Wind River Support Network

HomeDefectsLIN10-3957
Fixed

LIN10-3957 : Security Advisory - linux - CVE-2018-3639 Speculative Store Bypass

Created: May 22, 2018    Updated: Dec 16, 2018
Resolved Date: Dec 9, 2018
Found In Version: 10.17.41.7
Fix Version: 10.17.41.13
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Kernel

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639

External References:
https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/
https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/
https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works
https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

CVEs


Live chat
Online