CVE-2018-5407

Published: Nov 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

Vendor	Product	Versions
N/A	Processors supporting Simultaneous Multi-Threading	affected `N/A`

Weaknesses (CWE)

CWE-200

References

RHSA-2019:0483

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20181126-0001/

x_refsource_CONFIRM

USN-3840-1

vendor-advisory

x_refsource_UBUNTU

DSA-4355

vendor-advisory

x_refsource_DEBIAN

https://www.tenable.com/security/tns-2018-17

x_refsource_CONFIRM

https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/

x_refsource_CONFIRM

GLSA-201903-10

vendor-advisory

x_refsource_GENTOO

https://www.tenable.com/security/tns-2018-16

x_refsource_CONFIRM

45785

exploit

x_refsource_EXPLOIT-DB

[debian-lts-announce] 20181121 [SECURITY] [DLA 1586-1] openssl security update

mailing-list

x_refsource_MLIST

https://github.com/bbbrumley/portsmash

x_refsource_MISC

DSA-4348

vendor-advisory

x_refsource_DEBIAN

105897

vdb-entry

x_refsource_BID

https://eprint.iacr.org/2018/1060.pdf

x_refsource_MISC

RHSA-2019:0651

vendor-advisory

x_refsource_REDHAT

RHSA-2019:0652

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

x_refsource_MISC

RHSA-2019:2125

vendor-advisory

x_refsource_REDHAT

https://support.f5.com/csp/article/K49711130?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

RHSA-2019:3929

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3933

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3931

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3935

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3932

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-5407

Description

Affected Products

Weaknesses (CWE)

References