CVE-2018-3639

Published: May 22, 2018

Modified: May 29, 2026

PUBLISHED

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Vendor	Product	Versions
Intel Corporation	Multiple	affected `Multiple`

References

RHSA-2018:1689

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2162

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1641

vendor-advisory

x_refsource_REDHAT

USN-3680-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1997

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1665

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3407

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2164

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2001

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3423

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2003

vendor-advisory

x_refsource_REDHAT

USN-3654-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1645

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1643

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1652

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3424

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3402

vendor-advisory

x_refsource_REDHAT

TA18-141A

third-party-advisory

x_refsource_CERT

RHSA-2018:1656

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1664

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2258

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1688

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1658

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1657

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2289

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1666

vendor-advisory

x_refsource_REDHAT

1042004

vdb-entry

x_refsource_SECTRACK

RHSA-2018:1675

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1660

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1965

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1661

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1633

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1636

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1854

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2006

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2250

vendor-advisory

x_refsource_REDHAT

1040949

vdb-entry

x_refsource_SECTRACK

RHSA-2018:3401

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1737

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1826

vendor-advisory

x_refsource_REDHAT

USN-3651-1

vendor-advisory

x_refsource_UBUNTU

DSA-4210

vendor-advisory

x_refsource_DEBIAN

44695

exploit

x_refsource_EXPLOIT-DB

RHSA-2018:1651

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1638

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1696

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2246

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1644

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1646

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package

mailing-list

x_refsource_MLIST

RHSA-2018:1639

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1668

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1637

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2948

vendor-advisory

x_refsource_REDHAT

VU#180049

third-party-advisory

x_refsource_CERT-VN

RHSA-2018:1686

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2172

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1663

vendor-advisory

x_refsource_REDHAT

USN-3652-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1629

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1655

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1640

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1669

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1676

vendor-advisory

x_refsource_REDHAT

20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018

vendor-advisory

x_refsource_CISCO

RHSA-2018:3425

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2363

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1632

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1650

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2396

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2364

vendor-advisory

x_refsource_REDHAT

USN-3653-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:2216

vendor-advisory

x_refsource_REDHAT

USN-3655-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1649

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2309

vendor-advisory

x_refsource_REDHAT

104232

vdb-entry

x_refsource_BID

RHSA-2018:1653

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2171

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1635

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20180916 [SECURITY] [DLA 1506-1] intel-microcode security update

mailing-list

x_refsource_MLIST

RHSA-2018:2394

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1710

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1659

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1711

vendor-advisory

x_refsource_REDHAT

DSA-4273

vendor-advisory

x_refsource_DEBIAN

RHSA-2018:1738

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1674

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3396

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1667

vendor-advisory

x_refsource_REDHAT

USN-3654-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1662

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1630

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1647

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1967

vendor-advisory

x_refsource_REDHAT

USN-3655-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:3399

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2060

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1690

vendor-advisory

x_refsource_REDHAT

USN-3653-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:2161

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20180727 [SECURITY] [DLA 1446-1] intel-microcode security update

mailing-list

x_refsource_MLIST

RHSA-2018:2328

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1648

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2387

vendor-advisory

x_refsource_REDHAT

RHSA-2019:0148

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1654

vendor-advisory

x_refsource_REDHAT

USN-3679-1

vendor-advisory

x_refsource_UBUNTU

USN-3777-3

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1642

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3397

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

USN-3756-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:3398

vendor-advisory

x_refsource_REDHAT

RHSA-2018:3400

vendor-advisory

x_refsource_REDHAT

RHSA-2018:2228

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update

mailing-list

x_refsource_MLIST

RHSA-2019:1046

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2019:1439

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1438

vendor-advisory

x_refsource_SUSE

20190624 [SECURITY] [DSA 4469-1] libvirt security update

mailing-list

x_refsource_BUGTRAQ

[oss-security] 20200610 kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768

mailing-list

x_refsource_MLIST

[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768

mailing-list

x_refsource_MLIST

[oss-security] 20200610 Re: kernel: Multiple SSBD related flaws CVE-2020-10766 , CVE-2020-10767, CVE-2020-10768

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

x_refsource_CONFIRM

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf

x_refsource_CONFIRM

http://support.lenovo.com/us/en/solutions/LEN-22133

x_refsource_CONFIRM

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004

x_refsource_CONFIRM

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012

x_refsource_CONFIRM

https://support.citrix.com/article/CTX235225

x_refsource_CONFIRM

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

x_refsource_CONFIRM

https://www.synology.com/support/security/Synology_SA_18_23

x_refsource_CONFIRM

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

x_refsource_CONFIRM

http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html

x_refsource_CONFIRM

http://xenbits.xen.org/xsa/advisory-263.html

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf

x_refsource_CONFIRM

https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006

x_refsource_CONFIRM

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us

x_refsource_CONFIRM

https://bugs.chromium.org/p/project-zero/issues/detail?id=1528

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20180521-0001/

x_refsource_CONFIRM

https://nvidia.custhelp.com/app/answers/detail/a_id/4787

x_refsource_CONFIRM

https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html

x_refsource_CONFIRM

openSUSE-SU-2020:1325

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-3639

Description

Affected Products

References