Speculative Execution Vulnerability in Intel Processors Affects Multiple Vendors
CVE-2018-3640

5.6MEDIUM

Key Information:

Vendor

Intel
Status
Multiple
Vendor
CVE Published:
22 May 2018

What is CVE-2018-3640?

This vulnerability affects microprocessors using speculative execution and enables attackers with local user access to exploit speculative reads of system registers. By employing side-channel analysis techniques, sensitive system parameters may be disclosed, leading to potential security breaches. The issue, identified as Rogue System Register Read (RSRE), requires awareness and prompt mitigation efforts from users and administrators to protect against unauthorized information disclosure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Multiple Multiple

References

https://cert-portal.siemens.com/productcert/pdf/ssa-26864...
x_refsource_CONFIRM
http://support.lenovo.com/us/en/solutions/LEN-22133
x_refsource_CONFIRM
https://www.us-cert.gov/ncas/alerts/TA18-141A
third-party-advisoryx_refsource_CERT

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.