Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
14 Apr 2021, 14:52
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-203 | |
| CVSS |
v2 : v3 : |
v2 : 1.9
v3 : 5.6 |
| References | (UBUNTU) https://usn.ubuntu.com/3690-1/Â - Third Party Advisory | |
| References | (CONFIRM) https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html - Third Party Advisory | |
| References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html - Broken Link | |
| References | (UBUNTU) https://usn.ubuntu.com/3581-2/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3777-3/Â - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html - Broken Link | |
| References | (MISC) http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html - Exploit, Third Party Advisory, VDB Entry | |
| References | (EXPLOIT-DB) https://www.exploit-db.com/exploits/43427/Â - Exploit, Third Party Advisory, VDB Entry | |
| References | (CONFIRM) https://security.paloaltonetworks.com/CVE-2017-5715Â - Third Party Advisory | |
| References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Nov/16Â - Issue Tracking, Mailing List, Third Party Advisory | |
| References | (BID) http://www.securityfocus.com/bid/102376Â - Third Party Advisory, VDB Entry | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html - Mailing List, Third Party Advisory | |
| References | (CONFIRM) https://cert.vde.com/en-us/advisories/vde-2018-002Â - Third Party Advisory | |
| References | (FREEBSD) https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc - Third Party Advisory | |
| References | (CONFIRM) https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html - Third Party Advisory | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html - Mailing List, Third Party Advisory | |
| References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Jun/36Â - Issue Tracking, Mailing List, Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3620-2/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3531-3/Â - Third Party Advisory | |
| References | (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt - Third Party Advisory | |
| References | (REDHAT) https://access.redhat.com/errata/RHSA-2018:0292Â - Third Party Advisory | |
| References | (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4614Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3531-1/Â - Third Party Advisory | |
| References | (DEBIAN) https://www.debian.org/security/2018/dsa-4120Â - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html - Broken Link | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html - Mailing List, Third Party Advisory | |
| References | (CONFIRM) https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002Â - Patch, Third Party Advisory, Vendor Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3581-1/Â - Third Party Advisory | |
| References | (CONFIRM) https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes - Third Party Advisory | |
| References | (GENTOO) https://security.gentoo.org/glsa/201810-06Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3560-1/Â - Third Party Advisory | |
| References | (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4611Â - Third Party Advisory | |
| References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3540-2/Â - Third Party Advisory | |
| References | (CONFIRM) https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001Â - Third Party Advisory | |
| References | (DEBIAN) https://www.debian.org/security/2018/dsa-4213Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3549-1/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3597-2/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3561-1/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3582-1/Â - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html - Broken Link | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html - Broken Link | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html - Mailing List, Third Party Advisory | |
| References | (DEBIAN) https://www.debian.org/security/2018/dsa-4187Â - Third Party Advisory | |
| References | (CONFIRM) https://security.netapp.com/advisory/ntap-20180104-0001/Â - Third Party Advisory | |
| References | (MISC) http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html - Third Party Advisory, VDB Entry | |
| References | (UBUNTU) https://usn.ubuntu.com/usn/usn-3516-1/Â - Third Party Advisory | |
| References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Third Party Advisory | |
| References | (DEBIAN) https://www.debian.org/security/2018/dsa-4188Â - Third Party Advisory | |
| References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html - Broken Link | |
| References | (CERT-VN) https://www.kb.cert.org/vuls/id/180049Â - Third Party Advisory, US Government Resource | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html - Broken Link | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html - Broken Link | |
| References | (UBUNTU) https://usn.ubuntu.com/3582-2/Â - Third Party Advisory | |
| References | (CONFIRM) https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html - Broken Link | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html - Broken Link | |
| References | (CONFIRM) http://nvidia.custhelp.com/app/answers/detail/a_id/4613Â - Third Party Advisory | |
| References | (CONFIRM) http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3594-1/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3541-2/Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3580-1/Â - Third Party Advisory | |
| References | (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us - Third Party Advisory | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html - Mailing List, Third Party Advisory | |
| References | (CONFIRM) https://www.vmware.com/security/advisories/VMSA-2018-0007.html - Third Party Advisory | |
| References | (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us - Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html - Broken Link | |
| References | (UBUNTU) https://usn.ubuntu.com/3597-1/Â - Third Party Advisory | |
| References | (CONFIRM) https://support.citrix.com/article/CTX231399Â - Third Party Advisory | |
| References | (MISC) https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - Third Party Advisory | |
| References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html - Third Party Advisory | |
| References | (CONFIRM) https://cert.vde.com/en-us/advisories/vde-2018-003Â - Third Party Advisory | |
| References | (UBUNTU) https://usn.ubuntu.com/3542-2/Â - Third Party Advisory | |
| References | (FREEBSD) https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc - Third Party Advisory | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html - Mailing List, Third Party Advisory | |
| References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html - Broken Link | |
| CPE | cpe:2.3:h:siemens:simatic_winac_rtx_\(f\)_2010:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:-:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:* cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:sp1:*:*:*:*:*:* cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:* cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:siemens:simatic_winac_rtx_\(f\)_firmware:2010:sp2:*:*:*:*:*:* |
Information
Published : 2018-01-04 13:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-5715
Mitre link : CVE-2017-5715
CVE.ORG link : CVE-2017-5715
JSON object : View
Products Affected
intel
- xeon_e5_2630l_v3
- xeon_e3_1220l_v3
- xeon_e3_1225_v5
- xeon_e5_2643_v4
- xeon_e3_1270_v2
- xeon_e5_1650_v3
- xeon_e5_2430l
- xeon_e5_2603_v4
- xeon_e3_1290
- xeon_e5_2609_v4
- xeon_e3_1265l_v3
- atom_c
- xeon_e5_2637_v4
- xeon_e3_1225_v3
- xeon_e3_1105c_v2
- xeon_e3_1286l_v3
- xeon_e3
- xeon_e5_2648l
- pentium_n
- xeon_e5_2648l_v4
- xeon_e3_1225_v6
- xeon_e5_2620
- xeon_e5_2650_v2
- xeon_e5_2440
- xeon_e3_1125c_v2
- xeon_e3_1230l_v3
- atom_x5-e3940
- xeon_e3_1275
- xeon_e5_1660
- xeon_e5_2623_v4
- xeon_e5_2630l_v4
- xeon_e5_2450l_v2
- xeon_e3_1246_v3
- xeon_e3_1268l_v5
- xeon_e5_2630l
- xeon_phi
- pentium_j
- xeon_e5_2620_v4
- xeon_e5_2640
- xeon_e5_2608l_v3
- xeon_e5_2618l_v3
- xeon_e3_1225
- xeon_e5_2609
- xeon_e5_2623_v3
- xeon_e5_2643
- xeon_e5_2650
- xeon_e3_1230_v2
- xeon_e3_1230_v5
- xeon_e3_1270_v3
- xeon_gold
- xeon_e-1105c
- xeon_e3_1220_v6
- xeon_e3_1280_v6
- xeon_e5_1650
- xeon_e3_1275_v3
- xeon_e5_1620_v4
- xeon_e3_1275_v5
- xeon_e3_12201_v2
- xeon_e5_2428l_v2
- xeon_e5_1620_v3
- xeon_e5
- xeon_e3_1245
- atom_z
- xeon_e5_2403_v2
- xeon_e3_1245_v6
- xeon_e5_2630_v3
- xeon_e3_1280_v3
- xeon_e5_1680_v4
- xeon_e5_1660_v2
- xeon_e5_2428l_v3
- xeon_e3_1240l_v3
- core_i3
- xeon_bronze_3106
- xeon_e5_2440_v2
- xeon_e5_2630l_v2
- xeon_e3_1501m_v6
- xeon_e5_1630_v4
- xeon_e3_1280
- xeon_e3_1240_v2
- xeon_e5_2430l_v2
- xeon_bronze_3104
- xeon_e3_1285_v6
- xeon_e3_1230
- xeon_e5_2650l
- xeon_e3_1220_v5
- xeon_e5_2618l_v2
- xeon_e5_2418l_v2
- xeon_e5_1620
- xeon_e5_1428l
- atom_x3
- xeon_e5_1650_v2
- xeon_e5_2608l_v4
- xeon_e3_1235l_v5
- xeon_e3_1285l_v4
- xeon_e5_2620_v2
- xeon_e3_1245_v3
- xeon_e3_1265l_v4
- xeon_e5_1680_v3
- xeon_e5_2403
- xeon_e5_2609_v3
- xeon_e5_2630_v2
- xeon_e3_1260l
- xeon_e5_2420
- xeon_e5_2643_v3
- xeon_e3_1245_v5
- xeon_silver
- xeon_e3_1271_v3
- xeon_e5_2450l
- xeon_e3_1270_v5
- xeon_e5_2407_v2
- xeon_e5_2620_v3
- xeon_e5_2450_v2
- xeon_e3_1501l_v6
- xeon_e3_1280_v5
- atom_x7-e3950
- xeon_e5_1630_v3
- xeon_e5_2408l_v3
- xeon_e5_1650_v4
- xeon_e3_1275_v2
- xeon_e5_1620_v2
- xeon_e5_2650_v4
- xeon_e3_1260l_v5
- atom_x5-e3930
- core_m7
- xeon_e5_2648l_v3
- xeon_e5_2630
- xeon_e3_12201
- core_i5
- xeon_e5_2643_v2
- xeon_e5_2650_v3
- xeon_e5_2407
- xeon_e3_1280_v2
- xeon_e3_1241_v3
- xeon_e5_2640_v2
- xeon_e3_1278l_v4
- celeron_n
- xeon
- xeon_e3_1230_v6
- xeon_e3_1240
- xeon_e5_1660_v3
- xeon_e5_2418l
- xeon_e5_2470_v2
- xeon_e5_2630_v4
- xeon_e3_1276_v3
- xeon_e5_2650l_v2
- xeon_e5_1428l_v2
- xeon_e5_2420_v2
- xeon_e3_1235
- xeon_e3_1240l_v5
- xeon_e5_2450
- core_i7
- celeron_j
- xeon_e3_1275l_v3
- xeon_e3_1270
- xeon_e3_1281_v3
- xeon_e3_1505l_v6
- xeon_e3_1285_v4
- xeon_e3_1231_v3
- xeon_e3_1258l_v4
- xeon_e3_1268l_v3
- xeon_e5_2609_v2
- core_m3
- xeon_e5_2428l
- xeon_e3_1220_v2
- xeon_e5_2618l_v4
- xeon_e5_2628l_v3
- xeon_e5_1660_v4
- atom_e
- xeon_e5_2448l
- xeon_e3_1240_v6
- xeon_e5_2438l_v3
- xeon_e5_2637_v3
- xeon_e5_2448l_v2
- xeon_e5_2637
- xeon_e7
- xeon_e3_1275_v6
- xeon_e3_1240_v5
- xeon_e3_1505m_v5
- xeon_e3_1220_v3
- xeon_e5_2430_v2
- xeon_e5_2628l_v2
- xeon_e5_2648l_v2
- xeon_e3_1240_v3
- xeon_e3_1225_v2
- core_m
- xeon_e3_1265l_v2
- xeon_e3_1220
- xeon_e3_1226_v3
- xeon_e5_2603_v3
- xeon_e5_2640_v3
- core_m5
- xeon_e3_1125c
- xeon_e3_1230_v3
- xeon_e5_2470
- xeon_e3_1285_v3
- xeon_e5_2603
- xeon_e3_1286_v3
- xeon_e5_2650l_v3
- xeon_e5_2430
- xeon_e3_1505l_v5
- xeon_e5_2603_v2
- xeon_e3_1285l_v3
- xeon_e3_1290_v2
- xeon_e3_1245_v2
- xeon_e5_2628l_v4
- xeon_e5_2637_v2
- xeon_e5_1428l_v3
- xeon_e5_2418l_v3
- xeon_e5_2640_v4
- xeon_platinum
- xeon_e3_1270_v6
netapp
- hci_management_node
- hci_compute_node
- solidfire
oracle
- vm_virtualbox
- communications_diameter_signaling_router
debian
- debian_linux
canonical
- ubuntu_linux
siemens
- simatic_winac_rtx_\(f\)_2010
- simatic_winac_rtx_\(f\)_firmware
arm
- cortex-a
CWE
CWE-203
Observable Discrepancy