Home CVE Database CVE-2018-3646

CVE-2018-3646

Description

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

Priority: MEDIUM
CVSS v3: 5.6
Publish Date: Aug 14, 2018
Related ID: --
CVSS v2: MEDIUM
Modified Date: Aug 14, 2018

Find out more about CVE-2018-3646 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Fixed LIN10-4573
10.17.41.14 --
Wind River Linux 9 Fixed LIN9-7354
9.0.0.18 Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 8 Fixed 8.0.0.30 --
Wind River Linux LTS 18 Not Vulnerable -- -- --
Wind River Linux LTS 19 Not Vulnerable -- -- --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Vulnerable -- -- --
VxWorks 6.9 Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online