VDB
ALPINE-CVE-2018-3639
ALPINE-CVE-2018-3639
PUBLISHED
CVSS 5.5 MEDIUM
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Risk Scores
CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.20 | xen | 4.10.0-r2, 4.10.0-r1, 4.10.0-r0 |
| Alpine:v3.23 | xen | 4.2.0-r4, 4.10.0-r2, 4.10.0-r1 |
| Alpine:v3.8 | xen | 4.2.2-r11, 4.2.2-r11, 4.2.2-r2 |
| Alpine:v3.7 | xen | 4.8.1-r4, 4.9.0-r0, 4.9.0-r1 |
| Alpine:v3.6 | xen | 4.7.0-r2, 0, 4.0.1-r0 |
| Alpine:v3.15 | xen | 0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.14 | xen | 4.2.2-r2, 4.2.2-r11, 4.2.2-r10 |
| Alpine:v3.11 | xen | 4.5.0-r1, 0, 4.0.1-r1 |
| Alpine:v3.13 | xen | 4.2.0-r3, 0, 4.0.1-r0 |
| Alpine:v3.16 | xen | 4.9.1-r3, 4.9.1-r2, 4.9.1-r1 |
| Alpine:v3.10 | xen | 4.6.0-r4, 4.9.0-r8, 0 |
| Alpine:v3.19 | xen | 0, 4.1.2-r10, 4.1.2-r12 |
| Alpine:v3.5 | xen | 4.7.3-r8, 4.7.3-r7, 4.7.3-r6 |
| Alpine:v3.21 | xen | 4.6.1-r0, 4.0.1-r0, 4.0.1-r1 |
| Alpine:v3.9 | xen | 4.0.1-r0, 4.0.1-r1, 4.0.1-r2 |
| Alpine:v3.17 | xen | 4.7.1-r2, 0, 4.0.1-r0 |
| Alpine:v3.18 | xen | 4.0.1-r0, 4.0.1-r1, 4.0.1-r2 |
| Alpine:v3.22 | xen | 4.6.0-r3, 4.9.1-r2, 4.9.1-r1 |
| Alpine:v3.12 | xen | 0, 4.0.1-r1, 4.0.1-r2 |
Timeline
- May 22, 2018 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch