Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 03:28
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html - | |
| References | () http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html - | |
| References | () http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html - | |
| References | () http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html - | |
| References | () http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html - | |
| References | () http://nvidia.custhelp.com/app/answers/detail/a_id/4609Â - Third Party Advisory | |
| References | () http://nvidia.custhelp.com/app/answers/detail/a_id/4611Â - | |
| References | () http://nvidia.custhelp.com/app/answers/detail/a_id/4613Â - | |
| References | () http://nvidia.custhelp.com/app/answers/detail/a_id/4614Â - | |
| References | () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt - | |
| References | () http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt - | |
| References | () http://www.kb.cert.org/vuls/id/584653Â - Third Party Advisory, US Government Resource | |
| References | () http://www.securityfocus.com/bid/102378Â - | |
| References | () http://www.securityfocus.com/bid/106128Â - | |
| References | () http://www.securitytracker.com/id/1040071Â - Third Party Advisory, VDB Entry | |
| References | () http://xenbits.xen.org/xsa/advisory-254.html - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2018:0292Â - | |
| References | () https://access.redhat.com/security/vulnerabilities/speculativeexecution - Third Party Advisory | |
| References | () https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/Â - Third Party Advisory | |
| References | () https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/Â - Third Party Advisory | |
| References | () https://cdrdv2.intel.com/v1/dl/getContent/685358Â - | |
| References | () https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf - | |
| References | () https://cert.vde.com/en-us/advisories/vde-2018-002Â - | |
| References | () https://cert.vde.com/en-us/advisories/vde-2018-003Â - | |
| References | () https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability - | |
| References | () https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html - Third Party Advisory | |
| References | () https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0Â - | |
| References | () https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes - | |
| References | () https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html - | |
| References | () https://meltdownattack.com/Â - Technical Description, Third Party Advisory | |
| References | () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002Â - Patch, Third Party Advisory, Vendor Advisory | |
| References | () https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc - | |
| References | () https://security.gentoo.org/glsa/201810-06Â - | |
| References | () https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html - Third Party Advisory | |
| References | () https://security.netapp.com/advisory/ntap-20180104-0001/Â - | |
| References | () https://source.android.com/security/bulletin/2018-04-01Â - | |
| References | () https://support.citrix.com/article/CTX231399Â - | |
| References | () https://support.citrix.com/article/CTX234679Â - | |
| References | () https://support.f5.com/csp/article/K91229003Â - Third Party Advisory | |
| References | () https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us - | |
| References | () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us - | |
| References | () https://support.lenovo.com/us/en/solutions/LEN-18282Â - Third Party Advisory | |
| References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel - | |
| References | () https://usn.ubuntu.com/3522-3/Â - | |
| References | () https://usn.ubuntu.com/3522-4/Â - | |
| References | () https://usn.ubuntu.com/3523-1/Â - | |
| References | () https://usn.ubuntu.com/3540-2/Â - | |
| References | () https://usn.ubuntu.com/3541-2/Â - | |
| References | () https://usn.ubuntu.com/3583-1/Â - | |
| References | () https://usn.ubuntu.com/3597-1/Â - | |
| References | () https://usn.ubuntu.com/3597-2/Â - | |
| References | () https://usn.ubuntu.com/usn/usn-3516-1/Â - | |
| References | () https://usn.ubuntu.com/usn/usn-3522-2/Â - | |
| References | () https://usn.ubuntu.com/usn/usn-3523-2/Â - | |
| References | () https://usn.ubuntu.com/usn/usn-3524-2/Â - | |
| References | () https://usn.ubuntu.com/usn/usn-3525-1/Â - | |
| References | () https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin - | |
| References | () https://www.debian.org/security/2018/dsa-4078Â - | |
| References | () https://www.debian.org/security/2018/dsa-4082Â - | |
| References | () https://www.debian.org/security/2018/dsa-4120Â - | |
| References | () https://www.kb.cert.org/vuls/id/180049Â - | |
| References | () https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001Â - | |
| References | () https://www.oracle.com/security-alerts/cpuapr2020.html - | |
| References | () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - | |
| References | () https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/Â - Third Party Advisory | |
| References | () https://www.synology.com/support/security/Synology_SA_18_01Â - Third Party Advisory |
Information
Published : 2018-01-04 13:29
Updated : 2024-11-21 03:28
NVD link : CVE-2017-5754
Mitre link : CVE-2017-5754
CVE.ORG link : CVE-2017-5754
JSON object : View
Products Affected
intel
- xeon_e5_2620
- xeon_e5_2630_v2
- xeon_e3_1505l_v6
- xeon_e5_2628l_v2
- xeon_e5_2637
- xeon_e3_1225
- xeon_e3_1235
- xeon_e5_2608l_v3
- xeon_e5_1620_v4
- xeon_e5_2640_v2
- core_m7
- xeon_e5_2620_v3
- xeon_e3_1265l_v2
- xeon_e5_2630
- xeon_e5_2609
- xeon_e5_2448l_v2
- xeon_e5_2440
- xeon_e3_1240_v6
- xeon_e3_1245_v3
- xeon_e5_2430l
- xeon_bronze_3106
- xeon_e5_1650_v3
- xeon_e5_1630_v3
- xeon_e3_1225_v2
- xeon_e5_1680_v4
- xeon_e5_2603_v4
- xeon_e5_2630_v3
- xeon_e3_1270_v3
- xeon_e5_2643_v2
- xeon_e3_1265l_v4
- xeon_e5_2609_v2
- xeon_e5_2643_v3
- xeon_e3_1240l_v5
- xeon_e3_1501l_v6
- xeon_e5_2630_v4
- xeon_e5_2640_v3
- atom_z
- xeon_e3_1280_v5
- xeon_e5_2650
- xeon_platinum
- xeon_e3_1220_v5
- xeon_e5_2650l_v2
- xeon_e3_1268l_v3
- xeon_e5_2648l_v4
- xeon_e3_1275_v6
- xeon_e5
- xeon_e3_1230_v2
- xeon_e3_1270_v6
- xeon_e5_1660
- xeon_e5_2450l_v2
- xeon_e5_2428l
- xeon_e3_1501m_v6
- xeon_e5_2609_v3
- xeon_e3_1235l_v5
- xeon_e3_1270_v2
- atom_c
- xeon_e3_1280_v2
- xeon_e3_1505l_v5
- xeon_e5_2643_v4
- xeon_e5_2618l_v4
- xeon_bronze_3104
- xeon_e3_1276_v3
- xeon_e3_1290_v2
- xeon_silver
- xeon_e5_2609_v4
- xeon_e3_12201
- xeon_e5_2637_v2
- xeon_e5_2640
- xeon_e3_1505m_v5
- xeon_e3_1240l_v3
- xeon_e5_2630l_v2
- xeon_e3_1240_v2
- xeon_e3_1265l_v3
- xeon_e3_1270
- xeon_e5_2603_v3
- xeon_e5_2430_v2
- xeon_e5_1620_v3
- xeon_e5_2450_v2
- xeon_e5_1680_v3
- xeon_e5_2420_v2
- xeon_e5_2418l
- xeon_e3_1225_v3
- xeon_e5_2428l_v3
- xeon_e5_2403_v2
- xeon
- xeon_e3_1271_v3
- xeon_e5_1650
- xeon_e5_1428l_v3
- xeon_e3_1281_v3
- xeon_e5_1630_v4
- xeon_e5_2470_v2
- xeon_e5_1660_v4
- xeon_e3_1245_v5
- xeon_e3_1245
- xeon_e5_2650_v3
- xeon_e-1105c
- xeon_e5_2450
- xeon_e3_1230l_v3
- xeon_e5_2640_v4
- xeon_e5_1650_v4
- xeon_e5_2650l_v3
- xeon_e3_1230_v6
- xeon_e5_2403
- xeon_e3_1241_v3
- xeon_e5_2628l_v4
- xeon_e3_1275_v3
- core_i5
- xeon_e3_1220_v2
- xeon_e3_1125c_v2
- xeon_e5_2623_v4
- xeon_e5_2603
- xeon_e3_1245_v2
- xeon_e5_2618l_v2
- xeon_e3_1220_v6
- xeon_e5_2650l
- xeon_e3_1230
- xeon_e5_2643
- xeon_e3_1290
- xeon_e3_1270_v5
- xeon_e3_1240_v3
- xeon_e5_2440_v2
- atom_e
- xeon_e5_2637_v4
- xeon_e7
- xeon_e5_2470
- xeon_e3_1231_v3
- xeon_e3_1260l_v5
- xeon_e3
- xeon_e5_2630l
- xeon_e5_2630l_v3
- xeon_e5_2637_v3
- xeon_e3_1275
- xeon_e5_2438l_v3
- xeon_e5_2428l_v2
- xeon_e5_2407_v2
- xeon_e5_1650_v2
- xeon_e3_1268l_v5
- atom_x3
- xeon_e3_1280
- xeon_e3_1280_v6
- xeon_e5_1660_v3
- core_m5
- xeon_gold
- xeon_e3_1285l_v4
- core_m
- xeon_e3_1125c
- xeon_e5_2650_v2
- xeon_e5_2628l_v3
- xeon_e3_1245_v6
- xeon_e3_1275_v2
- xeon_e3_1225_v6
- xeon_e3_1286_v3
- xeon_e5_2407
- xeon_e5_2448l
- pentium_n
- xeon_e3_1220
- xeon_e5_2648l_v2
- xeon_e3_1285_v4
- xeon_e3_1258l_v4
- xeon_e3_1275l_v3
- xeon_e5_2603_v2
- celeron_n
- xeon_e5_1620
- xeon_e5_2650_v4
- xeon_e5_1428l
- xeon_e3_1220_v3
- xeon_e3_12201_v2
- xeon_e5_2420
- xeon_e5_2648l
- xeon_e5_2418l_v3
- xeon_e3_1230_v3
- xeon_e3_1246_v3
- xeon_e3_1286l_v3
- xeon_e5_1660_v2
- xeon_e3_1230_v5
- xeon_e5_2408l_v3
- xeon_e3_1285_v3
- xeon_e3_1240
- xeon_e3_1260l
- core_m3
- xeon_e5_1428l_v2
- xeon_phi
- xeon_e3_1278l_v4
- xeon_e5_2620_v2
- xeon_e5_2620_v4
- xeon_e3_1275_v5
- xeon_e3_1285l_v3
- xeon_e3_1226_v3
- xeon_e5_2630l_v4
- celeron_j
- xeon_e5_2618l_v3
- xeon_e5_1620_v2
- pentium_j
- core_i7
- xeon_e5_2608l_v4
- xeon_e3_1225_v5
- xeon_e5_2430l_v2
- xeon_e3_1105c_v2
- xeon_e3_1220l_v3
- xeon_e5_2418l_v2
- xeon_e3_1285_v6
- xeon_e5_2450l
- xeon_e5_2623_v3
- xeon_e3_1280_v3
- xeon_e5_2648l_v3
- xeon_e5_2430
- core_i3
- xeon_e3_1240_v5
arm
- cortex-a
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor