUSE

USN-3540-1

vendor-advisory

x_refsource_UBUNTU

20180104 CPU Side-Channel Information Disclosure Vulnerabilities

vendor-advisory

x_refsource_CISCO

USN-3516-1

vendor-advisory

x_refsource_UBUNTU

https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

x_refsource_CONFIRM

43427

exploit

x_refsource_EXPLOIT-DB

USN-3541-1

vendor-advisory

x_refsource_UBUNTU

USN-3541-2

vendor-advisory

x_refsource_UBUNTU

USN-3542-1

vendor-advisory

x_refsource_UBUNTU

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

x_refsource_MISC

https://support.lenovo.com/us/en/solutions/LEN-18282

x_refsource_CONFIRM

openSUSE-SU-2018:0023

vendor-advisory

x_refsource_SUSE

http://nvidia.custhelp.com/app/answers/detail/a_id/4613

x_refsource_CONFIRM

[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update

mailing-list

x_refsource_MLIST

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

20190624 [SECURITY] [DSA 4469-1] libvirt security update

mailing-list

x_refsource_BUGTRAQ

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf

x_refsource_CONFIRM

https://cdrdv2.intel.com/v1/dl/getContent/685359

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-5753

Description

Affected Products

References