Wind River Support Network

HomeDefectsLIN8-9218
Fixed

LIN8-9218 : Security Advisory - linux - CVE-2018-3639 Speculative Store Bypass

Created: May 21, 2018    Updated: Jan 25, 2019
Resolved Date: Jan 9, 2019
Found In Version: 8.0.0.25
Fix Version: 8.0.0.29
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639

External References:
https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/
https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/
https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works
https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html

CVEs


Live chat
Online