Vulnerability Note VU#180049
CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4".
Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timing side-channel analysis.
CWE-208: Information Exposure Through Timing Discrepancy
An attacker with local user access may be able to read arbitrary privileged data or system register values by utilizing cache timing side-channel analysis.
Update system software
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|AMD||Affected||04 May 2018||23 May 2018|
|Apple||Affected||04 May 2018||05 Jun 2018|
|ARM Limited||Affected||-||14 Jun 2018|
|Cisco||Affected||21 May 2018||22 May 2018|
|Dell||Affected||21 May 2018||21 May 2018|
|Dell EMC||Affected||21 May 2018||21 May 2018|
|Fortinet, Inc.||Affected||21 May 2018||24 May 2018|
|Hitachi||Affected||21 May 2018||05 Jun 2018|
|HP Inc.||Affected||21 May 2018||24 May 2018|
|IBM, INC.||Affected||21 May 2018||21 May 2018|
|Intel||Affected||04 May 2018||21 May 2018|
|Microsoft||Affected||04 May 2018||21 May 2018|
|QUALCOMM Incorporated||Affected||21 May 2018||21 May 2018|
|Red Hat, Inc.||Affected||04 May 2018||22 May 2018|
|SUSE Linux||Affected||21 May 2018||22 May 2018|
CVSS Metrics (Learn More)
Intel would like to acknowledge and thank Jann Horn of Google Project Zero (GPZ) and Ken Johnson of the Microsoft Security Response Center (MSRC) for independently reporting CVE-2018-3639.
Intel would like to acknowledge and thank Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG (https://sysgo.com) for reporting CVE-2018-3640. Intel would also like to acknowledge and thank Innokentiy Sennovskiy from BiZone LLC (bi.zone).
This document was written by Garret Wassermann.
- CVE IDs: CVE-2018-3639 CVE-2018-3640
- US-CERT Alert: TA18-141A
- Date Public: 21 May 2018
- Date First Published: 21 May 2018
- Date Last Updated: 19 Jun 2018
- Document Revision: 95
If you have feedback, comments, or additional information about this vulnerability, please send us email.