This microcode update provides the first set of fixes for Speculative Store Bypass (SSBD, Spectre v4, CVE-2018-3639) and Rogue System Register Read (RSRE, Spectre v3a, CVE-2018-3640) for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/i9 models. Included is also an AMD cpu microcode fix for family 15h Processor Revision ID 0x00610f01 missed in the MGASA-2018-0260 update.

OSVersionArchitecturePackageVersionFilename
Mageia6noarchmicrocode< 0.20180703-1microcode-0.20180703-1.mga6.nonfree

OS	Version	Architecture	Package	Version	Filename
Mageia	6	noarch	microcode	< 0.20180703-1	microcode-0.20180703-1.mga6.nonfree

References

bugs.mageia.org/show_bug.cgi?id=23313

nessus 79

suse 4

ibm 9

debian 4

openvas 31

huawei 1

qualysblog 1

osv 4

threatpost 1

mscve 2

cisco 1

intel 1

hp 1

vmware 1

f5 3

ubuntu 1

cloudfoundry 1

lenovo 3

cve 1

cert 1

redhatcve 1

debiancve 2

prion 1

ubuntucve 1

fedora 3

citrix 1

oraclelinux 7

redhat 21

centos 5

mageia 1

virtuozzo 1

photon 1

kaspersky 1

zdt 1

amazon 2

nessus

openSUSE Security Update : ucode-intel (openSUSE-2019-510) (Spectre)

2019-03-27 00:00:00

SUSE SLED12 / SLES12 Security Update : Recommended update for ucode-intel (SUSE-SU-2018:1935-1) (Spectre)

2018-07-13 00:00:00

SUSE SLES11 Security Update : microcode_ctl (SUSE-SU-2018:2076-1) (Spectre)

2018-07-27 00:00:00

suse

Security update for ucode-intel (important)

2018-07-06 21:08:25

Security update to ucode-intel (important)

2018-08-17 12:10:34

Security update for libvirt (moderate)

2018-08-13 12:07:25

ibm

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

2019-01-24 12:55:01

Security Bulletin: This Power Hardware Management Console (HMC) Security Bulletin is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-3639 (Variant 4) and CVE-2018-3640 (Variant 3a).

2021-09-23 01:45:02

Security Bulletin: IBM PureApplication Service is affected by vulnerabilities (CVE-2018-3639, CVE-2018-3640)

2019-05-30 23:55:01

debian

[SECURITY] [DSA 4273-2] intel-microcode security update

2018-09-16 20:43:40

[SECURITY] [DSA 4273-1] intel-microcode security update

2018-08-16 20:43:21

[SECURITY] [DLA 1446-1] intel-microcode security update

2018-07-27 05:08:13

openvas

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2018:1904-1)

2018-07-07 00:00:00

Debian: Security Advisory (DLA-1446-1)

2018-07-26 00:00:00

SUSE: Security Advisory (SUSE-SU-2018:1935-2)

2021-04-19 00:00:00

huawei

Security Advisory - Side-Channel Vulnerability Variants 3a and 4

2018-06-15 00:00:00

qualysblog

All Hands Memo to Owners of Home / Small Office Routers: Reboot Them!

2018-05-30 14:33:42

osv

intel-microcode - security update

2018-09-16 00:00:00

intel-microcode - security update

2018-07-27 00:00:00

intel-microcode - security update

2018-08-16 00:00:00

threatpost

Intel Responds to Spectre-Like Flaw In CPUs

2018-05-22 14:03:08

mscve

Microsoft Guidance for Speculative Store Bypass

2018-05-21 07:00:00

Microsoft Guidance for Rogue System Register Read

2018-05-21 07:00:00

cisco

CPU Side-Channel Information Disclosure Vulnerabilities: May 2018

2018-05-22 01:00:00

intel

Q2 2018 Speculative Execution Side Channel Update

2021-05-11 00:00:00

HPSBHF03584 rev. 8 - Derivative Side-Channel Analysis Method

2018-05-04 00:00:00

vmware

VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

2018-05-21 00:00:00

K58304450 : Multiple Intel Processor vulnerabilities: Spectre-NG

2018-05-30 00:00:00

K51801290 : RSRE Variant 3a vulnerability CVE-2018-3640

2018-07-03 00:00:00

K29146534 : SSB Variant 4 vulnerability CVE-2018-3639

2018-07-10 00:00:00

ubuntu

Intel Microcode vulnerabilities

2018-08-27 00:00:00

cloudfoundry

USN-3756-1: Intel Microcode vulnerabilities | Cloud Foundry

2018-09-11 00:00:00

lenovo

Speculative Execution Side Channel Variants 4 and 3a - US

2018-09-13 11:41:00

Intel Software Guard Extensions (SGX) Vulnerabilities - Lenovo Support US

2018-10-16 12:02:18

Intel Software Guard Extensions (SGX) Vulnerabilities - US

2018-08-22 18:58:00

cve

CVE-2018-3640

2018-05-22 12:29:00

cert

CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

2018-05-21 00:00:00

redhatcve

CVE-2018-3640

2018-05-21 21:19:45

debiancve

CVE-2018-3640

2018-05-22 12:29:00

CVE-2018-3639

2018-05-22 12:29:00

prion

Design/Logic Flaw

2018-05-22 12:29:00

ubuntucve

CVE-2018-3640

2018-05-21 00:00:00

fedora

[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc29

2019-02-11 01:57:50

[SECURITY] Fedora 28 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc28

2019-02-25 01:34:09

[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.212.b04-0.fc29

2019-05-03 03:43:22

citrix

CVE-2018-3639 - Citrix XenServer Security Update

2018-05-22 04:00:00

oraclelinux

libvirt security update

2018-05-22 00:00:00

qemu-kvm security update

2018-05-22 00:00:00

libvirt security and bug fix update

2018-06-27 00:00:00

redhat

(RHSA-2018:2171) Important: kernel security update

2018-07-11 15:14:50

(RHSA-2018:2161) Important: kernel security and bug fix update

2018-07-10 15:28:42

(RHSA-2018:2001) Important: qemu-kvm security update

2018-06-26 14:59:53

centos

qemu security update

2018-07-03 18:54:02

java security update

2018-05-22 15:30:51

java security update

2018-05-22 15:32:03

mageia

Updated libvirt packages fix security vulnerability

2018-05-31 23:34:08

virtuozzo

Important kernel security update: CVE-2018-3639; new kernel 2.6.32-042stab130.1; Virtuozzo 6.0 Update 12 Hotfix 25 (6.0.12-3705)

2018-05-23 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0151

2018-06-22 00:00:00

kaspersky

KLA11893 Microsoft Advisory for Microsoft Products (ESU)

2018-05-21 00:00:00

zdt

AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass Exploit

2018-05-23 00:00:00

amazon

Important: java-1.8.0-openjdk

2018-06-08 18:10:00

Important: java-1.7.0-openjdk

2018-06-08 18:05:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.003 Low

EPSS

Percentile

65.2%

JSON

Related for MGASA-2018-0322