Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
BID:104232
CVE-2018-3639 |Info
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
| Bugtraq ID: | 104232 |
| Class: | Design Error |
| CVE: |
CVE-2018-3639 |
| Remote: | No |
| Local: | Yes |
| Published: | May 21 2018 12:00AM |
| Updated: | Jan 16 2019 07:00AM |
| Credit: | Ken Johnson of Microsoft Corporation and Jann Horn of Google Project Zero |
| Vulnerable: |
Xen Xen 0 VMWare Workstation Pro 14.1.1 VMWare Workstation Pro 14.1 VMWare Workstation Pro 14.0 VMWare Workstation Player 14.1.1 VMWare Workstation Player 14.1 VMWare Workstation Player 14.0 VMWare vSphere ESXi 6.7 VMWare vSphere ESXi 6.5 VMWare vSphere ESXi 6.0 VMWare vSphere ESXi 5.5 VMWare vCenter Server 6.7 VMWare vCenter Server 6.5 VMWare vCenter Server 6.0 VMWare vCenter Server 5.5 VMWare Fusion Pro 10.1.1 VMWare Fusion Pro 10.0 VMWare Fusion 10.1.1 VMWare Fusion 10.0 Ubuntu Ubuntu Linux 18.04 LTS Ubuntu Ubuntu Linux 17.10 Ubuntu Ubuntu Linux 16.04 LTS Ubuntu Ubuntu Linux 14.04 LTS Synology Virtual DSM 0 Synology Sky NAS 0 Synology Dsm 6.1 Synology Dsm 6.0 Synology Dsm 5.2 Redhat Virtualization Manager 4.2 Redhat Virtualization Host 4 Redhat Virtualization for IBM Power LE 4 Redhat Virtualization - ELS 3 Redhat Virtualization 4 Redhat OpenStack for IBM Power 12.0 Redhat OpenStack 9.0 Redhat OpenStack 8.0 Redhat OpenStack 7.0 Redhat OpenStack 12.0 Redhat OpenStack 10.0 Redhat MRG Realtime 2 Redhat Gluster Storage Server for On-premise 3 for RHEL 7 0 Redhat Enterprise Linux Workstation 7 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server AUS 6.5 Redhat Enterprise Linux Server AUS 6.4 Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.4 Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.3 Redhat Enterprise Linux Server - Update Services for SAP Solutions 7.2 Redhat Enterprise Linux Server - TUS 7.4 Redhat Enterprise Linux Server - TUS 7.3 Redhat Enterprise Linux Server - TUS 7.2 Redhat Enterprise Linux Server - TUS 6.6 Redhat Enterprise Linux Server - Extended Update Support 7.5 Redhat Enterprise Linux Server - Extended Update Support 7.4 Redhat Enterprise Linux Server - Extended Update Support 7.3 Redhat Enterprise Linux Server - Extended Update Support 6.7 Redhat Enterprise Linux Server - AUS 7.4 Redhat Enterprise Linux Server - AUS 7.3 Redhat Enterprise Linux Server - AUS 7.2 Redhat Enterprise Linux Server - AUS 6.6 Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7. Redhat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7. Redhat Enterprise Linux Server 7 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux for Scientific Computing 7 Redhat Enterprise Linux for Scientific Computing 6 Redhat Enterprise Linux for Real Time 7 Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.5 Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.4 Redhat Enterprise Linux for Power, little endian - Extended Update Supp 7.3 Redhat Enterprise Linux for Power, little endian 7 Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.5 Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.4 Redhat Enterprise Linux for Power, big endian - Extended Update Support 7.3 Redhat Enterprise Linux for Power, big endian - Extended Update Support 6.7 Redhat Enterprise Linux for Power, big endian 7 Redhat Enterprise Linux for Power, big endian 6 Redhat Enterprise Linux for Power 9 7 Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 Redhat Enterprise Linux for IBM z Systems - Extended Update Support 7.3 Redhat Enterprise Linux for IBM z Systems - Extended Update Support 6.7 Redhat Enterprise Linux for IBM z Systems 7 Redhat Enterprise Linux for IBM System z (Structure A) 7 Redhat Enterprise Linux for ARM 64 7 Redhat Enterprise Linux EUS Compute Node 7.5 Redhat Enterprise Linux EUS Compute Node 7.4 Redhat Enterprise Linux EUS Compute Node 7.3 Redhat Enterprise Linux EUS Compute Node 6.7 Redhat Enterprise Linux Desktop 7 Redhat Enterprise Linux Desktop 6 Oracle Solaris 11 NetApp SolidFire Element OS Management Node 0 Microsoft Windows Server 2016 0 Microsoft Windows Server 2012 R2 0 Microsoft Windows Server 2012 0 Microsoft Windows Server 2008 R2 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 1803 0 Microsoft Windows Server 1709 0 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems 0 Microsoft Windows 8.1 for 32-bit Systems 0 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1803 for x64-based Systems 0 Microsoft Windows 10 Version 1803 for 32-bit Systems 0 Microsoft Windows 10 version 1709 for x64-based Systems 0 Microsoft Windows 10 version 1709 for 32-bit Systems 0 Microsoft Windows 10 version 1703 for x64-based Systems 0 Microsoft Windows 10 version 1703 for 32-bit Systems 0 Microsoft Windows 10 Version 1607 for x64-based Systems 0 Microsoft Windows 10 Version 1607 for 32-bit Systems 0 Microsoft Windows 10 for x64-based Systems 0 Microsoft Windows 10 for 32-bit Systems 0 Microsoft Surface Pro with Advanced LTE Model 1807 0 Microsoft Surface Pro Model 1796 0 Microsoft Surface Pro 4 0 Microsoft Surface Pro 3 0 Microsoft Surface Laptop 0 Microsoft Surface Book 2 Intel Xeon Processor E7 v4 Family 0 Intel Xeon Processor E7 v3 Family 0 Intel Xeon Processor E7 v2 Family 0 Intel Xeon Processor E7 Family 0 Intel Xeon Processor E5 v4 Family 0 Intel Xeon Processor E5 v3 Family 0 Intel Xeon Processor E5 v2 Family 0 Intel Xeon Processor E5 Family 0 Intel Xeon Processor E3 v6 Family 0 Intel Xeon Processor E3 v5 Family 0 Intel Xeon Processor E3 v4 Family 0 Intel Xeon Processor E3 v3 Family 0 Intel Xeon Processor E3 v2 Family 0 Intel Xeon Processor E3 Family 0 Intel Xeon processor 7500 series 0 Intel Xeon processor 6500 series 0 Intel Xeon processor 5600 series 0 Intel Xeon processor 5500 series 0 Intel Xeon processor 3600 series 0 Intel Xeon processor 3400 series 0 Intel Pentium Processor Silver Series 0 Intel Pentium Processor N Series 0 Intel Pentium Processor J Series 0 Intel Core X-series Processor Family for Intel X99 platforms 0 Intel Core X-series Processor Family for Intel X299 platforms 0 Intel Core M processor family 0 Intel Celeron Processor N Series 0 Intel Celeron Processor J Series 0 Intel Atom Processor Z Series 0 Intel Atom Processor X Series 0 Intel Atom Processor T Series 0 Intel Atom Processor E Series 0 Intel Atom Processor C Series 0 Intel Atom Processor A Series 0 Intel 8th generation Core processors 0 Intel 7th generation Core processors 0 Intel 6th generation Core processors 0 Intel 5th generation Core processors 0 Intel 4th generation Core processors 0 Intel 3rd generation Core processors 0 Intel 2nd generation Core processors 0 IBM Vios 2.2 IBM Aix 7.2 IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3 ARM Cortex A72 0 ARM Cortex A57 0 |
| Not Vulnerable: |
VMWare Workstation Pro 14.1.2 VMWare Workstation Player 14.1.2 VMWare Fusion Pro 10.1.2 VMWare Fusion 10.1.2 |
Discussion
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
Multiple CPU Hardware are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.
Multiple CPU Hardware are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.
Exploit / POC
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
Solution / Fix
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
References:
References:
- AMD Home Page (AMD)
- ARM Homepage (ARM)
- Intel Home Page (Intel)
- �??Speculative Store Bypass�?� Vulnerability Mitigations for AMD Platforms (AMD)
- ADV180012 | Microsoft Guidance for Speculative Store Bypass (Microsoft)
- Alert (TA18-141A) Side-Channel Vulnerability Variants 3a and 4 (CERT)
- AMD64 TECHNOLOGY SPECULATIVE STORE BYPASS DISABLE (AMD)
- Analysis and mitigation of speculative store bypass (CVE-2018-3639) (Microsoft)
- Bug 1566890 - (CVE-2018-3639) CVE-2018-3639 hw: cpu: speculative store bypass (Redhat)
- CPU hardware utilizing speculative execution may be vulnerable to cache side-cha (CERT)
- CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 (Cisco)
- CVE-2018-3639 (Redhat)
- Oracle Critical Patch Update Advisory - January 2019 (Oracle)
- Q2 2018 Speculative Execution Side Channel Update (Intel)
- RHSA-2018:1629 - Security Advisory (Redhat)
- RHSA-2018:1630 - Security Advisory (Redhat)
- RHSA-2018:1632 - Security Advisory (Redhat)
- RHSA-2018:1633 - Security Advisory (Redhat)
- RHSA-2018:1643 - Security Advisory (Redhat)
- RHSA-2018:1644 - Security Advisory (Redhat)
- RHSA-2018:1645 - Security Advisory (Redhat)
- RHSA-2018:1646 - Security Advisory (Redhat)
- RHSA-2018:1647 - Security Advisory (Redhat)
- RHSA-2018:1648 - Security Advisory (Redhat)
- RHSA-2018:1649 - Security Advisory (Redhat)
- RHSA-2018:1650 - Security Advisory (Redhat)
- RHSA-2018:1651 - Security Advisory (Redhat)
- RHSA-2018:1652 - Security Advisory (Redhat)
- RHSA-2018:1653 - Security Advisory (Redhat)
- RHSA-2018:1654 - Security Advisory (Redhat)
- RHSA-2018:1655 - Security Advisory (Redhat)
- RHSA-2018:1656 - Security Advisory (Redhat)
- RHSA-2018:1657 - Security Advisory (Redhat)
- RHSA-2018:1658 - Security Advisory (Redhat)
- RHSA-2018:1659 - Security Advisory (Redhat)
- RHSA-2018:1660 - Security Advisory (Redhat)
- RHSA-2018:1661 - Security Advisory (Redhat)
- RHSA-2018:1662 - Security Advisory (Redhat)
- RHSA-2018:1663 - Security Advisory (Redhat)
- RHSA-2018:1664 - Security Advisory (Redhat)
- RHSA-2018:1665 - Security Advisory (Redhat)
- RHSA-2018:1666 - Security Advisory (Redhat)
- RHSA-2018:1667 - Security Advisory (Redhat)
- RHSA-2018:1668 - Security Advisory (Redhat)
- RHSA-2018:1669 - Security Advisory (Redhat)
- RHSA-2018:1674 - Security Advisory (Redhat)
- RHSA-2018:1675 - Security Advisory (Redhat)
- RHSA-2018:1676 - Security Advisory (Redhat)
- RHSA-2018:1686 - Security Advisory (Redhat)
- Security Bulletin: IBM has released AIX and VIOS iFixes (IBM)
- Speculative Execution Side Channel Vulnerabilities in NetApp Products (NetApp)
- speculative execution, variant 4: speculative store bypass (Google Project Zero)
- Speculative Store Bypass (CVE-2018-3639 aka GPZ Variant 4) (Ubuntu)
- Synology-SA-18:23 Speculative Store Bypass (Synology)
- USN-3651-1: QEMU update (Ubuntu)
- USN-3652-1: Linux kernel vulnerability (Ubuntu)
- USN-3653-1: Linux kernel vulnerabilities (Ubuntu)
- USN-3653-2: Linux kernel (HWE) vulnerabilities (Ubuntu)
- USN-3654-1: Linux kernel vulnerabilities (Ubuntu)
- USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities (Ubuntu)
- USN-3655-2: Linux kernel (Trusty HWE) vulnerabilities (Ubuntu)
- VMSA-2018-0012 VMware updates enable Hypervisor-Assisted Guest Mitigations (VMware)
- VMware Response to Speculative Execution security issues, CVE-2018-3639 and CVE- (VMware)
- Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism (ARM)
- XSA-263 Speculative Store Bypass (Xen)