Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2018-3640

Published: 21 May 2018

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

Notes

AuthorNote
tyhicks
V3a - Rogue Register Load
Will be entirely addressed by microcode updates. No kernel changes
are needed.
Priority

Medium

CVSS 3 base score: 5.6

Status

Package Release Status
intel-microcode
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic
Released (3.20180807a.0ubuntu0.18.04.1)
precise Does not exist

trusty
Released (3.20180807a.0ubuntu0.14.04.1)
upstream Needed

xenial
Released (3.20180807a.0ubuntu0.16.04.1)