VDB
CVE-2018-7803
CVE-2018-7803
PUBLISHED
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf
EPSS 0.67% · 71.7th percentile
Risk Scores
EPSS Score
0.67%
71.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel Corporation | Central Processing Units (CPUs) | A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf |
Exploit Intelligence
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 (github-poc)
- POCs for CVE-2017-13672 (OOB read in VGA Cirrus QEMU driver, causing DoS) (github-poc)
- POCs for CVE-2017-13672 (OOB read in VGA Cirrus QEMU driver, causing DoS) (github-poc)
…and 104 more exploits
Timeline
- May 22, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SESB-2019-214-01-Wind_River_VxWorks_Security_Bulletin_V2.2.pdf&p_Doc_Ref=SESB-2019-214-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-134-07_ConneXium_and_PowerLogic_Gateway_V2.pdf&p_Doc_Ref=SEVD-2019-134-07 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-193-02_MicrosoftRDS-Product_InformationV1.4.pdf&p_Doc_Ref=SEVD-2019-193-02 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-071-03-TriStation_Emulator_V2.pdf&p_Doc_Ref=SEVD-2019-071-03 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-267-01_MicrosoftRDS-DejaBlue-Product_InformationV1.1.pdf&p_Doc_Ref=SEVD-2019-267-01 advisory
- https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-193-01_IntelMDS-Product_InformationV1.3.pdf&p_Doc_Ref=SEVD-2019-193-01 advisory
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt url
- https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf url
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html url
- https://www.synology.com/security/advisory/Synology_SA_19_24 url
- FEDORA-2019-1f5832fc0e vendor-advisory
- openSUSE-SU-2019:1505 vendor-advisory
- RHSA-2019:1455 vendor-advisory
- USN-3977-3 vendor-advisory
- [debian-lts-announce] 20190620 [SECURITY] [DLA 1789-2] intel-microcode security update mailing-list
- 20190624 [SECURITY] [DSA 4447-2] intel-microcode security update mailing-list
- 20190624 [SECURITY] [DSA 4469-1] libvirt security update mailing-list
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190712-01-mds-en url
- openSUSE-SU-2019:1805 vendor-advisory
- openSUSE-SU-2019:1806 vendor-advisory
…and 8 more