PRIOn knowledge basePRION:CVE-2018-3620Information disclosure
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.
| CPE | Name | Operator | Version |
|---|---|---|---|
| core_i3 | eq | 4330 | |
| core_i3 | eq | 4330.0.116 | |
| core_i3 | eq | 4330.0.0-te | |
| core_i3 | eq | 4340 | |
| core_i3 | eq | 4340.0.0-te | |
| core_i3 | eq | 4350 | |
| core_i3 | eq | 4350.0.116 | |
| core_i3 | eq | 4360 | |
| core_i3 | eq | 4360.0.116 | |
| core_i3 | eq | 4370 |
References
support.lenovo.com/us/en/solutions/LEN-24163
www.huawei.com/en/psirt/security-advisories/huawei-sa-20180815-01-cpu-en
www.securityfocus.com/bid/105080
www.securitytracker.com/id/1041451
www.vmware.com/security/advisories/VMSA-2018-0021.html
xenbits.xen.org/xsa/advisory-273.html
access.redhat.com/errata/RHSA-2018:2384
access.redhat.com/errata/RHSA-2018:2387
access.redhat.com/errata/RHSA-2018:2388
access.redhat.com/errata/RHSA-2018:2389
access.redhat.com/errata/RHSA-2018:2390
access.redhat.com/errata/RHSA-2018:2391
access.redhat.com/errata/RHSA-2018:2392
access.redhat.com/errata/RHSA-2018:2393
access.redhat.com/errata/RHSA-2018:2394
access.redhat.com/errata/RHSA-2018:2395
access.redhat.com/errata/RHSA-2018:2396
access.redhat.com/errata/RHSA-2018:2402
access.redhat.com/errata/RHSA-2018:2403
access.redhat.com/errata/RHSA-2018:2404
access.redhat.com/errata/RHSA-2018:2602
access.redhat.com/errata/RHSA-2018:2603
cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf
cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
foreshadowattack.eu/
help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
lists.debian.org/debian-lts-announce/2018/08/msg00029.html
lists.debian.org/debian-lts-announce/2018/09/msg00017.html
lists.fedoraproject.org/archives/list/[email protected]/message/V4UWGORQWCENCIF2BHWUEF2ODBV75QS2/
lists.fedoraproject.org/archives/list/[email protected]/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ/
portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180018
psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0009
security.FreeBSD.org/advisories/FreeBSD-SA-18:09.l1tf.asc
security.gentoo.org/glsa/201810-06
security.netapp.com/advisory/ntap-20180815-0001/
software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
support.f5.com/csp/article/K95275140
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03874en_us
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180814-cpusidechannel
usn.ubuntu.com/3740-1/
usn.ubuntu.com/3740-2/
usn.ubuntu.com/3741-1/
usn.ubuntu.com/3741-2/
usn.ubuntu.com/3742-1/
usn.ubuntu.com/3742-2/
usn.ubuntu.com/3823-1/
www.debian.org/security/2018/dsa-4274
www.debian.org/security/2018/dsa-4279
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
www.kb.cert.org/vuls/id/982149
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
www.synology.com/support/security/Synology_SA_18_45
Related
