Acknowledged
Created: May 21, 2018
Updated: Aug 28, 2018
Found In Version: 7.0.0.28
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
External References:
https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass-cve-2018-3639/
https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/
https://www.redhat.com/en/blog/speculative-store-bypass-explained-what-it-how-it-works
https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html