CVE-2018-9056

5.6MEDIUM

Key Information:

Vendor: Intel
Status: Core I7; Core I5; Core I3; Xeon E7
Vendor: CVE Published:; 27 March 2018

Summary

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.

References

http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf

x_refsource_MISC

https://arstechnica.com/gadgets/2018/03/its-not-just-spec...

x_refsource_MISC

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 27, 2018
Vulnerability Reserved
Mar 27, 2018