DEBIAN-CVE-2018-3640

DEBIAN-CVE-2018-3640 PUBLISHED CVSS 5.599999904632568 MEDIUM

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a.

Risk Scores

CVSS v3.0

5.599999904632568

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:12	intel-microcode	0, 0.20080131-1, 0.20080220-1
Debian:14	intel-microcode	3.20140913.1~bpo70+2, 0, 0.20080131-1
Debian:13	intel-microcode	0, 0.20080131-1, 0.20080220-1
Debian:11	intel-microcode	0, 0.20080220-1, 0.20080401-1

Timeline

May 22, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-3640 advisory

Open in Interactive Console →