search menu icon-carat-right cmu-wordmark

CERT Coordination Center


CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

Vulnerability Note VU#180049

Original Release Date: 2018-05-21 | Last Revised: 2018-06-19

Overview

CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4".

Description

Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timing side-channel analysis.

CWE-208: Information Exposure Through Timing Discrepancy

CVE-2018-3639 – Speculative Store Bypass (SSB) – also known as "Variant 4"

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may read an earlier value of the data. Subsequent speculative memory accesses cause allocations into the cache, which may allow a sequence of speculative loads to be used to perform timing side-channel attacks. In particular, if an attacker has control of a previously cached value, or the first store and load instructions are accesses onto the stack, an attacker may be able to control future speculative execution and access arbitrary privileged data by using less privileged code with timing side-channel analysis.

CVE-2018-3640 – Rogue System Register Read (RSRE) – also known as "Variant 3a"

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may return a speculative register value that is then used in subsequent speculative load instructions. These subsequence speculative loads cause allocations into the cache that may allow a sequence of speculative loads to be used to perform timing side-channel attacks. An attacker with local user access may be able to use timing side-channel analysis to determine the values stored in system registers.

For more information and technical details, please see the original Project Zero bug report, Intel's security advisory INTEL-SA-00115, AMD's whitepaper, and ARM's whitepaper.

These vulnerabilities have been noted in the media for their similarity to previously-disclosed vulnerabilities: CVE-2017-5753 (Variant 1, "Spectre"), CVE-2017-5715 (Variant 2, "Spectre"), CVE-2017-5754 (Variant 3, "Meltdown"). See VU#584653 for further information.

Impact

An attacker with local user access may be able to read arbitrary privileged data or system register values by utilizing cache timing side-channel analysis.

Solution

Update system software

Affected users should check with OEM and system software vendors and apply any available updates as soon as possible. Microcode updates and other system updates are expected to be available within the coming weeks. The Vendor Status links below provide further information.

Update your browser

Affected users should update to the latest version of any web browser in use. Most leading browser providers have recently deployed mitigations in their Managed Runtimes – mitigations that substantially increase the difficulty of exploiting side channels in a modern web browser. These techniques would likewise increase the difficulty of exploiting a side channel in a browser based on SSB.

Vendor Information

180049
Expand all

AMD

Notified:  May 04, 2018 Updated:  May 23, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

AMD has released a whitepaper with further details.

Vendor References

https://www.amd.com/en/corporate/security-updates https://developer.amd.com/wp-content/resources/124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf

Addendum

AMD was reported by researchers as having been affected: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ARM Limited

Updated:  June 14, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Apple

Notified:  May 04, 2018 Updated:  June 05, 2018

Statement Date:   June 01, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Apple's statement for more information.

Vendor References

https://support.apple.com//HT208394

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cisco

Notified:  May 21, 2018 Updated:  May 22, 2018

Statement Date:   May 22, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please find more information at Cisco Security Advisory 20180521.

Vendor References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Dell

Notified:  May 21, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Dell EMC's statement.

Vendor References

http://www.dell.com/support/speculative-store-bypass

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Dell EMC

Notified:  May 21, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Dell EMC's statement.

Vendor References

http://www.dell.com/support/speculative-store-bypass

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fortinet, Inc.

Notified:  May 21, 2018 Updated:  May 24, 2018

Statement Date:   May 23, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Fortinet's advisory FG-IR-18-002 for more information.

Vendor References

https://fortiguard.com/psirt/FG-IR-18-002

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HP Inc.

Notified:  May 21, 2018 Updated:  May 24, 2018

Statement Date:   May 24, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

HP has released an advisory with further details.

Vendor References

https://support.hp.com/us-en/document/c06001626

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hitachi

Notified:  May 21, 2018 Updated:  June 05, 2018

Statement Date:   June 02, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see more information at HIRT-PUB18001.

Vendor References

http://www.hitachi.com/hirt/publications/hirt-pub18001/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM, INC.

Notified:  May 21, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see IBM's statement for more details.

Vendor References

https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Intel

Notified:  May 04, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

See Intel security advisory SA-00115 for more details.

Vendor References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Microsoft

Notified:  May 04, 2018 Updated:  May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Microsoft security advisories ADV180012 and ADV180013 for more details. Developers may also consult guidance.

Vendor References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013 https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

QUALCOMM Incorporated

Notified:  May 21, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Red Hat, Inc.

Notified:  May 04, 2018 Updated:  May 22, 2018

Statement Date:   May 22, 2018

Status

  Affected

Vendor Statement

Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/ssbd

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://access.redhat.com/security/vulnerabilities/ssbd

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SUSE Linux

Notified:  May 21, 2018 Updated:  May 22, 2018

Statement Date:   May 22, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see SUSE support document 7022937 for more details.

Vendor References

https://www.suse.com/support/kb/doc/?id=7022937

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Synology

Notified:  May 21, 2018 Updated:  May 22, 2018

Statement Date:   May 22, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Synology security advisory SA-18:23 for more information.

Vendor References

https://www.synology.com/en-global/support/security/Synology_SA_18_23

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ubuntu

Notified:  May 21, 2018 Updated:  May 21, 2018

Statement Date:   May 22, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see the Ubuntu Security Team KnowledgeBase article for more details.

Vendor References

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Variant4

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VMware

Notified:  May 04, 2018 Updated:  May 21, 2018

Statement Date:   May 21, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see VMware Article 54951 for further details.

Vendor References

https://kb.vmware.com/s/article/54951

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Amazon

Notified:  May 04, 2018 Updated:  May 23, 2018

Statement Date:   May 22, 2018

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Please see Amazon's statement for more details

Vendor References

https://aws.amazon.com/security/security-bulletins/AWS-2018-015/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ASP Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Acer

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AirWatch

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Alpine Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Android Open Source Project

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Arch Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Arista Networks, Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AsusTek Computer Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Barnes and Noble

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

BlackBerry

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Blunk Microsystems

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CMX Systems

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CentOS

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Citrix

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Contiki OS

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CoreOS

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cricket Wireless

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Debian GNU/Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Dell SecureWorks

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

DesktopBSD

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

DragonFly BSD Project

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ENEA

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Express Logic

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

F5 Networks, Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fedora Project

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

FreeBSD Project

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fujitsu

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

GIGABYTE

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Geexbox

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Gentoo Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Google

Notified:  May 04, 2018 Updated:  May 04, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HTC

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HardenedBSD

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hewlett Packard Enterprise

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HomeSeer

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Huawei Technologies

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM Corporation (zseries)

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM Global Services

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM eServer

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Illumos

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Joyent

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Juniper Networks

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Kyocera Communications

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

LG Electronics

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lenovo

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Linux Kernel

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lynx Software Technologies

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Micro Focus

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MontaVista Software, Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Mozilla

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NEC Corporation

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NVIDIA

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NetBSD

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nexenta

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nokia

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OmniTI

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenBSD

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenIndiana

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Openwall GNU/*/Linux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Oracle Corporation

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Pantech North America

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

QNX Software Systems Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Rocket RTOS

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Roku

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Samsung Mobile

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Slackware Linux Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SonicWall

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sony Corporation

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

The Open Group

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Tizen

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Toshiba America Information Systems, Inc.

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Trend Micro

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TrueOS

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Turbolinux

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Unisys

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xen

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xiaomi

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xilinx

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Zephyr Project

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

eCosCentric

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

m0n0wall

Notified:  May 21, 2018 Updated:  May 21, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base 4.4 AV:L/AC:M/Au:S/C:C/I:N/A:N
Temporal 3.4 E:POC/RL:OF/RC:C
Environmental 3.4 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

Credit

Intel would like to acknowledge and thank Jann Horn of Google Project Zero (GPZ) and Ken Johnson of the Microsoft Security Response Center (MSRC) for independently reporting CVE-2018-3639. Intel would like to acknowledge and thank Zdenek Sojka, Rudolf Marek and Alex Zuepke from SYSGO AG ( https://sysgo.com ) for reporting CVE-2018-3640. Intel would also like to acknowledge and thank Innokentiy Sennovskiy from BiZone LLC (bi.zone).

This document was written by Garret Wassermann.

Other Information

CVE IDs: CVE-2018-3639, CVE-2018-3640
Date Public: 2018-05-21
Date First Published: 2018-05-21
Date Last Updated: 2018-06-19 15:17 UTC
Document Revision: 95

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.