PT-2017-3249 · Unknown+9 · Microprocessors+12

Published

2017-12-22

·

Updated

2025-11-12

·

CVE-2017-5754

CVSS v3.1

5.6

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Systems with microprocessors (affected versions not specified)
Description The issue is related to speculative execution and indirect branch prediction in microprocessors, which may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. This can be used to read the content of memory across a trusted boundary, leading to information disclosure. The vulnerability is caused by an error in memory access control during speculative execution of processor instructions. Microsoft has released updates to help mitigate the vulnerability, preventing attackers from triggering a weakness in the CPU that could allow the contents of memory to be disclosed.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-264

Related Identifiers

ALSA-2025_16880
ALT-PU-2018-1253
ALT-PU-2018-1564
ALT-PU-2018-2253
BDU:2018-00001
CESA-2018_1062
CESA-2018_1319
CVE-2017-5754
DLA-1232-1
DSA-4078-1
DSA-4082-1
DSA-4120-1
DSA-4120-2
ELSA-2018-0007
ELSA-2018-0008
ELSA-2018-4006
ELSA-2018-4020
ELSA-2018-4022
ELSA-2018-4025
ELSA-2018-4285
ELSA-2018-4289
MGASA-2018-0073
MGASA-2018-0074
MGASA-2018-0075
MGASA-2018-0076
MGASA-2018-0077
MGASA-2018-0078
MGASA-2018-0080
MGASA-2018-0134
MGASA-2018-0172
MGASA-2018-0187
MGASA-2018-0264
OPENSUSE-SU-2018_0022-1
OPENSUSE-SU-2018_0023-1
OPENSUSE-SU-2018_0326-1
OPENSUSE-SU-2018_0459-1
OPENSUSE-SU-2018_1274-1
OPENSUSE-SU-2018_1623-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2018:0010
RHSA-2018:0016
RHSA-2018:0017
RHSA-2018:0018
RHSA-2018:0020
RHSA-2018:0021
RHSA-2018:0022
RHSA-2018:0151
RHSA-2018:0182
RHSA-2018:0292
RHSA-2018:0464
RHSA-2018:1062
RHSA-2018:1129
RHSA-2018:1319
RHSA-2018:1346
RHSA-2018:1374
RHSA-2018_0016
RHSA-2018_0292
RHSA-2018_1062
RHSA-2018_1319
SUSE-SU-2018:0010-1
SUSE-SU-2018:0011-1
SUSE-SU-2018:0012-1
SUSE-SU-2018:0031-1
SUSE-SU-2018:0040-1
SUSE-SU-2018:0115-1
SUSE-SU-2018:0180-1
SUSE-SU-2018:0213-1
SUSE-SU-2018:0219-1
SUSE-SU-2018:0285-1
SUSE-SU-2018:0438-1
SUSE-SU-2018:0472-1
SUSE-SU-2018:0552-1
SUSE-SU-2018:0552-2
SUSE-SU-2018:0601-1
SUSE-SU-2018:0609-1
SUSE-SU-2018:0638-1
SUSE-SU-2018:0678-1
SUSE-SU-2018:0909-1
SUSE-SU-2018:1603-1
SUSE-SU-2018:1658-1
SUSE-SU-2018:1699-1
SUSE-SU-2018:1699-2
SUSE-SU-2018:2528-1
SUSE-SU-2018:3230-1
SUSE-SU-2023:0634-1
USN-3516-1
USN-3522-1
USN-3522-2
USN-3522-3
USN-3522-4
USN-3523-1
USN-3523-2
USN-3524-1
USN-3524-2
USN-3525-1
USN-3540-1
USN-3540-2
USN-3541-1
USN-3541-2
USN-3583-1
USN-3597-1
USN-3597-2

Affected Products

Alt Linux
Centos
Edge
Freebsd
Ibm Aix
Internet Explorer
Sql Server
Red Hat
Suse
Ubuntu
Vmware Vcenter
Windows
Microprocessors