VDB
DEBIAN-CVE-2018-3639
DEBIAN-CVE-2018-3639
PUBLISHED
CVSS 5.5 MEDIUM
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 0, 0 |
| Debian:11 | linux | 0, 0, 0 |
| Debian:13 | intel-microcode | 2.20140122.1, 0, 0.20080131-1 |
| Debian:12 | xen | 0, 0, 0 |
| Debian:14 | xen | 0, 0, 0 |
| Debian:13 | linux | 0, 0, 0 |
| Debian:14 | intel-microcode | 2.20140430.1, 1.20120606.6, 1.20130222.6 |
| Debian:11 | intel-microcode | 0, 0.20080131-1, 0.20080220-1 |
| Debian:13 | xen | 0, 0, 0 |
| Debian:12 | linux | 0, 0, 0 |
| Debian:12 | intel-microcode | 0.20080910-1, 0.20080220-1, 0.20080131-1 |
| Debian:11 | xen | 0, 0, 0 |
Exploit Intelligence
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4) (github-poc-repo)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
- malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate (github-poc)
- Tools to exercise the Linux kernel mitigation for CVE-2018-3639 (aka Variant 4) using the Speculative Store Bypass Disable (SSBD) feature of x86 processors (github-poc)
Timeline
- May 22, 2018 CVE Published
- Apr 28, 2026 CVE Updated