Lucene search

K
ubuntucveUbuntu.comUB:CVE-2018-3639
HistoryMay 21, 2018 - 12:00 a.m.

CVE-2018-3639

2018-05-2100:00:00
ubuntu.com
ubuntu.com
29

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

65.2%

Systems with microprocessors utilizing speculative execution and
speculative execution of memory reads before the addresses of all prior
memory writes are known may allow unauthorized disclosure of information to
an attacker with local user access via a side-channel analysis, aka
Speculative Store Bypass (SSB), Variant 4.

Notes

Author Note
tyhicks “Variant 4” The break-fix lines for this CVE are not complete since a large number of patches are required to mitigate this issue. The commit(s) listed are chosen as placeholders for automated CVE triage purposes.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchintel-microcode< 3.20180807a.0ubuntu0.18.04.1UNKNOWN
ubuntu14.04noarchintel-microcode< 3.20180807a.0ubuntu0.14.04.1UNKNOWN
ubuntu16.04noarchintel-microcode< 3.20180807a.0ubuntu0.16.04.1UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-149.199UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-127.153UNKNOWN
ubuntu17.10noarchlinux< 4.13.0-43.48UNKNOWN
ubuntu18.04noarchlinux< 4.15.0-22.24UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1022.22UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1060.69UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1009.9UNKNOWN
Rows per page:
1-10 of 601

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

65.2%