CVE-2018-3639 : IT Service Management

Printer-Friendly View

CVE-ID
CVE-2018-3639	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
EXPLOIT-DB:44695 URL:https://www.exploit-db.com/exploits/44695/ MISC:https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 CONFIRM:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html CONFIRM:http://support.lenovo.com/us/en/solutions/LEN-22133 CONFIRM:http://xenbits.xen.org/xsa/advisory-263.html CONFIRM:https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability CONFIRM:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012 CONFIRM:https://support.citrix.com/article/CTX235225 CONFIRM:https://security.netapp.com/advisory/ntap-20180521-0001/ CONFIRM:https://www.synology.com/support/security/Synology_SA_18_23 CISCO:20180522 CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 URL:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel DEBIAN:DSA-4210 URL:https://www.debian.org/security/2018/dsa-4210 REDHAT:RHSA-2018:1630

On Tue, 5 Jun at 11:06 AM , IT Service Desk/ITSM <helpdesk@partnerdemo.freshservice.com> wrote:

Hey can u download this latest patch from MS and apply the hotfix

Thanks and regards

A.berkson

SAP software support

On Tue, 5 Jun at 11:04 AM , Michael <michael.scott.fd@gmail.com> wrote:

Risk Template - GRC Template

IT Service Management

CVE-2018-3639

Modified on: Wed, 7 Oct, 2020 2:58 AM

CVE-2018-3639

Related Articles