All the vulnerabilites related to Intel Corporation - Most Modern Operating Systems
cve-2017-5754
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2024-09-16 16:48
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4609x_refsource_CONFIRM
https://usn.ubuntu.com/3523-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/usn/usn-3525-1/vendor-advisory, x_refsource_UBUNTU
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletinx_refsource_CONFIRM
https://security.gentoo.org/glsa/201810-06vendor-advisory, x_refsource_GENTOO
https://www.debian.org/security/2018/dsa-4082vendor-advisory, x_refsource_DEBIAN
https://support.citrix.com/article/CTX234679x_refsource_CONFIRM
https://usn.ubuntu.com/3540-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3522-3/vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/security/vulnerabilities/speculativeexecutionx_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.htmlmailing-list, x_refsource_MLIST
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002x_refsource_CONFIRM
https://usn.ubuntu.com/3597-1/vendor-advisory, x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlvendor-advisory, x_refsource_SUSE
http://nvidia.custhelp.com/app/answers/detail/a_id/4611x_refsource_CONFIRM
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.htmlx_refsource_MISC
https://cert.vde.com/en-us/advisories/vde-2018-002x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4120vendor-advisory, x_refsource_DEBIAN
https://support.f5.com/csp/article/K91229003x_refsource_CONFIRM
https://usn.ubuntu.com/usn/usn-3524-2/vendor-advisory, x_refsource_UBUNTU
https://www.debian.org/security/2018/dsa-4078vendor-advisory, x_refsource_DEBIAN
https://source.android.com/security/bulletin/2018-04-01x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.htmlvendor-advisory, x_refsource_SUSE
https://access.redhat.com/errata/RHSA-2018:0292vendor-advisory, x_refsource_REDHAT
http://xenbits.xen.org/xsa/advisory-254.htmlx_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20180104-0001/x_refsource_CONFIRM
https://www.synology.com/support/security/Synology_SA_18_01x_refsource_CONFIRM
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txtx_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0x_refsource_CONFIRM
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilityx_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/584653third-party-advisory, x_refsource_CERT-VN
https://usn.ubuntu.com/usn/usn-3522-2/vendor-advisory, x_refsource_UBUNTU
https://www.kb.cert.org/vuls/id/180049third-party-advisory, x_refsource_CERT-VN
https://usn.ubuntu.com/3583-1/vendor-advisory, x_refsource_UBUNTU
https://cert.vde.com/en-us/advisories/vde-2018-003x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_usx_refsource_CONFIRM
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001x_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_usx_refsource_CONFIRM
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/x_refsource_CONFIRM
https://support.citrix.com/article/CTX231399x_refsource_CONFIRM
http://www.securityfocus.com/bid/102378vdb-entry, x_refsource_BID
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.ascvendor-advisory, x_refsource_FREEBSD
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/x_refsource_CONFIRM
http://www.securityfocus.com/bid/106128vdb-entry, x_refsource_BID
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/x_refsource_CONFIRM
http://www.securitytracker.com/id/1040071vdb-entry, x_refsource_SECTRACK
https://usn.ubuntu.com/3597-2/vendor-advisory, x_refsource_UBUNTU
http://nvidia.custhelp.com/app/answers/detail/a_id/4614x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.htmlvendor-advisory, x_refsource_SUSE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannelvendor-advisory, x_refsource_CISCO
https://usn.ubuntu.com/usn/usn-3523-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/usn/usn-3516-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3541-2/vendor-advisory, x_refsource_UBUNTU
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.htmlx_refsource_MISC
https://support.lenovo.com/us/en/solutions/LEN-18282x_refsource_CONFIRM
https://meltdownattack.com/x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.htmlvendor-advisory, x_refsource_SUSE
http://nvidia.custhelp.com/app/answers/detail/a_id/4613x_refsource_CONFIRM
https://usn.ubuntu.com/3522-4/vendor-advisory, x_refsource_UBUNTU
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlx_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txtx_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfx_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuapr2020.htmlx_refsource_MISC
https://cdrdv2.intel.com/v1/dl/getContent/685358x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
          },
          {
            "name": "USN-3523-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3523-1/"
          },
          {
            "name": "USN-3525-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3525-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "DSA-4082",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4082"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX234679"
          },
          {
            "name": "USN-3540-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3540-2/"
          },
          {
            "name": "USN-3522-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3522-3/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
          },
          {
            "name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
          },
          {
            "name": "USN-3597-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-1/"
          },
          {
            "name": "SUSE-SU-2018:0012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
          },
          {
            "name": "SUSE-SU-2018:0011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
          },
          {
            "name": "DSA-4120",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4120"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K91229003"
          },
          {
            "name": "USN-3524-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3524-2/"
          },
          {
            "name": "DSA-4078",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4078"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "name": "openSUSE-SU-2018:0022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
          },
          {
            "name": "RHSA-2018:0292",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-254.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
          },
          {
            "name": "VU#584653",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/584653"
          },
          {
            "name": "USN-3522-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3522-2/"
          },
          {
            "name": "VU#180049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/180049"
          },
          {
            "name": "USN-3583-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3583-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX231399"
          },
          {
            "name": "102378",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102378"
          },
          {
            "name": "FreeBSD-SA-18:03",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
          },
          {
            "name": "106128",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106128"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
          },
          {
            "name": "1040071",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040071"
          },
          {
            "name": "USN-3597-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
          },
          {
            "name": "SUSE-SU-2018:0010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
          },
          {
            "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
          },
          {
            "name": "USN-3523-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3523-2/"
          },
          {
            "name": "USN-3516-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
          },
          {
            "name": "USN-3541-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3541-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://meltdownattack.com/"
          },
          {
            "name": "openSUSE-SU-2018:0023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
          },
          {
            "name": "USN-3522-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3522-4/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685358"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Most Modern Operating Systems",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-19T17:54:02",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
        },
        {
          "name": "USN-3523-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3523-1/"
        },
        {
          "name": "USN-3525-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3525-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "DSA-4082",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4082"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX234679"
        },
        {
          "name": "USN-3540-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3540-2/"
        },
        {
          "name": "USN-3522-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3522-3/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
        },
        {
          "name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
        },
        {
          "name": "USN-3597-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-1/"
        },
        {
          "name": "SUSE-SU-2018:0012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
        },
        {
          "name": "SUSE-SU-2018:0011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
        },
        {
          "name": "DSA-4120",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4120"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K91229003"
        },
        {
          "name": "USN-3524-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3524-2/"
        },
        {
          "name": "DSA-4078",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4078"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2018-04-01"
        },
        {
          "name": "openSUSE-SU-2018:0022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
        },
        {
          "name": "RHSA-2018:0292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-254.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
        },
        {
          "name": "VU#584653",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/584653"
        },
        {
          "name": "USN-3522-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3522-2/"
        },
        {
          "name": "VU#180049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/180049"
        },
        {
          "name": "USN-3583-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3583-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX231399"
        },
        {
          "name": "102378",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102378"
        },
        {
          "name": "FreeBSD-SA-18:03",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
        },
        {
          "name": "106128",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106128"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
        },
        {
          "name": "1040071",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040071"
        },
        {
          "name": "USN-3597-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
        },
        {
          "name": "SUSE-SU-2018:0010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
        },
        {
          "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
        },
        {
          "name": "USN-3523-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3523-2/"
        },
        {
          "name": "USN-3516-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
        },
        {
          "name": "USN-3541-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3541-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://meltdownattack.com/"
        },
        {
          "name": "openSUSE-SU-2018:0023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
        },
        {
          "name": "USN-3522-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3522-4/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdrdv2.intel.com/v1/dl/getContent/685358"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-01-03T00:00:00",
          "ID": "CVE-2017-5754",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Most Modern Operating Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
            },
            {
              "name": "USN-3523-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3523-1/"
            },
            {
              "name": "USN-3525-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3525-1/"
            },
            {
              "name": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin",
              "refsource": "CONFIRM",
              "url": "https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "DSA-4082",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4082"
            },
            {
              "name": "https://support.citrix.com/article/CTX234679",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX234679"
            },
            {
              "name": "USN-3540-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3540-2/"
            },
            {
              "name": "USN-3522-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3522-3/"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
            },
            {
              "name": "[debian-lts-announce] 20180107 [SECURITY] [DLA 1232-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
            },
            {
              "name": "USN-3597-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-1/"
            },
            {
              "name": "SUSE-SU-2018:0012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
            },
            {
              "name": "SUSE-SU-2018:0011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
            },
            {
              "name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html",
              "refsource": "MISC",
              "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-002",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
            },
            {
              "name": "DSA-4120",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4120"
            },
            {
              "name": "https://support.f5.com/csp/article/K91229003",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K91229003"
            },
            {
              "name": "USN-3524-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3524-2/"
            },
            {
              "name": "DSA-4078",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4078"
            },
            {
              "name": "https://source.android.com/security/bulletin/2018-04-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2018-04-01"
            },
            {
              "name": "openSUSE-SU-2018:0022",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
            },
            {
              "name": "RHSA-2018:0292",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0292"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-254.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-254.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180104-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_01",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_01"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
            },
            {
              "name": "VU#584653",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/584653"
            },
            {
              "name": "USN-3522-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3522-2/"
            },
            {
              "name": "VU#180049",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/180049"
            },
            {
              "name": "USN-3583-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3583-1/"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
            },
            {
              "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001",
              "refsource": "CONFIRM",
              "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
            },
            {
              "name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
            },
            {
              "name": "https://support.citrix.com/article/CTX231399",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX231399"
            },
            {
              "name": "102378",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102378"
            },
            {
              "name": "FreeBSD-SA-18:03",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc"
            },
            {
              "name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/",
              "refsource": "CONFIRM",
              "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
            },
            {
              "name": "106128",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106128"
            },
            {
              "name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/",
              "refsource": "CONFIRM",
              "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
            },
            {
              "name": "1040071",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040071"
            },
            {
              "name": "USN-3597-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-2/"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
            },
            {
              "name": "SUSE-SU-2018:0010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
            },
            {
              "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
            },
            {
              "name": "USN-3523-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3523-2/"
            },
            {
              "name": "USN-3516-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
            },
            {
              "name": "USN-3541-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3541-2/"
            },
            {
              "name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html",
              "refsource": "MISC",
              "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-18282",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
            },
            {
              "name": "https://meltdownattack.com/",
              "refsource": "MISC",
              "url": "https://meltdownattack.com/"
            },
            {
              "name": "openSUSE-SU-2018:0023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
            },
            {
              "name": "USN-3522-4",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3522-4/"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685358",
              "refsource": "CONFIRM",
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685358"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5754",
    "datePublished": "2018-01-04T13:00:00Z",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-09-16T16:48:54.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-5753
Vulnerability from cvelistv5
Published
2018-01-04 13:00
Modified
2024-09-16 22:24
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
References
http://nvidia.custhelp.com/app/answers/detail/a_id/4609x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.htmlmailing-list, x_refsource_MLIST
https://www.debian.org/security/2018/dsa-4187vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3542-2/vendor-advisory, x_refsource_UBUNTU
https://security.gentoo.org/glsa/201810-06vendor-advisory, x_refsource_GENTOO
https://usn.ubuntu.com/3540-2/vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/security/vulnerabilities/speculativeexecutionx_refsource_CONFIRM
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002x_refsource_CONFIRM
https://usn.ubuntu.com/3597-1/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.htmlmailing-list, x_refsource_MLIST
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.htmlvendor-advisory, x_refsource_SUSE
http://nvidia.custhelp.com/app/answers/detail/a_id/4611x_refsource_CONFIRM
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.htmlx_refsource_MISC
https://cert.vde.com/en-us/advisories/vde-2018-002x_refsource_CONFIRM
https://usn.ubuntu.com/3580-1/vendor-advisory, x_refsource_UBUNTU
https://support.f5.com/csp/article/K91229003x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.htmlvendor-advisory, x_refsource_SUSE
https://www.debian.org/security/2018/dsa-4188vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2018:0292vendor-advisory, x_refsource_REDHAT
http://xenbits.xen.org/xsa/advisory-254.htmlx_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20180104-0001/x_refsource_CONFIRM
https://www.synology.com/support/security/Synology_SA_18_01x_refsource_CONFIRM
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.htmlx_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txtx_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.htmlmailing-list, x_refsource_MLIST
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerabilityx_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/584653third-party-advisory, x_refsource_CERT-VN
https://www.kb.cert.org/vuls/id/180049third-party-advisory, x_refsource_CERT-VN
https://cert.vde.com/en-us/advisories/vde-2018-003x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixesx_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlx_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_usx_refsource_CONFIRM
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdfx_refsource_CONFIRM
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_usx_refsource_CONFIRM
https://usn.ubuntu.com/3549-1/vendor-advisory, x_refsource_UBUNTU
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/x_refsource_CONFIRM
https://support.citrix.com/article/CTX231399x_refsource_CONFIRM
https://spectreattack.com/x_refsource_MISC
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/x_refsource_CONFIRM
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/x_refsource_CONFIRM
http://www.securitytracker.com/id/1040071vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/102371vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3597-2/vendor-advisory, x_refsource_UBUNTU
http://nvidia.custhelp.com/app/answers/detail/a_id/4614x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.htmlvendor-advisory, x_refsource_SUSE
https://usn.ubuntu.com/3540-1/vendor-advisory, x_refsource_UBUNTU
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannelvendor-advisory, x_refsource_CISCO
https://usn.ubuntu.com/usn/usn-3516-1/vendor-advisory, x_refsource_UBUNTU
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.htmlx_refsource_CONFIRM
https://www.exploit-db.com/exploits/43427/exploit, x_refsource_EXPLOIT-DB
https://usn.ubuntu.com/3541-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3541-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3542-1/vendor-advisory, x_refsource_UBUNTU
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.htmlx_refsource_MISC
https://support.lenovo.com/us/en/solutions/LEN-18282x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.htmlvendor-advisory, x_refsource_SUSE
http://nvidia.custhelp.com/app/answers/detail/a_id/4613x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.htmlmailing-list, x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.htmlmailing-list, x_refsource_MLIST
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlx_refsource_MISC
https://seclists.org/bugtraq/2019/Jun/36mailing-list, x_refsource_BUGTRAQ
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txtx_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdfx_refsource_CONFIRM
https://cdrdv2.intel.com/v1/dl/getContent/685359x_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:11:48.670Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
          },
          {
            "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
          },
          {
            "name": "DSA-4187",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4187"
          },
          {
            "name": "USN-3542-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3542-2/"
          },
          {
            "name": "GLSA-201810-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-06"
          },
          {
            "name": "USN-3540-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3540-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
          },
          {
            "name": "USN-3597-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-1/"
          },
          {
            "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
          },
          {
            "name": "SUSE-SU-2018:0012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
          },
          {
            "name": "SUSE-SU-2018:0011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
          },
          {
            "name": "USN-3580-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3580-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K91229003"
          },
          {
            "name": "openSUSE-SU-2018:0022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
          },
          {
            "name": "DSA-4188",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4188"
          },
          {
            "name": "RHSA-2018:0292",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0292"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://xenbits.xen.org/xsa/advisory-254.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/support/security/Synology_SA_18_01"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
          },
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
          },
          {
            "name": "VU#584653",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/584653"
          },
          {
            "name": "VU#180049",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/180049"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
          },
          {
            "name": "USN-3549-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3549-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.citrix.com/article/CTX231399"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://spectreattack.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
          },
          {
            "name": "1040071",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040071"
          },
          {
            "name": "102371",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102371"
          },
          {
            "name": "USN-3597-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3597-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
          },
          {
            "name": "SUSE-SU-2018:0010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
          },
          {
            "name": "USN-3540-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3540-1/"
          },
          {
            "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
          },
          {
            "name": "USN-3516-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
          },
          {
            "name": "43427",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43427/"
          },
          {
            "name": "USN-3541-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3541-1/"
          },
          {
            "name": "USN-3541-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3541-2/"
          },
          {
            "name": "USN-3542-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3542-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
          },
          {
            "name": "openSUSE-SU-2018:0023",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/36"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Most Modern Operating Systems",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-01-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-19T17:48:07",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
        },
        {
          "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
        },
        {
          "name": "DSA-4187",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4187"
        },
        {
          "name": "USN-3542-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3542-2/"
        },
        {
          "name": "GLSA-201810-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-06"
        },
        {
          "name": "USN-3540-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3540-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
        },
        {
          "name": "USN-3597-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-1/"
        },
        {
          "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
        },
        {
          "name": "SUSE-SU-2018:0012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
        },
        {
          "name": "SUSE-SU-2018:0011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
        },
        {
          "name": "USN-3580-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3580-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K91229003"
        },
        {
          "name": "openSUSE-SU-2018:0022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
        },
        {
          "name": "DSA-4188",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4188"
        },
        {
          "name": "RHSA-2018:0292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0292"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://xenbits.xen.org/xsa/advisory-254.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/support/security/Synology_SA_18_01"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
        },
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
        },
        {
          "name": "VU#584653",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/584653"
        },
        {
          "name": "VU#180049",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/180049"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
        },
        {
          "name": "USN-3549-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3549-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.citrix.com/article/CTX231399"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://spectreattack.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
        },
        {
          "name": "1040071",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040071"
        },
        {
          "name": "102371",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102371"
        },
        {
          "name": "USN-3597-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3597-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
        },
        {
          "name": "SUSE-SU-2018:0010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
        },
        {
          "name": "USN-3540-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3540-1/"
        },
        {
          "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
        },
        {
          "name": "USN-3516-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
        },
        {
          "name": "43427",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43427/"
        },
        {
          "name": "USN-3541-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3541-1/"
        },
        {
          "name": "USN-3541-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3541-2/"
        },
        {
          "name": "USN-3542-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3542-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
        },
        {
          "name": "openSUSE-SU-2018:0023",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/36"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2018-01-03T00:00:00",
          "ID": "CVE-2017-5753",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Most Modern Operating Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4609"
            },
            {
              "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1422-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"
            },
            {
              "name": "DSA-4187",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4187"
            },
            {
              "name": "USN-3542-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3542-2/"
            },
            {
              "name": "GLSA-201810-06",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-06"
            },
            {
              "name": "USN-3540-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3540-2/"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/speculativeexecution",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/speculativeexecution"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002"
            },
            {
              "name": "USN-3597-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-1/"
            },
            {
              "name": "[debian-lts-announce] 20180715 [SECURITY] [DLA 1422-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"
            },
            {
              "name": "SUSE-SU-2018:0012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html"
            },
            {
              "name": "SUSE-SU-2018:0011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4611"
            },
            {
              "name": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html",
              "refsource": "MISC",
              "url": "https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-002",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-002"
            },
            {
              "name": "USN-3580-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3580-1/"
            },
            {
              "name": "https://support.f5.com/csp/article/K91229003",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K91229003"
            },
            {
              "name": "openSUSE-SU-2018:0022",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html"
            },
            {
              "name": "DSA-4188",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4188"
            },
            {
              "name": "RHSA-2018:0292",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0292"
            },
            {
              "name": "http://xenbits.xen.org/xsa/advisory-254.html",
              "refsource": "CONFIRM",
              "url": "http://xenbits.xen.org/xsa/advisory-254.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180104-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180104-0001/"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_18_01",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/support/security/Synology_SA_18_01"
            },
            {
              "name": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt"
            },
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1423-1] linux-4.9 new package",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"
            },
            {
              "name": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
              "refsource": "CONFIRM",
              "url": "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability"
            },
            {
              "name": "VU#584653",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/584653"
            },
            {
              "name": "VU#180049",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/180049"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2018-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2018-003"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us"
            },
            {
              "name": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001",
              "refsource": "CONFIRM",
              "url": "https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us"
            },
            {
              "name": "USN-3549-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3549-1/"
            },
            {
              "name": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/",
              "refsource": "CONFIRM",
              "url": "https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/"
            },
            {
              "name": "https://support.citrix.com/article/CTX231399",
              "refsource": "CONFIRM",
              "url": "https://support.citrix.com/article/CTX231399"
            },
            {
              "name": "https://spectreattack.com/",
              "refsource": "MISC",
              "url": "https://spectreattack.com/"
            },
            {
              "name": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/",
              "refsource": "CONFIRM",
              "url": "https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/"
            },
            {
              "name": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/",
              "refsource": "CONFIRM",
              "url": "https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/"
            },
            {
              "name": "1040071",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040071"
            },
            {
              "name": "102371",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102371"
            },
            {
              "name": "USN-3597-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3597-2/"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4614"
            },
            {
              "name": "SUSE-SU-2018:0010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html"
            },
            {
              "name": "USN-3540-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3540-1/"
            },
            {
              "name": "20180104 CPU Side-Channel Information Disclosure Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel"
            },
            {
              "name": "USN-3516-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/usn/usn-3516-1/"
            },
            {
              "name": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html"
            },
            {
              "name": "43427",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43427/"
            },
            {
              "name": "USN-3541-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3541-1/"
            },
            {
              "name": "USN-3541-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3541-2/"
            },
            {
              "name": "USN-3542-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3542-1/"
            },
            {
              "name": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html",
              "refsource": "MISC",
              "url": "https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/solutions/LEN-18282",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/solutions/LEN-18282"
            },
            {
              "name": "openSUSE-SU-2018:0023",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html"
            },
            {
              "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613",
              "refsource": "CONFIRM",
              "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "20190624 [SECURITY] [DSA 4469-1] libvirt security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/36"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf"
            },
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685359",
              "refsource": "CONFIRM",
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-5753",
    "datePublished": "2018-01-04T13:00:00Z",
    "dateReserved": "2017-02-01T00:00:00",
    "dateUpdated": "2024-09-16T22:24:53.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-3693
Vulnerability from cvelistv5
Published
2018-07-10 21:00
Modified
2024-08-05 04:50
Severity ?
Summary
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:50:30.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:2390",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2390"
          },
          {
            "name": "RHSA-2018:2395",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2395"
          },
          {
            "name": "RHSA-2018:2384",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2384"
          },
          {
            "name": "RHSA-2019:1946",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1946"
          },
          {
            "name": "RHSA-2020:0174",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0174"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180823-0001/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Most Modern Operating Systems",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2018-07-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-19T17:51:16",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "RHSA-2018:2390",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2390"
        },
        {
          "name": "RHSA-2018:2395",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2395"
        },
        {
          "name": "RHSA-2018:2384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2384"
        },
        {
          "name": "RHSA-2019:1946",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1946"
        },
        {
          "name": "RHSA-2020:0174",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180823-0001/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-3693",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Most Modern Operating Systems",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:2390",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2390"
            },
            {
              "name": "RHSA-2018:2395",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2395"
            },
            {
              "name": "RHSA-2018:2384",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2384"
            },
            {
              "name": "RHSA-2019:1946",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1946"
            },
            {
              "name": "RHSA-2020:0174",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0174"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
              "refsource": "CONFIRM",
              "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180823-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180823-0001/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://cdrdv2.intel.com/v1/dl/getContent/685359",
              "refsource": "CONFIRM",
              "url": "https://cdrdv2.intel.com/v1/dl/getContent/685359"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-3693",
    "datePublished": "2018-07-10T21:00:00",
    "dateReserved": "2017-12-28T00:00:00",
    "dateUpdated": "2024-08-05T04:50:30.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}