Wind River Support Network

HomeDefectsSCP7-823
Acknowledged

SCP7-823 : Security Advisory - linux - CVE-2018-3639 Speculative Store Bypass

Created: May 21, 2018    Updated: Aug 28, 2018
Found In Version: 7.0.0.28
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel

Description

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639

External References:
https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/
https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/
https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works
https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube