CVE-2018-3640 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-3640 PUBLISHED

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

EPSS 0.90% · 75.6th percentile

Risk Scores

EPSS Score

0.90%

75.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	intel-microcode	0, 1.20130906.1ubuntu2, 1.20130906.1ubuntu3
Ubuntu:16.04:LTS	intel-microcode	0, 3.20150121.1, 3.20151106.1
Ubuntu:18.04:LTS	intel-microcode	0, 3.20170707.1, 3.20171117.1

Timeline

Jan 4, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Mar 5, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2018-3640 third-party-advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html third-party-advisory
https://ubuntu.com/security/notices/USN-3756-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2018-3640 third-party-advisory
Multiples vulnérabilités de fuite d'informations dans des processeurs advisory

Open in Interactive Console →