CVE-2018-3615
Published: 14 August 2018
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Notes
| Author | Note |
|---|---|
| tyhicks | This issue does not affect the Linux kernel and requires no microcode updates |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Not vulnerable
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Not vulnerable
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Not vulnerable
(4.15.0-1023.24~14.04.1)
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-euclid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-flo Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Ignored
(abandoned)
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Ignored
(end of standard support, was needs-triage)
|
|
|
linux-goldfish Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-grouper Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-lts-wily Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [end of standard support])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Not vulnerable
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-maguro Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-mako Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Ignored
(abandoned)
|
|
|
linux-manta Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
|
|
| xenial |
Not vulnerable
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.4 |
| Attack vector | Local |
| Attack complexity | High |
| Privileges required | Low |
| User interaction | None |
| Scope | Changed |
| Confidentiality | High |
| Integrity impact | Low |
| Availability impact | None |
| Vector | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N |