VDB
ALPINE-CVE-2017-5754
ALPINE-CVE-2017-5754
PUBLISHED
CVSS 5.599999904632568 MEDIUM
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Risk Scores
CVSS 3.0
5.599999904632568
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.14 | intel-ucode | 20180807a-r0, 20170511-r0, 20130222-r0 |
| Alpine:v3.23 | intel-ucode | 20130222-r0, 20180108-r0, 20130222-r0 |
| Alpine:v3.18 | intel-ucode | *, 20180312-r0, * |
| Alpine:v3.21 | intel-ucode | 20130222-r0, 0, 20170511-r0 |
| Alpine:v3.20 | intel-ucode | 0, *, * |
| Alpine:v3.24 | intel-ucode | 0 |
| Alpine:v3.13 | intel-ucode | 0, *, * |
| Alpine:v3.19 | intel-ucode | 0, 20170511-r0, 20180108-r0 |
| Alpine:v3.17 | intel-ucode | 20130222-r0, 20170511-r0, 20180108-r0 |
| Alpine:v3.22 | intel-ucode | 20180807a-r0, 0, 20130222-r0 |
| Alpine:v3.15 | intel-ucode | 20170511-r0, 20180108-r0, 20180807a-r0 |
| Alpine:v3.6 | xen | 4.6.3-r0, 0, 4.0.1-r0 |
| Alpine:v3.5 | xen | 4.1.0-r0, 4.1.0-r1, 4.1.0-r2 |
| Alpine:v3.16 | intel-ucode | 0, *, * |
Exploit Intelligence
- Proof-of-concept / Exploit / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a (github-poc-repo)
- Naive shell script to verify Meltdown (CVE-2017-5754) patch status of EC2 instances (github-poc-repo)
- PoC for Meltdown in linux (CVE-2017-5754) (github-poc-repo)
- This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/407311... (github-poc-repo)
- Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN. (github-poc-repo)
- a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 (github-poc-repo)
- Assesses a system for the "speculative execution" vulnerabilities described in CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 (github-poc-repo)
- SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4) (github-poc-repo)
- Naive shell script to verify Meltdown (CVE-2017-5754) patch status of EC2 instances (github-poc)
- PoC for Meltdown in linux (CVE-2017-5754) (github-poc)
…and 4 more exploits
Timeline
- Jan 4, 2018 CVE Published
- Apr 30, 2026 Distribution Patch
- Jun 15, 2026 CVE Updated